Solved

Trend Micro and Firewalls

Posted on 2007-11-20
15
3,618 Views
Last Modified: 2013-11-22
Hi. I am in the process of installing Trend Micro Client Server Messaging Security for SMB on my SBS 2003 Standard Edition R2. It's a little more complicated than I thought, so I am reading the 332 page manual carefully. I am a bit confused when it comes to the firewall part.

As you know, the CSMS for SMB comes with its own firewall, Personal Firewall. The manual recommends disabling the firewalls which come with Windows or disabling Personal Firewall and opening the correct ports and exceptions in Windows' firewalls. From what I can gather, the Personal Firewall seems more robust. Of course, I know these are all software firewalls. I have a hardware firewall in place.

My question is the manual made reference to the SBS Internet Connection Firewall, which is enabled. But, when I looked in group policy, it showed that firewall as well as the SBS Windows Firewall (Server). There is also the Windows Firewall which is located on each client machine. So, do I disale all of them. Or just the Internet Connection Firewall?

Thanks

Bert
0
Comment
Question by:Bert2005
  • 7
  • 5
  • 3
15 Comments
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 20325109
Bert,

I always disable the TrendMicro Firewall.  Since SBS has a nicely configured group policy that manages the Windows Firewall on workstations, I find that it's just much easier to manage and does the job.

There are TWO Group Policies listed on the server's GPMC: The SBS Internet Connection Firewall and the SBS Windows Firewall.  Both of these are actually to manage the Windows XP Firewall.  Notice in the WMI filter column one says PreSP2 and the other PostSP2.

The SBS Internet Connection Firewall, even though it's enabled doesn't actually apply to anything anymore.  It's the SBS Windows Firewall policy that's now managing the XP SP2 firewalls.

I'd say don't disable either of those... disable the TrendMicro Personal Firewall Service instead.


Jeff
TechSoEasy
0
 
LVL 8

Expert Comment

by:static-void
ID: 20325120
The firewall in TMCSM is built into the officescan agent so you should disable your local firewalls on all protected pcs if your going to use the TM one. However i personally would just stick to the windows firewall, it works fine and is easier to centrally manage
0
 
LVL 8

Expert Comment

by:static-void
ID: 20325123
lol yeah ditto that
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:Bert2005
ID: 20325158
Well, it's good to have 100% agreement!

I can open a new question if you like, but this seems fairly related and only my last comment.

Would either of you recommend going with the Client Server Messaging Security version over the non-messaging version given the Exchange feature and the Vulnerability Assessment (whatever that does).

Also, are some antivirus programs not compatible with SBS 2003 or, more importantly, is Trend Micro made for SBS 2003? I looked at CA, but it was a little pricey.

Thanks guys.
0
 
LVL 8

Expert Comment

by:static-void
ID: 20325254
exchange feature is realllly useful i found. I use TMCSM on my network and its good to have an email level virus scan. It stops virusus before they even get presented to PCs. if at all possible you should have something in place to stop them at the server level. Im not sure about the SMB thing, talk to your trend rep. I use it on actual exchange but i imagine given its a smb product it will work on SMB
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20328899
Thanks static. Appreciate the help. And, it's good to know that you use it and like it.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20332919
Bert,

I ONLY use TrendMicro CSM for all of my SBS installations.  It is definitely the most popular amongst the SBS MVP Community as well.  You definitely want CSM, not just the Client/Server version because you do need to have a proper Exchange AV program.

TrendMicro not only works well, it works without needing to ever see it once you've installed the program.  Plus, it is relatively cheap because they don't charge for the server license, just per "seat" (meaning, per workstation).

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20332941
Thanks Jeff. I will definitely go the CSM route.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20393167
So Jeff or static,

I am installing TrendMicro on the server. I will disable the TM's firewall and leave the Windows Firewall running on the clinets. What about the Windows Firewall on the server. I have standard edition and am not using ISA. If Windows Firewall is turned on on the server, then RRAS would need to be disabled correct?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20393177
I believe Trend Micro's Firewall is disabled by default... if you accept all the defaults when installing it.

You cannot turn on the Windows Firewall on an SBS.  RRAS is your firewall if you have TWO NICs, and if you only have a single NIC, there is NO firewall that is ON the server... instead you would use a hardware device for that.

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20393545
Thanks.
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20400388
So with two NICs, you would use RRAS? But, what about ISA?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20400471
Assuming you have two NICs, when you run the CEICW it detects whether or not you have ISA Server installed and if not, it configures RRAS as the firewall.

Jeff
TechSoEasy
0
 
LVL 1

Author Comment

by:Bert2005
ID: 20455113
Thanks. I must have missed that comment. I still don't know why anyone would use two NICs without ISA, but I guess some do.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 20455625
If you don't have a strong firewall, then using two NICs can increase your security.  But the next version of SBS (SBS 2008) will only support a single NIC configuration and will not be coming with ISA Server as an option.  Overall, its generally better to have a good firewall device, such as a SonicWall TZ-series.

Jeff
TechSoEasy
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question