How do you throttle Dropbox Traffic?

  • It appears that Dropbox uses Amazon AWS for it's storage, so I am not able to just block or trottle traffic to dropbox.com

    Since there are a lot of web services that rely on AmazonAWS, I cannot just block that domain.

    Do you have any suggestions on how to handle dropbox traffic?

    I am working from a cisco ASA, but I suspect this applies to all firewall managers

    Which ASA Model? The 1st gen or the 2nd gen X model with CX capabilities?

  • Update your firewall to one that knows applications (commonly called "Next Generation Firewalls" these days). Palo Alto Networks is a good example. Instead of opening your firewall to IP-based destinations, you allow the application "Dropbox" and don't care about the destination. You are also able to put some QoS on top of Dropbox. For example, you could create a QoS policy that gives Dropbox a maximum of 5 mbps bandwidth.

    A lot of other Firewall vendors have come up with similar solutions to the one of Palo Alto Networks. I know that Juniper SRX and Checkpoint do it now, not sure about Cisco though. The important thing is that your firewall understands applications (on layer 7) versus just layer3/4.

    Thanks. though I was hoping that was not the answer. Seems like the ASA is coming out with their X series which is gear more towards the upper layer, but that will probably involve more $$$ I wish we could upgrade our fleet of devices rather than testing new hardware, and learning new software in order to accommodate new technologies on the internet.

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM