Security at the Port

by | Dec 2, 2021 | IT Security

Miguel Espinosa

Miguel Espinosa

Desktop Support Specialist

Router Port SecurityAs a computer network security professional, and tasked with the network logistics surrounding the transport of goods from the Port of Houston via rail, I am daily focused on securing all communications to protect the logistics involved with America’s supply chain. I am also in an excellent position to see how the mechanics required to get goods and materials from ship to shop safely are not so different from how data is processed from device to device. Ports in computer networking are not so different from shipping ports of entry. This is true in three general ways:


1. It is a point for designating a transport protocol for items passing through. Ports of both kinds must identify:
  • What is it?
  • Where is it going?
  • How is it getting there?
2. A port is itself an endpoint. It is a unique destination and it is identified by an address.
  • The shipping ports use Automatic Identification System (AIS) codes with dock identifiers.
  • Computer port terminals use Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), with the port number being a unique IP address.
3. Ports are potential targets for attack.
  • Whether we are talking about shipping ports or data ports, some are more vulnerable for exploitation than others. Hardening security is a must.

Both kinds of ports also need to be vigilant against threat actors from around the globe. If you had a better sense about how your small business network has no less a valuable set of shipping lanes carrying valuable commodities in and out of it, you might have a better understanding about why hackers and threat actors are just as interested in breaking in to your network as it is an enterprise-sized company.

So now that you know that your ports of entry are significant targets for attack, here are four points I can share for tightening up security around them, and reducing the opportunities for threat actors to exploit your network:

1. Close unused ports.

This is important because it prevents just anyone from connecting to the network via an ethernet port.

2. Label ports.

This helps identify, visually on the hardware, where ports are at and how vulnerable they are to people coming into the building.

3. Enable port security based on mac address.

You can do this manually or dynamically. This will help prevent unauthorized users from plugging in. Dynamic uses the maximum number of Mac address before it stops learning new addresses. After that it stops new mac addresses from sending traffic.

4. Set a type of port violation.

There are 3 types:

  • Protect Only works with Sticky (Dynamically), but drops packets from mac addresses after the maximum number is reached. Will continue to send traffic from ones that are within that maximum.
  • Restrict would send a notification, and will stop unauthorized users.
  • Shutdown will send a notification and shut down the port.

It depends on the level of security you want to add to the port that will help you determine which of these settings is right for you. Protect is the lowest level, in terms of security. Shutdown the highest and the most aggressive response, and would be used for ports that could connect you to sensitive information.

With better port protections you will keep your data shipping lanes free and clean, and it should provide calm waters and smooth sailing for your business.

Hybrid VDI - Total Economic Impact of VMWare End User Computing