User Guide
662 CHAPTER 15: PRIORITIZING NETWORK TRAFFIC
CAUTION: Many TCP and UDP based applications use dynamic port
assignment to determine the TCP or UDP port that will be used as the
source port. If your application definition contains a classifier for a TCP or
UDP port that falls within a range that one or more of your devices may
dynamically allocate to an application it could cause intermittent
problems on your network. Whenever an application is dynamically
allocated a port that is blocked it will be unable to function correctly.
CAUTION: Some applications allow the user to select the protocols and
ports that are used. Whilst blocking the default protocol and port settings
for this type of application will prevent an out-of-the-box instance from
functioning correctly on your network, it cannot be guaranteed that this
will block all instances of the application. Other instances may have been
configured to use other protocols and ports.
Potential Hazards of
Blocking SNMP, HTTP
and Telnet
The protocols SNMP, HTTP and Telnet are all used for network
management purposes. 3Com Network Director uses SNMP to configure
its devices and, in some cases, can use HTTP and Telnet for device
discovery and configuration. HTTP and Telnet protocols are also used for
manual configuration of devices. Blocking an application whose
definition includes the ports used by these protocols would prevent
3Com Network Director from functioning correctly and prevent you from
manually accessing these devices.
3Com Network Director will prevent you from blocking any application
whose definition includes classifiers for the SNMP protocol unless you
have first selected the PC that it is running on for prioritization. This is so
that 3Com Network Director can continue to manage your network
whilst SNMP is blocked.
By prioritizing the traffic of your network management PCs and by
blocking SNMP you can prevent any unauthorized SNMP access on your
network.