Common use of Port Enumeration Clause in Contracts

Port Enumeration. Port and protocol scans must be conducted with reference to the network design, proving that management protocols are only accessible via management interfaces, and control plane protocols are only accessible via control plane interfaces. All interfaces where the network element can be identified (where it would be possible to respond to a PING request or appear in a route trace) must be tested. If the interface switches/routes traffic transparently or is not IP based then that interface need not be scanned. Scans should be performed with all Access Control Lists (ACLs) first disabled, so as to give a clearer view of which ports/services are active, and then enabled, to demonstrate what is normally visible. • Which addresses were scanned (management, interface). • All open, open|filtered and closed|filtered ports • Detail why ports which are open are required. Port scan may be performed using latest version of nmap or any other open source software tool. For the purpose of illustration command used in the available version of nmap at present (July 2010) are given in annexure II.

Port Enumeration. Port and protocol scans must be conducted with reference to the network design, proving that management protocols are only accessible via management interfaces, and control plane protocols are only accessible via control plane interfaces. All interfaces where the network element can be identified (where it would be possible to respond to a PING request or appear in a route trace) must be tested. If the interface switches/routes traffic transparently or is not IP based then that interface need not be scanned. Scans should be performed with all Access Control Lists (ACLs) first disabled, so as to give a clearer view of which ports/services are active, and then enabled, to demonstrate what is normally visible. •  Which addresses were scanned (management, interface). •  All open, open|filtered and closed|filtered ports •  Detail why ports which are open are required. Port scan may be performed using latest version of nmap or any other open source software tool. For the purpose of illustration command used in the available version of nmap at present (July 2010) are given in annexure II.