I'm not here to rip a vendor, I just want to make sure that I'm not missing anything obvious.
The company I work for is having a vending machine installed that requires a connection to the internet to send inventory numbers back to the home office. I plan on putting this device in its own VLAN with rules blocking access to other subnets/devices.
The vendor stated that all they need access to is http and https (obviously 80 and 443). We are not a large enterprise and we have never blocked outbound connections, however, I'm trying to change that as changes are made.
Their vending machine is only sending data out, meaning, it isn't a web server that needs access coming in on 80 and 443 that you'd see with your traditional web server.
I don't want to block all ports, outbound, except 80 and 443, since the port number that their vending machine will use to establish an outbound connection will be random and will never be 80 and 443.
What am I missing here?
No comments:
Post a Comment