?
Solved

Need a software firewall for Server 2003 Web Edition

Posted on 2004-09-08
6
Medium Priority
?
441 Views
Last Modified: 2013-11-16
Hello,

I recently ordered a dedicated server that came with windows server 2003 web edition.  I would like to install a different firewall on this box because the one i'm using I don't like.  First a little background on the box and what I have done so far.

The box is windows server 2003 WEB EDITION.  This means it comes with no ICF, otherwise that would be good enough for the time being.  The box is also at a NOC of which I do not have control over, so there would be no chance I could setup something hardware related.  The solution must be software that is on the box itself.  So then my first inclination would be to use ZoneAlarm from ZoneLabs.  I purchased this firewall, installed it and it seems to "do the job" to an extent, but there are a few things that make me nervous about using zonealarm:

1)  during the install, i was told that zonealarm isn't intended for server environments and that my installation would not be supported.
2)  zonealarm has program access control... a nice feature but i don't deem that nessecary right now.  I just want your basic port lockdown kind of tool...  besides... zonealarm kicked me out of my terminal service session (i have no physical access to the box) the first time i installed it, and I had to wait for a support tech to open port 3389 before i could continue setting it up.
3)  users have reported sporatic access to certain ports on my box... some users can't open certain ports at all on my box, while others can.
4)  under a normal confinguration, i can only use terminal services for about 30-60 seconds before the connection stalls and i have to reconnect... this happened until i added my ip to the trusted zone, and turned off the firewall completely for the trusted zone.

So i go out searching for another software firewall...  I have tried PortsLock, which i can't even get to lock down a simple port on my test box here at home...  I've looked into other software, but they are all "personal firewalls," something i would like to get around if i can.  ISA server is far too expensive, and I would think that it would require a server 2003 Standard Edition install anyway (my two options at this box are 2003 web and BSD - and for right now, i need a windows box).  I looked into Symantec Enterprise Firewall, but their licensing information page has no information on that product *sigh*.  I would try black ice, but i've heard bad things about that as well.

So to recap... i am looking for a software firewall that provides basic port locking, won't kick me out automatically when i install it (although i might be able to get around that using zonealarm during the install process), that not only runs on 2003 server web edition, but might actually be geared towards a server environment.  I don't need anything that will help me administer client boxes in my environment.. just one box:  a server.


Thank you so much in advance.  
-Chris
0
Comment
Question by:movemedia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12012653
Windows 2003 comes with Internet Connection Firewall already there...
0
 
LVL 4

Author Comment

by:movemedia
ID: 12012766
lrmoore,

Thanks for your comment.  In my question i state that I have already explored this avenue.  you are right, windows server 2003 STANDARD does come with Internet Connection Firewall (ICF), windows server 2003 WEB EDITION (the version i have) does not.

Taken from http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/hnw_enable_firewall.asp :
"Internet Connection Sharing, Internet Connection Firewall, and Network Bridge are included only with Windows Server 2003, Standard Edition, and the 32-bit version of Windows Server 2003, Enterprise Edition. These features are not included with Windows Server 2003, Web Edition; the 32-bit version of Windows Server 2003, Datacenter Edition; or the 64-bit versions of the Windows Server 2003 family."

it is also not possible for me to upgrade from windows 2003 web to standard.  my options at that NOC are windows 2003 web or bsd, and for right now, i need a windows box.  (i am not 1337 enough to be a bsd admin).

Thanks,
-Chris
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 750 total points
ID: 12016146
Gotcha. Sorry I missed that point in your first post...

Have you tried BlackIce ? I know it works on Windows 2000 server.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 4

Author Comment

by:movemedia
ID: 12018134
lrmoore,

Not a problem.  In my first post I mentioned that I have heard bad things about blackICE, mostly in an environment where i do not have console access (only via terminal services).  My fear is that, once installed, it will automatically lock up port 3389, thus blocking terminal services.  (that same thing happened to me with zonealarm, since the program takes the stance of locking everything down first, then prompting the user for access).  Also, BlackICE seems to be more for personal workstations, not servers.  I'm sure I could install it on 2003 server web, but i am concerned about it's reliability.  I am really looking for something designed for servers.  there HAS to be something out there... right?

any other suggestions?

-Chris
0
 

Assisted Solution

by:alester
alester earned 750 total points
ID: 12150387
Have you tried any Mcafee Firewall software?  http://www.mcafee.com
0
 
LVL 4

Author Comment

by:movemedia
ID: 13330656
thanks for replying guys.  

I ended up with deerfield visnetic firewall.  works great.
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses
Course of the Month12 days, 16 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question