Cisco Meraki Access Points and Security Appliances have the capability of creating Layer 7 firewall rules. These rules make the job of a network administrator easier by giving a verbose description of what will be blocked. These rules can be created and applied:
Below is an example of three layer 7 rules configured to block all peer-to-peer traffic and assorted file sharing:
This example only blocks specific services/protocols, while still allowing some desired services:
While the specific rules to implement will be dependent on the environment, the general recommendation for blocking unwanted P2P traffic is to use the rules for:
Note: File sharing programs, such as BitTorrent, are now able to be configured to encrypt traffic as secure HTTPS, potentially bypassing P2P traffic shaping rules that have been configured. Cisco Meraki MX Security Appliances and Wireless APs are capable of detecting some of the encrypted P2P traffic on the network. When encrypted P2P traffic is detected, it will be matched to any configured P2P traffic shaping rules, and honor the limitations that have been configured. However if the traffic is encrypted, it may not be possible to accurately classify all of the offending traffic.