Junk traffic

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Junk traffic

L4 Transporter

Is there a good way to verify good traffic from junk traffic.?

4 REPLIES 4

Cyber Elite
Cyber Elite

Hi !

 

That's a tricky one!

the only real way to filter out good from junk is to 'know' the network

 

this will most likely require a little legwork where you talk to whomever is responsible for a set of servers to see if they can tell you which connections are needed and which arent, which in most cases will result in the sysadmin replying "ALL PORTS NEED TO BE OPEN" or something along those lines 😉

 

you can go about creating some custom reports that highlight the overall app category, that should split up most 'business' traffic from 'not so business' and then you can tune from there

 

2017-02-10_16-46-57.png2017-02-10_16-49-11.png

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Good idea reaper I have been trying to use the ACC too. I am trying to tighten up our DMZ 😛

Sadly DMZs take a long time to actually secure properly if they are already running production services. Mgmt doesn't want you to bring anything down, but at the same time I've seen DMZ that was configured to allow anything between their internal zone and had outside RDP open to the servers. Took me a very long time to explain that they had destroyed any reason to have a DMZ in the first place. 

I hear ya Bpry

  • 1853 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!