Discussion

Computer operators must ensure that the computer environment is properly protected by filters to ensure that malicious traffic does not reach the applications on the server.

For example, computers should be connected to individual switch ports to minimize the opportunity for monitoring any communications, all unneeded services should be disabled and host-based firewalls should be used whenever possible. The host-based firewalls should be configured to only enable the needed services and block all other services by default.