|
|
 |
Sentry-go®
3Ds (UK) Limited
© 2000-2011 |
|
|
|
 |
Monitoring the Firewall & TCP/IP Ports |
|
|
|
|
Monitoring access to TCP/IP ports can help ensure web-based servers and services
are listening correctly for inbound requests
via TCP/IP ports. If the service is not listening on it's standard (or so-called
"well known") port, external access to that service will be unavailable.
At the same time, its extremely important to protect your servers from outside
attack & hacking, threats from viruses etc.
|
|
|
 |
Any IP device that accepts input, via TCP/IP will listen for connections on one
or more ports. For example, if IIS is not listening on port 80, standard browser
requests to it will result in an error, while SMTP e-mail servers normally
listen on port 25 etc. |
|
|
Even if the underlying application or service is running, a failure on the
network or the TCP/IP stack on the server can prevent the system from listening for
inbound connections. Also, if 2 applications use the same listen port, only the
first will function correctly, the other receiving an "in use" error which
prevents it from listening for & accepting new connections.
In most cases, the first you will know about the failure is when the system
using it, or an external system trying to connect to it fails. But with Sentry-go, monitoring
TCP/IP port access to these ports is quick & easy to do, and can be performed periodically
24 hours a day. If faults are found, the monitor can take automatic action in
response - e.g. to restart the service that should be listening or even reboot
the server, providing faster
resolution & allowing you time to investigate further & resolve any underlying
fault.
You can monitor TCP/IP ports to,
for example ...
- Ensure TCP/IP port access is available on one or more ports,
including custom ports used by your own applications
- Optionally ensure the listening server returns the correct data
(e.g. a "welcome" string), to ensure the correct service is responding
- Optionally send opening data to the listening server
Notify System Administrator(s) of errors or failures
Examples where TCP/IP port monitoring would be of benefit include ...
|
|
|
- Web servers
- E-mail servers - e.g. Exchange, SMTP, POP3, IMAP
- SQL database servers
- Servers running custom services that use TCP/IP or WINSOCK.
|
 |
Server or PC network protection is often implemented by means of a firewall, a
method whereby network access is controlled & protected based on port number or
connecting application etc. This can be extremely effective at preventing
unauthorised access via the network, but only if it is enabled, and continues to
run while the machine is connected to the network.
Traditionally you might check the firewall by ensuring it's enabled, but with
Sentry-go you can not only very this automatically, you can also re-enable it
without any manual intervention being required! |
|
|
|
|
|
|
|