> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cystack.net/llms.txt
> Use this file to discover all available pages before exploring further.

# Port Access Control

> Block and control communication ports to safeguard devices against unauthorized activity

<Card>
  **Use Cases:**

  * Block unused ports to minimize the attack surface (e.g., blocking port <code>3389</code> to prevent unauthorized external remote access).
  * Restrict non-essential ports to prevent policy violations by employees, such as illicit software downloads or data exfiltration.
</Card>

This feature restricts active network services on devices, preventing the exposure of vulnerable or unnecessary ports. Follow these steps to configure a blocking policy based on <code>Port</code>:

<Steps>
  <Step title={<>Specify a single port (e.g., <code>443</code>, <code>22</code>) or a port range (e.g., <code>8000-8080</code>).</>} />

  <Step title={<>Select the connection direction: <code>Outbound</code> or <code>Inbound</code>.</>} />

  <Step title="Select the specific tags or individual devices to which the policy will apply." />

  <Step title="Enter a description or reason for the policy (optional)." />
</Steps>
