You may not be able to enforce what a student installs on their
machines, but if the policy of the school is not to allow P2P traffic,
then you can enforce that policy. If the student wants to use the
schools network then they must meets the schools network use policy. 

-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Anthony Maszeroski
Sent: Friday, May 08, 2009 2:46 PM
To: [log in to unmask]
Subject: Re: Using CCA to detect P2P software

I've had a student challenge me about this approach. While we are within
our rights to block p2p traffic, and to disable network access for those
_running_ p2p software, can we really tell a student which _inactive_
programs they're allowed to have installed on their personally owned
computers?

Stanclift, Michael wrote:
> We're talking about using writing some custom rules in CCA to scan
systems and detect common P2P software, starting next semester, and
denying access to the network for those who have it installed. Is anyone
else doing this? Is there a better way to go about this then custom
rules, some kind of plug in or built in feature I'm missing?
> 
> We generally block P2P traffic out of our network, but we're going to
start getting more aggressive in trying to "educate" users that using it
and trading files is not only illegal (at least, what they're doing with
it), it is a great way to infect your computer. 
> 
> 
> Michael Stanclift
> Network Analyst
> Rockhurst University
> 
> http://help.rockhurst.edu
> (816) 501-4231

--
- Anthony Maszeroski, CCNA
-----------------------------------
Information Security Manager
The University of Scranton
email : [log in to unmask]
phone : 570-941-4226
-----------------------------------