28.4.08

Palo Alto Networks - Report on Application Usage and Risk

Palo Alto Networks, a provider of firewalling solutions, has released a report on the utilization of Internet by employees at corporations. The report is based on the analysis of 350,000 corporate end users of 20 large organizations across financial services, healthcare, government, retail and education. Their main findings are:

  1. End users are actively circumventing IT control mechanisms
    • External proxies, the kind IT does not support, such as CGIProxy and KProxy, were present in 80% of the customer networks.
    • Encrypted tunneling applications such as TOR (The Onion Router) was found 15% of the time.
    • Web-based file transfer and storage applications such as Megaupload, YouSendIt and MediaMax were detected in 30% of the sites.
  2. Port 80 is much more than Web surfing
    • Over 90% of the applications traversing port 80 are not "web browsing".
    • Most applications (over 50%) using port 80 and not business related.
    • Webmail was found in 95% of the cases while IM use was found in 100% of the cases.
    • Google applications such as Google Docs and Google Desktop are in use in 60% of the sites.
  3. Bandwidth hogging applications are more common than ever
    • Video over HTTP is consuming significant bandwidth in 100% of the sites.
    • Streaming audio was present in 95% of the cases.
    • Peer-to-peer file sharing applications were found in 90% of the sites assessed, indicating that enterprise control efforts are falling short.
    • Applications such as TvAnts and UUSee that use P2P as the underlying video streaming technology was found in 25% of the sites.

They note that "acceptable application use policies are inconsistent", setting up the basis for further abuse.