Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 742
  • Last Modified:

Topology Discovery and evading firewall policy

We're implementing a Topology Discovery tool from BMC that spawns multiple network connections(TCP and UDP) connections. The firewall policy(SmartDefense) is strict in the company and management want to limit the concurrent sessions to 60 per second per ip.  The Discovery product doesn't have the micro options for fine tuning NMAP connections within the tool and it spawns > 100 sometimes and so the tool is erroring out manytimes. Are there ways to evade the firewall rules without touching firewall settings?
0
lsmk
Asked:
lsmk
  • 4
  • 2
  • 2
  • +1
2 Solutions
 
rsivanandanCommented:
If there is a way to do this then the firewall is no good :-)

By default you can't do it.

Cheers,
Rajesh
0
 
lsmkAuthor Commented:
There is a way to do it by splitting the discovery tasks into smaller tasks but again it is a tedious process for a bigger company which involves 1000s of smaller tasks. Again my question is: Any external parameters/options/network or NMAP settings possible without changing the settings of firewall?
0
 
Bill BachPresidentCommented:
Does BMC's tool need to run full-time?  Disable the FW restriction, run the tool, and reenable the FW restriction.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
rsivanandanCommented:
1. May be you could schedule it to run in the nights so that nobody is affected ?

2. Or else scheduling in small intervals, however this doesn't solve the problem of 60/s.

Cheers,
Rajesh
0
 
lsmkAuthor Commented:
Thanks for your solutions but i'm looking for something different.
0
 
Bill BachPresidentCommented:
I guess that I'm just not sure what kind of solution you are looking for.

Firewalls are designed to prevent the "bad" behavior like this, as it could be caused by a virus establishing lots of outbound Email connections, a trojan horse trying to break into other machines, and the like.  If the firewall could be worked around in this case, then it could be worked around in any case, and it would be somewhat useless.  Sounds like you want the impossible.
0
 
lsmkAuthor Commented:
i'm looking for network settings(NMAP...etc) IF ANY pssible outside firewall and the Discovery product that can take care of the number of sessions for a particular discovery job.

Looks like it is not possible as i originally thought.Thanks all.
0
 
lsmkAuthor Commented:
this thread may be closed
0
 
Computer101Commented:
Forced accept.

Computer101
EE Admin
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now