1 Reply Latest reply on Sep 15, 2010 9:47 AM by martin.dimov

    Old printer mappings causing increased UDP traffic

      We are using McAfee Firewall Enterprise Ver 7.0.1.02 and we have noticed since installing a bunch of firewalls on our network any old printer mappings on any old client, or machines that are no longer in use or even the printer isn't even there the client or machine will still try to connect to that printer i.e. the ip address increasing the UDP traffic over the network to the point of taking down a network.  An example the other day we found and this is starting to become a trend for us -  A school had a printer that is no longer in use, but for ease of administration technicians use to map printers remotely to clear printer ques, etc. A laptop with a mapping IP address to this old non existing printer was hooked to a network on another school attempts to connect to this printer - increasing UDP traffic to a point of taking down the whole network at the school where the printer was - iphones, etc.  We ended finding the culprit, but now are realizing this is only our tip of the iceberg as more of these problems are arising.  I have googled and notice there is a way to setup ISA server to limit clients to a upper number of UDP packets and not sure if that is the solution for this problem.  What we are trying to not do, is increase the workload on the firewalls as much as possible.  Not sure if any of you have come across this, or if you might have a solution. 

       

      Thanks in advance, any more details you need let me know.

       

      Server 2003 environment we are running

       

      Thanks

      Terry