Sunday, May 7, 2017

It's good to have access port control

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Silent_Bob_is_Silent

Once you know about a security vulnerability, you can add firewall rules to protect yourself against attacks from outside the firewall.

But what about the inside? If you have someone scanning for a vulnerable machine (or an infected machine scanning its neighbors) inside your network, your firewall may not be of much use - it probably won't be in the forwarding path of the traffic.

FAUCET gives you very low level port level control, and makes it safe it easy to deploy a port level ACL (in this example, by blocking AMT access with a few TCP destination port matches).

FAUCET can also block layer 2 only traffic that a firewall can't see at layer 3.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.