Best Practices for Securing Network Traffic
rosemarie
Newbie ✭
Hi everyone,
I've been managing a network where a lot of gaming traffic, particularly from platforms like Roblox, is pretty common. Recently, I've been looking into ways to control or monitor this traffic without fully blocking it, especially when it comes to security risks from exploits or modding tools some users employ in gaming.
For example, I've noticed that some users are utilizing game exploits, like those found in modding or script-execution tools (I work with sites like deltaexecuter.com), and I'm concerned about the potential vulnerabilities that may arise. What are the best practices for setting up rules on a SonicWall firewall to mitigate these risks? Should I focus on specific ports, services, or DPI-SSL configurations for better monitoring of gaming-related traffic?
Any insights or suggestions on how to manage these types of connections securely would be greatly appreciated!
Thanks in advance.
Answers
Start by learning about "Zero-trust" concepts.
https://en.wikipedia.org/wiki/Zero_trust_security_model
The gist of it is only allow what is known. Any unknowns must not be allowed. So if you know what ports and servers are used by your gamers, than only allow connections to those. Anything outside of those connections must be properly vetted before they are allowed. People won't like this approach, but you're the admin and they are not.
If you paid for and use the security services on the Sonicwall you will need to use DPISSL for proper traffic inspection. >90% of internet traffic is encrypted, so if your not doing DPISSL your not going to see into the majority of traffic.
No expert in gaming here but I would think they have SSL MITM countermeasures in place to prevent the use of tools for cheating, so games may not work with DPI-SSL.