Port Blocking Isn't Enough Security III
The application/port-number inventory should produce a list of applications with names meaningful to the business. That is, instead of saying "Server A is running NetBIOS over port 135," the inventory should say, "Our internal cash management system, Enterprise*Cash, uses NetBIOS port number on Server A." That makes sense to network managers and security officers who have to watch for malicious codes. However, Enterprise Cash means something to the finance department. This empowers both sets of managers in the defense decision process. An inventory must also take into account the underlying applications that support the networked business application, such as operating systems, databases and a firewall that all reside on the same server and that all require TCP ports.
Such an inventory requires a much more involved process that relies on both technical and non-technical methods. But, through this endeavor, businesses will understand the business impact of implementing defensive network access controls, such as those recommended for the Blaster Internet worm incident, against future attacks.
Eventually, CIOs will require this type of application/port-number inventory. It's just a wise business practice, not unlike maintaining well-indexed customer files. In so doing, they might not prevent the next Blaster, but they will make sure to minimize its effect on their operation, and thus the bottom line.
You will find much more on this topic at WorldsLargestNetwork.com
| |||||||
 | |||||||
| |||||||
| |||||||
| |||||||
|
WorldsLargestNetwork.com
