Similar to the military definition of reconnaissance,
the network security definition of reconnaissance is when attackers
attempt to gain information about your network’s vulnerabilities
by secretly probing the network to find weaknesses. Reconnaissance
activities are often preludes to a network attack.
Zone protection profiles with reconnaissance protection enabled
defend against port scans and host sweeps:
discover open ports on a network. A
port scanning tool sends client requests to a range of port numbers
on a host, with the goal of locating an active port to exploit in
an attack. Zone protection profiles defend against both TCP and
UDP port scans.
examine multiple hosts to determine if
a specific port is open and vulnerable.
You can use reconnaissance tools for legitimate purposes such
testing of network security or the strength
of a firewall. You can specify up to 20 IP addresses or netmask
address objects to exclude from reconnaissance protection so that
your internal IT department can conduct white hat tests to find
and fix network vulnerabilities.