Intervention of network communication

DP230
DP230 used Ask the Experts™
on
Dear Experts, is there any tool or code which we can use to block some ports of applications. For example: someone inside LAN network can block the communication between Exchange servers and normal PCs?

Also, is there any tool/code which can be used to track the Internet access of VPN user?

And which tool should we use to mitigate it?

Many thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
These functions are usually reserved for the more expensive enterprise level software. A few tens of grands of investments is no rarety.

If you want to do it for free, use the Windows firewall functions. Most useful for groups of computers (Group Policy). But requires a lot of work, it's not instantly click and done.

For VPN, you want to track internet access how? All originating from the home pc/laptop? Or only inside the LAN environment after they've connected?

You don't need tools to mitigate anything. Keep the network environment safe (password protect all switches/routers, keep firmware up to date), keep server room locked (where patch panels and switches are), and keep servers/PC's safe (Software/windows update up to date, user/password protected)
nociSoftware Engineer
Distinguished Expert 2018

Commented:
If you want to subvert a network it suffices to reply to ARP request before a router does, then you can catch any traffic you like,
should be doable if using a fairly fast computer with f.e. a Linux system. I guess there are some distros with the right tooling.

How to mitigate.... prevent access to your network ports using f.e. 802.1X
otherwise no solution.
Les MooreSr. Systems Engineer
Top Expert 2008

Commented:
1. Yes. Plenty of free tools to poison arp.
2. Use a client like Umbrella to report on vpn user - it gets installed on their computer and you get access to their activities.
3. mitigate #1? Good luch without spending big bucks. Or install host-based security clients that you control. And good network security configuration depending on the manufacturer of your devices.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial