Hi,

We have been continuously failing Security Metrics testing of our server/network used to host part of our website. 

The problem is that port 1000 is open, allowing our server to be externally accessed on this port. 

Port 1000 is open because the booking system software on the server requires it to be and i created this policy on the BT Business Hub 3. 

We have passed previously with port 1000 open, however i have been made aware that Security Metrics constantly update their passing criteria and port 1000 is now considered unsafe. 

Security Metrics recommend that either the booking system software company change their port number to a more secure one or that i restrict the use of port 1000 to a single IP address (IP of software company). 

I have spoken with the software company and they dont seem willing to change the port and believe restricting port 1000 to their single IP will resolve the issue. 

I have tried restricting port 1000 to a single IP, however BT have said that their routers do not support such a function and our Symantec Endpoint Small Business software doesnt seem to have much control over this either. 

Can anyone recommend anything for me to try or know whether the Hub 5 or any other router supports such a policy?

I surely cant be the only BT customer with this issue. 

Many thanks,

Sam