应用程序网关PCI扫描 - 端口打开？ [英] Application Gateway PCI Scan - Ports Open?

问题描述

我们在应用程序网关上完成了PCI扫描，并且由于端口65200上打开了不兼容的TLS协议而导致报告失败。我知道这是一个管理端口，但有没有办法关闭它来自互联网所以这次扫描不会失败？

谢谢

解决方案

嗨大脑， 

正如您所提到的，这些端口用于管理目的，内部组件需要与这些端口通信以保持网关实例健康。 

即使这些端口显示从Internet打开，这些端口也受Azure环境保护，您需要访问证书。这是安全的。 

问候， 

Msrini

We had a PCI scan done on an application gateway and it reported a failure due to non-compliant TLS protocols open on port 65200. I know this is a management port, but is there any way to close this off from the internet so this scan doesn't keep failing?

Thanks

解决方案

Hi Brain, 

As you mentioned, those ports are used for management purpose and internal components needs to communicate to these ports in order to keep the Gateway instance healthy. 

Even though those ports shows open from Internet, those ports are protected by Azure environment and you need certificate to access. It is secure. 

Regards, 

Msrini

这篇关于应用程序网关PCI扫描 - 端口打开？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！