Enterprise Considerations for Ports and Protocols

The need to control information flow to a restricted set of accepted protocols arises from the vulnerabilities that may come from any protocol. Reducing the acceptable protocols to a small set of well-tested standard protocols will reduce the attack surface and provide high confidence in selected communications. These protocols are restricted to specific ports or addresses in the receiving web service. HTTPS is familiarly restricted to port 443. In the standard nomenclature, this traffic may be configured as either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). The standard ports are defined by Internet Assigned Numbers Authority (IANA). The IANA is responsible for maintaining the official assignments of port numbers for specific uses. However, many unofficial uses of both well-known and registered port numbers occur in practice. Screening of acceptable ports and protocols has been done, in the past, by network appliances known as firewalls. Communications on the approved list were permitted, others blocked. However, many appliances now have such functionality and the server or service may have a host-based security system that can apply this functionality. This paper covers enterprise considerations for screening of ports and protocols. Index Terms — Appliance, Firewall, IT Security, Traffic