The Internet is a system which was designed and built on protocols and standards. Different applications had their own ‘ports’ assigned and this way, transport, routing and management of interweb traffic was rather straightforward. These were not ‘rules’ or ‘laws’ simply polite convention which everyone with good manners would follow.
Unfortunately, in today’s world there has developed a distinct lack of manners. There a no more conventions. If you can’t use a certain port, just use another.
Hence the idea of locking down your business with firewall ports and protocols is now obsolete. You should be more interested in identification and behaviour analysis of network connections to and from your company, rather than just what ‘door’ they decide to use.
ACC Yotta were one of the first UK based agencies to partner with the inventors of the ‘Next Generation Firewalls’ Palo Alto Networks. We have been recommending and using these products since we started back in 2008, and time and time again have educated organisation to secure their assets based on sophisticated application diagnosis rather than simply down to ports. For instance, if you want to block telnet activity from the internet, don’t simply think you can do so by blocking traffic on port TCP 23. Telnet can be used against any open port. The solution is to block any traffic that behaves like Telnet – forget ports.
Ports are so yesterday.
Naturally, it’s not possible for everyone to carry around a Palo Alto Networks firewall wherever they go, so at the desktop, ACC have teamed up with award winning A/V vendor BitDefender. Mainly because this is an extremely effective product at threat and malware detection, but also because of it’s simplicity of management and it’s ‘invisibility’ to the user, it has an extremely minimal impact on the user experience, so there is virtually no negative impact of using the product, so much so you quickly forget about it.
Technology you can forget about, in our book, is the best sort of technology.