Blocking Vulnerable Ports Parent topic

During outbreaks, block vulnerable ports that viruses/malware might use to gain access to OfficeScan client computers.
WARNING
WARNING
Configure Outbreak Prevention settings carefully. Blocking ports that are in use makes network services that depend on them unavailable. For example, if you block the trusted port, OfficeScan cannot communicate with the client for the duration of the outbreak.

Procedure

  1. Navigate to Networked ComputersOutbreak Prevention.
  2. In the client tree, click the root domain icon (icon_root-21.bmp) to include all clients or select specific domains or clients.
  3. Click Start Outbreak Prevention.
  4. Click Block Ports.
  5. Select whether to Block trusted port.
  6. Select the ports to block under the Blocked Ports column.
    1. If there are no ports in the table, click Add. In the screen that opens, select the ports to block and click Save.
      • All ports (including ICMP): Blocks all ports except the trusted port. If you also want to block the trusted port, select the Block trusted port check box in the previous screen.
      • Commonly used ports: Select at least one port number for OfficeScan to save the port blocking settings.
      • Trojan ports: Blocks ports commonly used by Trojan horse programs. See Trojan Port for details.
      • A port number or port range: Optionally specify the direction of the traffic to block and some comments, such as the reason for blocking the ports you specified.
      • Ping protocol (Reject ICMP): Click if you only want to block ICMP packets, such as ping requests.
    2. To edit settings for the blocked port(s), click the port number.
    3. In the screen that opens, modify the settings and click Save.
    4. To remove a port from the list, select the check box next to the port number and click Delete.
  7. Click Save.
    The Outbreak Prevention Settings screen displays again.
  8. Click Start Outbreak Notification.
    The outbreak prevention measures you selected display in a new window.