User guide
Key Considerations 189
CAUTION: Many TCP and UDP based applications use dynamic port
assignment to determine the TCP or UDP port that will be used as the
source port. If your application definition contains a classifier for a TCP or
UDP port that falls within a range that one or more of your devices may
dynamically allocate to an application it could cause intermittent
problems on your network. Whenever an application is dynamically
allocated a port that is blocked it will be unable to function correctly.
CAUTION: Some applications allow the user to select the protocols and
ports that are used. Whilst blocking the default protocol and port settings
for this type of application will prevent an ‘out-of-the-box’ instance from
functioning correctly on your network, it cannot be guaranteed that this
will block all instances of the application. Other instances may have been
configured to use other protocols and ports.
Potential Hazards of
Blocking SNMP, HTTP
and Telnet
The protocols SNMP, HTTP and Telnet are all used for network
management purposes. 3Com Network Administrator uses SNMP to
configure its devices and, in some cases, can use HTTP and Telnet for
device discovery and configuration. HTTP and Telnet protocols are also
used for manual configuration of devices. Blocking an application whose
definition includes the ports used by these protocols would prevent
3Com Network Administrator from functioning correctly and prevent you
from manually accessing these devices.
3Com Network Administrator will prevent you from blocking any
application whose definition includes classifiers for the SNMP protocol
unless you have first selected the PC that it is running on for prioritization.
This is so that 3Com Network Administrator can continue to manage your
network whilst SNMP is blocked.
By prioritizing the traffic of your network management PCs and by
blocking SNMP you can prevent any unauthorized SNMP access on your
network.
3Com Network Administrator for HP OpenView.book Page 189 Wednesday, November 12, 2003 2:33 PM