Should a small company block multicast on their network?
The only multicast apps I've ever used are the Ganglia monitoring tool and ntp on occasion (and that's not the default ntp configuration anyway). It's not terribly clear to me how much multicast is really used these days on small networks like you describe so I'm not sure if blocking it matters too much.
At the same time, I don't see any reason to block it inside your network without a specific threat. I vote for leaving it unblocked in your network.
I would say block it at the edge of your network just to be safe, although by default multicast isn't routed anyway unless you go through extra hoops.
Blocking Multicast at the border has some good things going for it. Blocking it internally I personally don't agree with. This is an opinion.
Here's a SANS article that might shed some light into Multicast security concerns. Also, it might be a good idea to look around SF for past Multicast questions, and notice a pattern of issues that that might potentially affect your network.
- Why does multicasting make the WAN inaccessible?
- Why are my listener-less multicast packets affecting Wifi performance?