Control DisableServiceChannel

Represents a communication path through the network between a Client and a Service. This channel is privileged, in the sense that where default firewall rules would block connections from the Client to the Service, they are enabled by an exception to the default rules.

Firewall rules that normally allow access to service Service by clients on otherwise blocked network paths are switched off. This strategy represents a permanent restriction introduced by design or in accordance with an operational policy or user preference to avoid accessing Service over certain networks. It may also arise as a side effect of a run-time response to a more specific threat. In either case, it triggers threats representing side effects that would be caused by such a restriction where they affect all available network paths used by a client.

Firewall rules that normally allow access to service Service by clients on otherwise blocked network paths are switched off to prevent an attack. This strategy may represent a run-time adaptation in response to a threat, or a permanent restriction introduced by design or in accordance with an operational policy or user preference to avoid accessing Service over certain networks. It also triggers threats representing side effects that would be caused by such a restriction where they affect all available network paths used by a client.

Firewall rules that normally allow access from client Client to service Service have been switched off by manager HostManager of the service host SHost to prevent snooping. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, user HostManager who is responsible for managing SHost should arrange for firewall policies to be switched off. The Disable Service Channel control should be deselected only when access is enabled again.

Firewall rules that normally allow access to service Service on specific network path(s) have been switched off by its host manager HostManager. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To activate it at runtime, user HostManager who is responsible for managing host SHost should arrange for firewall policies to be switched off, ideally as close as possible to subnet LogicalSubnet from where the risk arises.The Disable Service Channel control should be deselected only when access is enabled again.