Don’t know what it is? Read here to learn:
When the organization’s network is not being filtered and monitored using the organization’s firewall, that exposes the organization to a significant security risk.
In most organizations the firewall is used as a gateway guard to protect the organization’s data and users from malicious traffic and attacks.
To ensure proper security management, it is strongly recommended to strengthen the outgoing traffic and make sure that all of the organization’s outgoing communications uses services & ports that are familiar and approved.
Here are some of important services that is recommended to monitor and should be blocked:
22 SSH
23 Telnet
59 DCC
69 TFTP
119 NNTP
135 RPC
137-139 Netbios
161-162 SNMP
445 SMB
1433-1434 MSSQL
3306 MySQL
3389 RDP
9001 & 9030 TOR Relay Server
CyRay is providing its customers with the following report in order to give the organization the ability to review the findings and decide if the communication poses any risks or not. This allows for accurate real-time monitoring, improves incident response, and helps the SOC operation personnel and platform managers take appropriate actions.
Cyray’s clients get a full coverage of all outgoing traffic, we analyze our customers’ traffic to identify any potential risk, and provide a proactive action plan to our clients allowing them to mitigate it.
Do you think of any more services to add to this list?
You can easily add it and you will get an alert for each communication with the service.