Tech Note 2138: Reining in NetBIOS Traffic
Reining in NetBIOS Traffic
Technical Note 2138
Last Reviewed 20-Oct-2005
Applies to:
NetMotion Mobility 5.0 and higher
Printer-friendly version
Summary
Sitting idle, with the default networking options turned on, a Windows machine generates megabytes of NetBIOS traffic per day. On a LAN or WLAN speeds are fast enough that this isn't a problem, but on wide area networks such as GPRS and 1xRTT, where connections are slower and you're paying by the byte, this can be costly in both time and money.
This tech note describes how to easily rein in that traffic on slower networks with the Mobility Policy Management module. There are also (somewhat more time-consuming) steps you can take to limit networking traffic without the Policy Management module.
With the Policy Management Module
Mobility's Policy Management Module allows you to block all NetBIOS traffic. A policy can be implemented that blocks NetBIOS on a specific interface, any interface below a given speed, or all interfaces. Once a policy is created on the server it is pushed down to every client automatically, without the need to disable any Windows components on each client.
There are two easy options for using the Mobility Policy Management module to block NetBIOS:
Create a policy to allow only the applications you need to use on your network, blocking everything else. See tech note 2154.
Download the Disconnect NetBIOS rule (see tech note 2171), create a rule set for it, and subscribe the rule to any users or devices for which you want to block NetBIOS traffic.
With either of these options, the next time users connect to the Mobility server the policy will be pushed down to them and NetBIOS traffic will be blocked.
Without the Policy Management Module
If you don't have the Policy Management module, you can still limit Windows networking traffic by taking steps such as disabling file and printer sharing and blocking network broadcasts. Be aware, though, that these options require making changes on every client and it's difficult to know if you've gotten everything.
Turn off broadcast and multicast network traffic
Mobility, like any other VPN technology, makes a wirelessly connected computer appear to the user as if it were wired into your network. It may, therefore, also proxy NetBIOS traffic in the form of broadcasts and multicasts. NetBIOS gives users access to shared resources like printers, shared drives, and other computers.
There may be situations in which you do not want to have all traffic proxied by Mobility. For example:
You are running on public networks that charge by the megabyte
Your device is running continuously or the system is idling most of the time
Only certain applications are used, and they don't require access to network shares or printing
You can significantly reduce the traffic generated by NetBIOS, including all broadcast and multicast network traffic, by doing the following:
On each mobile device...
Disable Client for Microsoft Networks in Network Properties in the Windows Control Panel.
Disable File and Printer Sharing for Microsoft Networks in Network Properties in the Windows Control Panel.
On the Mobility server...
In the Mobility Console, under Client Settings, make sure that both Broadcasts—Block from Client and Broadcasts—Block to Client are selected (this is the default setting).
If the Mobility client device belongs to a Workgroup, make sure the Mobility server is part of the Workgroup.
If the client device belongs to a domain, the Mobility server must be a member of the same domain.
In the Mobility Console, under Server Settings, reduce the advanced setting Keep Alive—Rate (see tech note 2123).
Related Information
2123
|
An Analysis of Mobility Traffic
|
2154
|
Using Mobility Policy Management — The Basics
|
2192
|
Policy Management Example — Selective VPN
|
2171
|
Policy Library
|
9979
|
NetMotion Mobility Technical Notes
|
Please comment on this technical note.