Besides P2P connection, if users want to access network devices e.g. IP cameras/DVRs/NVRs, port forwarding is an essential step. However, port forwarding or port mapping is a process that open holes in your firewall, which inevitablely make your entire network system insure and it's great likely expose its vulnerabilities. Port forwarding can be configured when a network device needs access to the Internet from behind a firewall. In order to secure port forwarding, the following security practices should be followed to reduce the risk of cyber-attack against your Internet network devices.
3 Practical Ways to Reduce Risk of Port Forwarding:
- Minimize the number of ports that are accessible via the Internet. Configure port forwarding only when it is necessary. For example, forwarding port 443 when encrypted web services are needed.
- Ensure that the all accounts are set with very strong passwords. This is extremely important when a device is exposed to Internet.
- Avoid the usage of common port numbers but use a custom port instead. For example, port 80 is generally used in HTTP. It's recommended to use a custom port for a specific service. The custom port should comply TCP/IP port definction (range is 1-65535).