.png)
Network Control: Your Questions Answered
Table of Contents
After our recent “What is Network Control” blog, we wanted to dive deeper into the technical aspects of ThreatLocker’s Network Control tool and asked our social media audience for their burning questions. In this blog, we address six of the frequently asked questions received to share the answers with you!
How Does this Differ from a VPN?
For one, unlike ThreatLocker Network Control, a VPN puts a heavy load on your servers. VPNs are also increasingly difficult to secure. While VPN can help enable remote work and collaboration, one remote employee can compromise your entire network if they keep unsafe practices on their remote machine. Remember, VPN is a tunnel and is vulnerable to breaches at either end. With Network Control, you have the granularity to lockdown even just one computer and will not have restrictions on where you can access the server, so workers do not have to be local to be on the server. With Network Control, you get all the benefits of a VPN without the vulnerabilities.
Can I See Attempted Intrusions into Ports/Networks?
Network Access Control, much like the Storage Control, gives you full visibility of all network traffic in and out of your organization. So, you can see every network call, whether it was permitted or denied, in the unified audit for all your endpoints across the world.
What is the Major Difference Between Network Control and a Software Firewall?
Network Control and a software firewall will be similar with their default deny, but the most significant difference is that Network Control dynamically updates depending on where someone is. So, if you’re accessing your secure portal or your RDP or RDP gateway and your engineers are moving between Starbucks, a hotel, an airport or anywhere all around the world, those IPs are changing without you having to do so manually. This solves the problem where you get a phone call from someone requesting you to open this IP up and the next day request a new IP after moving locations. Network Control solves this by taking away the aspect of having to manually open and close ports and IP addresses on your perimeter to make yourself more secure.
What Is the Level of Engagement Required from Infrastructure Teams to Deploy Network Control?
When using Network Control, you may need to ensure that your perimeter firewall allows both the Network Control service port as well as the specific service port you are accessing internally.
Can You Stop TCP/IP Traffic on Your Network Without Blocking Access to the Internet?
You can create a Network Control policy that denies the (source, destination or both) (to or from) Private IP Ranges. This will block local traffic from traversing. We recommend fully testing which option works best for the organization while in monitoring mode first to determine what data would be blocked. Additionally, you can block all target ports or a subset if desired. For example, if you do not want HTTP access locally, you can define port 80 as the impacted target port in your deny policy.
Talk to the Cyber Hero Team today to see Network Control in action.
