If you IA types understood how a network actually maybe we could talk but get your CISSP and make big bucks saying NO.
Example:
Backup program needs Port X open to initiate backups on remote servers (remember we are an Enterprise, Remote Management and all). Vendor did not adequately document port but our firewall logs and sniffer clearly indicate this message originates from the control server and goes to the Media server to initiate the backup.
What does IA do? Stops all backups until paperwork is finished, six months without backups and guess what once the vendor documents turn it back on. No thought about the data risk just turn it off.
Further details if you want but why not allow us a firewall rule from control server to destination server locked to IP addresses and maybe only during a defined time window to allow the backups.
But IA has the hammer and enjoys using it.