Solved

Need a software firewall for Server 2003 Web Edition

Posted on 2004-09-08
6
438 Views
Last Modified: 2013-11-16
Hello,

I recently ordered a dedicated server that came with windows server 2003 web edition.  I would like to install a different firewall on this box because the one i'm using I don't like.  First a little background on the box and what I have done so far.

The box is windows server 2003 WEB EDITION.  This means it comes with no ICF, otherwise that would be good enough for the time being.  The box is also at a NOC of which I do not have control over, so there would be no chance I could setup something hardware related.  The solution must be software that is on the box itself.  So then my first inclination would be to use ZoneAlarm from ZoneLabs.  I purchased this firewall, installed it and it seems to "do the job" to an extent, but there are a few things that make me nervous about using zonealarm:

1)  during the install, i was told that zonealarm isn't intended for server environments and that my installation would not be supported.
2)  zonealarm has program access control... a nice feature but i don't deem that nessecary right now.  I just want your basic port lockdown kind of tool...  besides... zonealarm kicked me out of my terminal service session (i have no physical access to the box) the first time i installed it, and I had to wait for a support tech to open port 3389 before i could continue setting it up.
3)  users have reported sporatic access to certain ports on my box... some users can't open certain ports at all on my box, while others can.
4)  under a normal confinguration, i can only use terminal services for about 30-60 seconds before the connection stalls and i have to reconnect... this happened until i added my ip to the trusted zone, and turned off the firewall completely for the trusted zone.

So i go out searching for another software firewall...  I have tried PortsLock, which i can't even get to lock down a simple port on my test box here at home...  I've looked into other software, but they are all "personal firewalls," something i would like to get around if i can.  ISA server is far too expensive, and I would think that it would require a server 2003 Standard Edition install anyway (my two options at this box are 2003 web and BSD - and for right now, i need a windows box).  I looked into Symantec Enterprise Firewall, but their licensing information page has no information on that product *sigh*.  I would try black ice, but i've heard bad things about that as well.

So to recap... i am looking for a software firewall that provides basic port locking, won't kick me out automatically when i install it (although i might be able to get around that using zonealarm during the install process), that not only runs on 2003 server web edition, but might actually be geared towards a server environment.  I don't need anything that will help me administer client boxes in my environment.. just one box:  a server.


Thank you so much in advance.  
-Chris
0
Comment
Question by:movemedia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12012653
Windows 2003 comes with Internet Connection Firewall already there...
0
 
LVL 4

Author Comment

by:movemedia
ID: 12012766
lrmoore,

Thanks for your comment.  In my question i state that I have already explored this avenue.  you are right, windows server 2003 STANDARD does come with Internet Connection Firewall (ICF), windows server 2003 WEB EDITION (the version i have) does not.

Taken from http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/hnw_enable_firewall.asp :
"Internet Connection Sharing, Internet Connection Firewall, and Network Bridge are included only with Windows Server 2003, Standard Edition, and the 32-bit version of Windows Server 2003, Enterprise Edition. These features are not included with Windows Server 2003, Web Edition; the 32-bit version of Windows Server 2003, Datacenter Edition; or the 64-bit versions of the Windows Server 2003 family."

it is also not possible for me to upgrade from windows 2003 web to standard.  my options at that NOC are windows 2003 web or bsd, and for right now, i need a windows box.  (i am not 1337 enough to be a bsd admin).

Thanks,
-Chris
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 12016146
Gotcha. Sorry I missed that point in your first post...

Have you tried BlackIce ? I know it works on Windows 2000 server.
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 
LVL 4

Author Comment

by:movemedia
ID: 12018134
lrmoore,

Not a problem.  In my first post I mentioned that I have heard bad things about blackICE, mostly in an environment where i do not have console access (only via terminal services).  My fear is that, once installed, it will automatically lock up port 3389, thus blocking terminal services.  (that same thing happened to me with zonealarm, since the program takes the stance of locking everything down first, then prompting the user for access).  Also, BlackICE seems to be more for personal workstations, not servers.  I'm sure I could install it on 2003 server web, but i am concerned about it's reliability.  I am really looking for something designed for servers.  there HAS to be something out there... right?

any other suggestions?

-Chris
0
 

Assisted Solution

by:alester
alester earned 250 total points
ID: 12150387
Have you tried any Mcafee Firewall software?  http://www.mcafee.com
0
 
LVL 4

Author Comment

by:movemedia
ID: 13330656
thanks for replying guys.  

I ended up with deerfield visnetic firewall.  works great.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 firewall service won't start 5 248
Router Firewall rules sonicwall ubiquiti edgerouter 3 119
Trojan blocked 11 118
Recommendation of Antivirus software for Personal Use 19 228
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question