Follow

PortMap

Service changes for big or small networks happen all the time. It might be hard for information security specialists to keep track of these changes in the agile real world. With PortMap you will know when you have a new open or closed port in frequencies you like. NormShield also monitors the changes of the services utilizing the ports.

Clicking Intelligence->PortMap submenu and selecting the related company will show the PortMap interface shown in Figure 1. The interface include tab items and the dashboard includes the daily trend of new/old open and closed ports, a tree-map charts of both open port distribution and a top ten list of assets having most open ports.

Figure 1 - PortMap Dashboard

Clicking Configurations tab shows all the previous PortMap configurations created. Editing and deleting operations can be carried here. Moreover, new configurations can be created by clicking New Port Configuration button where the dialod is shown in Figure 2. Here the assets scope a, target ports, scheduled port scanning times and advanced scanning options can be selected/edited.

Figure 2 - PortMap configuration dialog box

The input names and their explanation are shown in Table 1.

Input Name

Detail

Scan Scope

The one or more labels of assets that are wanted to be in port scanning scope

Policy

Hardcoded and custom port scanning policies whose values are reflected in TCP Port(s) and UDP Ports(s) fields when selected

TCP Port(s)

The TCP ports that will be scanned

TCP Parameters

The nmap tcp parameters used when scanning. Shown only when advanced button is clicked. Default value: -n -Pn -sS -T4

Reference

UDP Port(s)

The UDP ports that will be scanned

UDP Parameters

The nmap udp parameters used when scanning. Shown only when advanced button is clicked. Default value: -n -Pn -sU -T4 --max-rtt-timeout 1 --max-retries 1

Reference

Period

The periods of port scanning. One of daily, weekly or monthly

Start Time

The start time that the scanning should begin

Notify Me When

The email notification options;

·        notify when any difference occurs

·        notify only when new ports are opened

·        don’t notify

Table 1 - The input listing of configuring a port scanning

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk