13 Defining the port settings for a custom protocol.
FIGURE 15.14 Choosing whether to use secondary connections for a custom protocol.
430 CHAPTER 15 Securing RPC Traffic
Once created, the protocol can be used for either access rules or server publishing rules,
depending on the direction defined in the port settings (outbound versus inbound).
Summary
The field of RPC communications promises enhanced productivity and functionality, but
it is riddled with the land mines of unsecured RPC traffic. Fortunately, however, ISA Server
2006??™s RPC filtering functionality enables organizations to take full advantage of RPC??™s
capabilities without needlessly exposing services to the risks associated with RPC traffic.
The ability of an ISA server to inspect individual UUIDs in RPC traffic and allow only
those used by specific applications is highly valuable, and can greatly improve the ability
to secure a networked environment.
Best Practices
. Secure RPC communications across network segments whenever possible.
. Create custom RPC protocol definitions to restrict RPC traffic to specific RPC UUID
interfaces.
. Use server publishing rules to protect servers and services from specific types of
traffic, particularly RPC-based traffic.
Pages:
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682