Enterprise Network Planning

Z

zanycat

New Member
Reaction score
0
Location
O'Fallon, IL
Attempting to find a tool, that will allow for enterprise network planning.

For example if my client blocks port X, what systems or software on the network would be affected.
 
I've never seen such a tool. I've always had to research each application for ports it uses and poke holes through the firewall. If you find something, please let us know. :)
 
It's been a difficult hunt. Still looking though, since the company runs so many different applications, many developed in-house. With security concerns reaching epic levels (finally), management is looking for a tool to help sort out some of these issues as they fortify security. So instead of shutting down port X or disabling service X and waiting for a customer to screw that they are down. We want to be proactive with notification and resolving issues, before they are locked down
 
Could you use something like wireshark to scan for port traffic? Or even the simple netstat command in windows to see what connections are open?

A nice tool is also currports from nirsoft which will show open apps and the ports they are using
 
DarDar said:
Could you use something like wireshark to scan for port traffic? Or even the simple netstat command in windows to see what connections are open?

A nice tool is also currports from nirsoft which will show open apps and the ports they are using
Click to expand...

That's probably your best bet for finding the port information your looking for.
 
True, I thought of wireshark, but need to do more than just ports.

Trying to find a true network modeling tool, that will help with planning changes to the network.

So if I had to reconfigure a router or a IDS, I would want to know what systems in the enclave that it would affect.
 
Sounds more like to me you need a network engineer. I don't think any one piece of software is going to give you what you want. If it did, I imagine it would be mighty expensive.
 
Very true, I have not been able to find a single piece of software, nor a suite of software that will do this. As far as a network engineer, well each program has their own engineer, and getting them all in a room or to sign off on security changes, is slow. So the attempt was to speed up the process, of course there's always the fun standby method, just shut it off and see who screams. :p
 
Some of what I say may have already been said but, in my experience, I have often found that changes to software or software baseline results in the majority of unexpected issues with security. While a modeling program like that may help, especially with planning out your network layout, I'm not so sure it would really help much with security. If your issues are port specific, I know that some security software have learning modes that can analyze port traffic and lock down ports based on its analysis. If any changes occur to the software, you can just re-enable the learning mode.

I think the most surefire way to alleviate some of the issues is to test proposed changes to software in a mini, non-live environment before making it go live. This, of course, would have to be coupled with documented test procedures.
 
You must log in or register to reply here.

Similar threads

mmerry
Ubiquiti issue
Replies
16
Views
3K
NETWizz
NETWizz
HCHTech
Windows 11 folder sharing problem
Replies
19
Views
2K
HCHTech
HCHTech
britechguy
Current "tech favorites" for mesh WiFi for a large home or business covering about the same square footage
Replies
12
Views
4K
NETWizz
NETWizz
autumn
M365 merging tenants
Replies
2
Views
437
YeOldeStonecat
YeOldeStonecat
HCHTech
2022 HP ENVY x360 m Convertible
Replies
1
Views
163
Rigo
Rigo
Back
Top