For as long as there has been portable recordable media, there has been a desire to share music and movies with friends and family. While this is normal and acceptable to the majority of consumers, copyright holders and publishers vociferously object to it because it doesn't involve royalty payments. Though there were underground music search engines before it, the first big music and movie file sharing success was Napster. Napster made it easy to share your media files with others while searching through other network participants' shared media for something you wanted to download. Then the lawsuits from the music industry started, and have not yet abated despite the growth of distributed networks, file sharing search engines hosted in "safe" countries, and successful legal challenges to the litigation.
The problems with P2P networks are broader than just sharing legitimate (though potentially copied without permission) media files. The proliferation of malware, spyware, and trojans masquerading as illegally copied software and media, and security and privacy issues related to opening one's computer to a large, anonymous network are (or should be) of great concern to individual users.
With the decentralization of P2P networks, cracking down on their use has become a nearly impossible task. Regulating or cleaning out existing decentralized networks is just as difficult. The recording and music industry cartels continue to issue mass lawsuits against people with nothing more than log files and IP addresses as evidence, but defendants are beginning to fight back rather than settle out of court for thousands of dollars, and several have successfully beat the lawsuits, including at least one defendant who successfully recovered legal defense fees from a record label.
Lawsuits like these -- even if you end up winning in the end -- can cause a lot of stress, expense, and can generate a lot of difficulty for a school or business. You also don't want some of the shady stuff that shows up on P2P networks, such as the aforementioned malware and various forms of deviate pornography (some of which may be illegal in your country), to get through onto your business machines. So if you want to prevent employees or students from connecting to P2P networks, something like the SafeMedia Clouseau may be an ideal solution.
Models and packages
The Clouseau is available in three different hardware configurations, meant to accommodate three levels of use. The Clouseau 10 is designed for 10/100 networks with up to a T1 Internet connection and a maximum of 20 users; the Clouseau 500 is meant for 10/100/1000 networks with up to 100 users; and the Clouseau 1000 is capable of handling Internet traffic on 10-gigabit networks. I tested the Clouseau 10 for this review.
The SafeMedia Clouseau 10 is a network appliance in an 8-port router formfactor. You plug it in between your Internet connection and the machines you want to filter P2P traffic to. In theory, you should be able to put any other appliance before or after the Clouseau, including routers, wireless access points, switches, and computers, though more complex network configurations may cause some difficulties in updating the Clouseau. The device itself requires no configuration to set up or use -- you just plug it in and go.
The Clouseau is solidly built. The model 100-IXP revision 9 that I tested was built from a Lanner FW-3600J network router, which has some pretty impressive stats: a 533MHz XScale processor, 128MB onboard RAM, 32MB flash memory, 9-pin serial port for terminal access, four outbound10/100 Ethernet ports, one inbound WAN port, two Ethernet ports that seem to be disabled, and it appears to run some kind of stripped-down Linux operating system internally. This is hardly a consumer-grade router.
Two of the rear Ethernet ports are unusable, and the documentation doesn't say much about them, except that they aren't used. The Clouseau is poorly labeled -- you need the paper documentation to figure out which port is for your incoming Internet connection and which ports are outgoing to client machines. It's powered by a 5v "wall wart" DC power adapter, and operates at a temperature that is slightly above comfortable for a network appliance, but not intolerably warm. You'll definitely want to put spacers between the Clouseau and other network appliances or devices, though the same could be said about most routers, switches, and modems.
Putting it to the test
The first thing I discovered about the Clouseau's filtering abilities was that it did not block file transfers over traditional protocols, which is good -- the device is not supposed to filter out any of this traffic. I could transfer music and movie files over the local network and over the Internet through FTP, HTTP, SSH, email, and rsync. So the Clouseau is not going to interfere with manual file transfers, nor will it get in the way of particularly savvy Internet users who want to trade files. This is not the sort of activity that the recording and movie industry cartels are litigating to stop, however.
What Clouseau does block is P2P programs, protocols, and networks. No matter what I did on my local machine, I could not get FrostWire or LimeWire to connect to a network. I didn't try other P2P programs, but I'm sufficiently convinced that they would be blocked as well, since they connect to the same networks over the same protocols. I even tried changing the FrostWire communication ports to non-standard settings, and still couldn't get a P2P connection. The device blocks any communication between what SafeMedia refers to as contaminated P2P networks, which contain malware or illegally copied and distributed media, and your local network.
Though it may be perfectly fine to block all filesharing traffic from programs like KaZaa and FrostWire, it is definitely not okay to block all BitTorrent traffic. BitTorrent was designed and is regularly used to distribute movies, music, and software in a perfectly legal manner. Most Linux distributions use BitTorrent as the only or preferred download choice for large CD and DVD ISO files, and Blizzard Entertainment's more than 9 million World of Warcraft customers get their monthly game patches and updates via an integrated BitTorrent mechanism. So it's important that legitimate traffic like this makes it through the Clouseau.
During my initial round of testing, I ran into several problems. I was not able to download torrents of an Ubuntu beta release CD ISO, an Ogg/Theora video of Richard Stallman announcing the GPL version 3 license, or the July 2.1.3 WoW patch; all were blocked by the Clouseau. I also experienced network delays when download large files or playing World of Warcraft for an extended period of time, though I can't say for certain that the Clouseau was directly or solely responsible for that. In my initial testing I was unable to find any torrents from "the wild" that would download. SafeMedia did provide me with a list of known-working torrent networks, but I was only interested in testing networks and files that I knew might be overlooked. I was also unable to download any of the legal BitTorrent files shown in the Vuze BitTorrent client's front page.
Since the above was not an acceptable scenario on my network, I called the support phone number given to me as part of the review kit. After a few days of internal testing, SafeMedia informed me that the Warcraft issue was related to a potential security vulnerability and that it would take more time to gauge whether or not it was safe to whitelist. Most of my problems appeared to have been caused by interrupted or faulty update processes; my Clouseau could not receive updates, so it wasn't fully capable of filtering properly. This may have been due to the configuration of a consumer-grade Linksys WRT45GS router that I had in place directly before the Clouseau on my test network, but the exact cause of the problem is still not clear. When it was finally updated, I was able to download the RMS video and the Ubuntu ISO through the Clouseau. Warcraft remains an issue because of the potential security problem, but patch files are still able to download through the fallback HTTP transfer method in the World of Warcraft update utility.
The only documentation of note included with the Clouseau is a monthly-updated set of release notes. The first edition of these notes did not provide sufficient information, but during my test period the company provided a more detailed version that addressed the Warcraft issue and provided better, more specific instructions for contacting the company's support department. The official procedure for adding P2P networks to the Clouseau whitelist is to email a specific address at SafeMedia. The company claims that within three hours of receipt of this email, the requested network will be allowed through the Clouseau if it is found to be safe and, in the company's words, "uncontaminated" by illegally distributed material and malware.
Conclusions and manufacturer recommendations
Overall I found the Clouseau 10 to do much of what it was supposed to do -- filter out P2P traffic -- though I did run into some technical problems. This is a device that evolves over time via software, so if it blocks legitimate P2P traffic on your network, you may have to work with SafeMedia to add specific networks.
Clouseau is an inexpensive, low-maintenance, zero-configuration device that does all a machine can do to intelligently block traffic that could get you in trouble with the law or harm your computer. This certainly beats a custom firewall configuration, which can at best limit traffic over certain ports. A firewall is not a complete solution because you can forward P2P traffic to valid ports, like 80, to work around the restrictions.
I am not convinced that a product like the Clouseau can ever be perfect in its intelligence. Like with spam filters, you're going to run into false positives (BitTorrent networks that are clean but are blocked initially), and you may well find networks full of illegally shared software and media files and malware that hasn't been blocked yet. The best you can hope for is to eliminate most of the definitely bad traffic and let human beings tweak the filters to make them more accurate.
Here's what I'd like to see from the Clouseau in the future:
- Standard, thorough documentation. Though the latest copy of the release notes is a step in the right direction, it's still not what I'm really looking for as a network administrator. I'd rather have the complete documentation in hand before I touch the device so that I know what to expect once it's connected.
- Better on-device silkscreening. There should be better labeling of ports, so that if the documentation is not available, the device can still be implemented intuitively.
|Device||Network traffic filter|
|Device support||Single inbound 10/100 Internet connection, three outbound 10/100 Ethernet ports|
|Price (retail)||Not available through retail channels as of this writing|
|Product Web site||Click here|