![]() ![]() Perhaps the happy median is to utilize tools that allow you certain advantages… So, the alternate becomes outsourced services provider and the cost will be a chunk though they are more inapt to solve the understanding of why ports/services are allowed to being with (and were not reference just port 23 or FTP scenarios). in an acceptable DMZ or tier-architecture model). Then, you’ll probably need to perform some level of remediation or at least negotiation of what to allow and how (i.e. Reviewing each rule entry by verifying and justifying the “actual” business purpose/requirement can be a mind numbing experience since most IT and/or Security teams don’t own, validate/test (during SDLC phases), nor responsible for port/services usage …Īs a result, allocate a FTE (Full-time employee) to chase down the culprit or just understanding of the ports and services open for any given interfaces/segments. Many compliance efforts include a firewall review and doing it effectively will have cost and risk at odds.
0 Comments
Leave a Reply. |