+11Hi Community ,
Is there any advantage of enabling “Enabling Loopback Mode on Clients and Client Groups” . Just want to understand in which scenario this setting will be useful and what is the impact on backups and recovery jobs if we enabled this ?
Regards, Mohit
Best answer by Alireza B
Generally speaking the less listening ports on IPs the better. More ports available on a server means more doors (even locked).This is important for critical servers that are exposed to external users. For servers sitting all in internal network this won't matter much but again it's something you need to check with your security team. Web shells and other tools that an attacker usually use leverage listening ports for gaining access. Please note, ports are not the only concern, you can have firewall rules to control these traffic direction, protocols etc to make them more secure.
+9Hey Mohit,
There is no specific advantage. It's more for security reasons. By default CV services will listen on all interfaces on any client meaning from outside you will see Client IP(s) is listening on 8400 etc.
In case you want to make sure services are not listening on Client IPs you can use this feature. Please note some services will still listen on IPs to facilate the communications like CVFWD which is responsible for comms.
Cheers,
Ali
+11Thank you . Can you please give a practical scenario or possible type of security threat where this feature would be useful .
Regards, Mohit
+9Generally speaking the less listening ports on IPs the better. More ports available on a server means more doors (even locked).This is important for critical servers that are exposed to external users. For servers sitting all in internal network this won't matter much but again it's something you need to check with your security team. Web shells and other tools that an attacker usually use leverage listening ports for gaining access. Please note, ports are not the only concern, you can have firewall rules to control these traffic direction, protocols etc to make them more secure.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
