The Role of RPC in the Security Landscape

RPC is the protocol that Microsoft services use for communication within and across networks, such as Active Directory: it offers features, for example, related to authentication, user management and service management.

It is clearly a TARGET for attackers!

This poses a very high risk for critical servers, such as domain controllers, which need to have RPC ports open for the domain to work.

Benefits

Instead of working at the network and transport layers like traditional firewalls, the Zero Networks RPC Firewall operates at the Application Layer.

This lets the RPC Firewall examine the full context of RPC operations and choose which RPC operations to permit and which to deny: the inclusion of RPC Firewall in the Zero Networks platform greatly lowers (approximately 95% of the domain controller attack surface is mitigated by RPC Firewall!!! ) an organization’s attack surface and defends against various attacks, such as lateral movement and remote code execution.

Feel free to contact us (sales@idc.it) for an obligation-free chat to demonstrate how Zero Networks can help improve your organization security!