Control Instant Messaging

Instructions to control use of instant messaging, especially for environments where it can be disruptive such as the classroom

Passing notes in a classroom has become an anachronism. Today, children forward electronic messages to each other with a variety of instant messaging protocols. This activity can be just as disruptive, if not more disruptive, than old-fashioned notes.

The following instructions detail how to severely restrict the traffic when disruptive, and let it pass when okay.

Steps:

1. Create a folder traffic class called InstantMsg to contain all your instant messaging traffic. Create this folder for Inbound and Outbound.
   

2. PacketWise detects many types of instant messaging traffic and automatically creates individual traffic classes for them. If you already have any instant messaging traffic classes, move them into the InstantMsg folder.
   

3. Create new traffic classes under your InstantMsg folders to contain your instant messaging traffic that does not already have its own class. Choose any or all of the following instant messaging protocols from the Service field:
   
   • AOL-IM-ICQ (AOL 8.0  AOL Instant Messenger & ICQ)
   • IRC  (Internet Relay Chat)
   • MSN-Messenger (MSN-Messenger Chat Service)
   • YahooMsg  (Yahoo! Messenger)

   
   Just use the AOL-AIM-ICQ service for a class that identifies all traffic associated with AOL and ICQ instant messaging. But if you want to separate traffic for different components of these types of traffic, you can do that too. The following services and protocols make up the AOL-AIM-ICQ group and can be classified separately, if needed:
   
   AOL-IM:          AOL - Instant Messenger & ICQ Client-Server
   ICQ-2000:      ICQ - ICQ2000 Client-to-Client Protocol
   AOL-IM-Talk:   AOL-IM - Point-to Point-Talk
   AOL-IM-IMAGE:  AOL-IM-Image - Point-to-Point Chat
   AOL-IM-File:    AOL-IM - Point to Point File Transfer
   AOL-ISP:         AOL 8.0 ISP client traffic
   AOL-Default:   Unknown AOL traffic
   
   Similarly, a traffic class with IRC as its service actually classifies several different types of IRC traffic. You can classify them together as a group (recommended) with one IRC traffic class, or you can pull components out separately, if needed, with individual classes. IRC
   
   IRC-194:        Internet Relay Chat - General chat traffic
   IRC-6665:      Internet Relay Chat - General chat traffic
   IRC-6667:      Internet Relay Chat - General chat traffic
   IRC-Secure:   Secure Internet Relay Chat - using SSL
   IRC-Servers:  Internet Relay Chat - Server-to-Server traffic
   IRC-Chat:      Internet Relay Chat - General chat traffic
   IRC-DCC:       Internet Relay Chat - Direct Client-to-Client traffic
   

   You can also use any other traffic-class criteria, such as port number or server name, to identify your messaging traffic.

4. Decide on your management strategy. For the remainder of this example, we'll suppose you want to severely restrict instant messaging from 8:00 AM until 3:00 PM. Otherwise, you'd like it to have access to the network with a low-to-medium priority.
   

5. Determine the appropriate policies and partitions for your instant messaging traffic classes.
   
   If you block your instant messaging entirely, it has a nasty habit of port hopping — jumping from port to port, trying to find an avenue that works. Although PacketWise's Layer-7 classification can usually still spot the meandering messaging as it switches ports, the network overhead involved in initiating and tearing down all those short-lived connections imposes a high price. Therefore, the best approach is not to block instant messaging, but to let it proceed at just a trickle.
   
   For our example, during classroom hours, a non-burstable partition with a 2 Kbps size would be appropriate.
   
   For between 3:00 PM and 8:00 AM, a burstable partition with a size and limit of 8 percent and 30 percent, respectively, of the network WAN link would be appropriate. A priority policy at priority 2 would rank the traffic's access to bandwidth
   above the 8 percent.
   

6. If you don't need to vary your management strategy according to a schedule, and you just want one consistent strategy in place at all times, then create your partitions from the previous step for your inbound and outbound folder classes using the WUI. Then, still using the WUI, assign your policies to the traffic classes within your folder classes. You're done.
   
   Otherwise, if you do need to vary your management strategy according to a schedule, continue to the next step.
   
   
7. Determine the CLI (command-line interface) syntax to enforce your commands. For our example, the CLI commands would be:
   
   For classroom hours:
   partition apply inbound/InstantMsg 2k fixed
   
   For off hours:
   partition apply inbound/InstantMsg 8% 30%
   policy apply priority inbound/InstantMsg/AOL-IM 2
   policy apply priority inbound/InstantMsg/MSN 2
   policy apply priority inbound/InstantMsg/IRC 2
   policy apply priority inbound/InstantMsg/YahooMsg 2
   

   Remember that although you can apply a partition to a folder class, you must assign a policy to a real traffic class with matching rules.
   
   Another set of the same CLI commands is needed for the same class names under the outbound branch.
   
   For help with partition and priority policy CLI commands, see partition apply and policy apply priority.
   

8. Create a command file for each group of CLI commands that needs to be executed together.
   
   For our example, create two command files, called MorningMessaging and EveningMessaging.
   
   
9. Test each command file with the run command and check that the configuration details that you intended to change were indeed changed.
   
   
10. Schedule the execution of each of your command files.