20 Critical Security Controls: Control 9 – Limitation and Control of Network Ports, Protocols, and Services


20 Critical Security Controls: Control 9 - Limitation and Control of Network Ports, Protocols, and ServicesKey Takeaways for Control 9
Reduce your attack surface. So much of control 9 is about limiting the external attack surface of a system. This is always the first step in securing an endpoint.
Duplication with other controls. Everything being done in control 9 is going to be accomplished by completing other controls elsewhere. I would probably leave this one for last as it’s the least impactful (due to duplication) out of any of the controls.

Source: tripwire

Requirement Listing for Control 9

1. ASSOCIATE ACTIVE PORTS, SERVICES AND PROTOCOLS TO ASSET INVENTORY

Description: Associate active ports, services, and protocols to the hardware assets in the asset inventory.

Notes: Utilize the same technology, or at least the same asset database which you are using in Control 2 (specifically 2.5). A more advanced integration would be to tie the ports and protocols to the applications and then associate the applications with a business unit if possible. This would also relate to control 11.2, which asks to associate traffic configuration rules on the network to a business unit.

2. ENSURE ONLY APPROVED PORTS, PROTOCOLS AND SERVICES ARE RUNNING

Description: Ensure that only network ports, protocols, and services listening on a system with validated business needs are running on each system.

Notes: Create the baseline of what is listening on the systems. Over time, you can comb through the results and make sure nothing is out of the ordinary. As you are going through that process, new ports should trigger an investigation if they are not expected. Using a vulnerability scanner such as IP360 or a tool like Tripwire Enterprise to list out ports will make this much easier on the security teams. …More

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: