Hi
What IDP box and version do you have?
The new feature in IDP 5.0 - application identification - allows to use IDP as an application firewall (particularly, the new APE rulebase is used for that). This feature was designed to block/allow specific applications on any port, so you probably should try it, as long as you already have IDP. Note however that for older IDPs (200, 600,...) it is not recommended to use this feature in production (see release notes).
- pk