Second, any application can run on any port. Rather than basing the decision solely upon the port number, the decision...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
makers must consider the applications that will run on those ports.
For example, consider two different organizations running Web servers on port 80. One is an e-commerce site using the Web server to sell goods to the public. The other is a military intelligence organization using the Web server for internal sharing of highly classified information. In this black-and-white example, it's fairly obvious that the e-commerce site needs a firewall rule allowing port 80 from the Internet to the Web server. On the other hand, the military intelligence outfit would definitely not want to allow a similar kind of inbound access.
The best answer I can offer you is that you need to consider the risks and make a decision appropriate for your enterprise. Here are a few questions you should ask yourself that will help inform your decision:
- What is the business case for opening these ports?
- What service(s) will run on the exposed ports?
- What is the destination scope of the rule? Will it be limited to systems in the DMZ? Will it be limited to a single system or a broad group of systems?
- What is the source scope of the rule? Will it be limited to a single system or network, or will it be exposed to the entire Internet? Who controls those system(s)?
- What type of information will be transferred over this connection? Will it be encrypted?
For more information:
Dig Deeper on Network Firewalls, Routers and Switches
Related Q&A from Mike Chapple
The rights of medical identity theft victims have been confused by health providers, but the rules under HIPAA are actually quite clear. Expert Mike ...continue reading
The New York State Department of Financial Services announced plans to increase cybersecurity regulations for financial firms. Here's what they need ...continue reading
Smaller organizations have a tougher time handling the compliance burden, specifically from the PCI DSS requirements. Expert Mike Chapple has some ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.