How to classify Encrypted BitTorrent traffic on a PacketShaper


Article ID: 169109


Updated On:




BitTorrent clients by their very nature are designed to be able to bypass or circumvent traditional network security methods and devices so as to allow their users access to downloads and P2P networks


Many modern BitTorrent clients have mechanisms to help users bypass security and management devices by obfuscating or encrypting the traffic to hide its true nature.


The PacketShaper has tools which can help in identifying this traffic and applying policy to it.
  1. Download the BTUPD91.plg from the Bluecoat BTO site.
  2. Upload the plugin to the 9.256/PLG folder on the PacketShaper.
  3. Restart the PacketShaper to activate the plugin.
  4. Create a traffic class called "BitTorrent" based on the BitTorrent service group.
  5. Create a child class called “Encrypted” under the BitTorrent class.
  6. Select “BT Data” as the service and under “Criterion” select “Encrypted” and enter “yes” please note this must be in lower case.
  7. Once you have the classes created you can then apply your policy to the “Encrypted” class and also the “BitTorrent/Default” class depending on how you want to control the traffic.
  8. Copy the newly created class to the other direction so that you have matching traffic classes in both directions.