It’s That Time Again: New App-IDs for March Madness

Have you filled out your bracket yet? It’s once again that time of year when NCAA college basketball takes over the United States and the less sane among us worry about which Cinderella team will help win the office pool.

Sure, it’s a lot of fun. But as we’ve said before, many security and network administrators view March Madness differently – it’s a big impact to network traffic, thanks to the sheer volume of video streamed over the corporate network and the ubiquity of access to that video using various devices.

That online video has grown so fast is no surprise – that’s been the story for years. But in our most recent Application Usage and Threat Report (AUTR), we found 112 photo-video applications (out of 1,395 identified) running on corporate networks. They consumed 13 percent of all corporate network bandwidth, or roughly the equivalent of 557,000 two-hour, high-definition movie downloads.

AUTR data shows that the vast majority (96 percent) of corporate networks we analyzed had an average of 30 photo-video applications running at a given time. And it’s worth remembering not only that video is video a bandwidth hog but also that it is commonly used as an enticement by cyber criminals. “Click here to see the funny cat video.” Unknowingly, you may have downloaded some malware in the background.

As usual, Palo Alto Networks has you covered. Our platform allows us to create custom App-IDs and share them in time for expected network challenges like March Madness.

We’ve just released new custom App-IDs to help manage various video players and the ads that run on their platforms, allowing you to limit the streaming of games and manage corporate network bandwidth before it harms business productivity. You’ll also have full visibility and control of your network by user so you can easily see how network resources are consumed.

These App-IDs are available now for no charge to Palo Alto Networks customers as XML files, accessed via our community here.

Our custom App-IDs are the types of things users can develop and share for any application based on HTTP, HTTPS, DNS, FTP, IMAP SMTP,  Telnet, IRC (Internet Relay Chat), Oracle, RTMP, RTSP, SSH, GNU-Debugger, GIOP (Global Inter-ORB Protocol), Microsoft RPC, Microsoft SMB (also known as CIFS) as well as unknown TCP and unknown UDP.

We all know how useful applications like YouTube are for marketing purposes, but organizations should be asking themselves just what is the business use case for so many photo-video applications running on their networks? With the visibility and control we provide, you’ll have a much better sense of what’s running on your network so you can start to answer “why.”

Leave a comment below and let me know what you think.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS