Most Enterprise Application Traffic Bypasses Port 80 Security Measures
Contrary to conventional wisdom, a significant number of applications running on enterprise networks do not pass through port 80, so securing just that port does not protect the network, according to a recent report.
Application traffic analyzed by Palo Alto Networks in its semi-annual Application Usage and Risk Report found that 35 percent of the applications on enterprise networks never use port 80 when communicating with the outside world, Matt Kiel, senior research analyst at Palo Alto Networks, told eWEEK.
Applications that use only port 80 and no other port, represented just 25 percent of the application traffic within the enterprise, according to the report, released Jan. 17. Historically, most network traffic passed through port 80 so it made sense for IT administrators to concentrate their efforts to securing that port, Kiel said. However, many popular applications, such as audio streaming, games, instant messengers, webmail and others use port 443 or switch between available ports. The amount of non-Web-based traffic and applications used within the enterprise is much more significant and widespread than most people realize, according to Kiel.