[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Windows Server Firewalls (2008 and SBS 2008) - Definitive stance on disabling firewalls

Posted on 2009-06-29
3
Medium Priority
?
968 Views
Last Modified: 2012-05-07
Hi Folks,

I'm looking for some definitive facts/stance on the Windows Server 2008 firewall/SBS 2008 firewalls. Or some recommendations from an authority.

When we have had a situation where we had to turn the Windows firewall off (I realize we can set exclusions but they don't always work), we have taken a few different approaches:

1. Turn it off in the GUI (http://technet.microsoft.com/en-us/library/cc766337(WS.10).aspx) - we've done this and on occasion (several), it will indicate it is off in the GUI but will still block ports (intermittantly)

2. Set the firewall service to manual - we've tried this but same as #1, it will actually start to block certain traffic on occasion after a period of time

3. This is the tact we've come to taking - we DISABLE the firewall service.  I have no doubt that this is officially unsupported by Microsoft for the security impact (these are small business networks however, not NASA or Fort Knox).  This seems to work definitively at keeping these ports open ... however, I've run into two occasions where Exchange 2007 stops allowing connections after a period of time (and in fact, Exchange 2007 won't allow you to install unless the firewall service is running).

*sigh* - what is a girl/boy to do?  What key step/information are we missing here to ensure our connections work ALL OF THE TIME?  

Of course it is a good idea to have the firewall on - but if starts closing ports that are excluded, the disruption to a customer is not a good thing, particularly if the ports being closed are RDP such that we can't support them remotely either to fix the situation.

Comments welcome but I'm really looking for someone to point out or say something new here - something we are missing...  Thanks!
0
Comment
Question by:itgroove
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Assisted Solution

by:Christopher Barnes
Christopher Barnes earned 400 total points
ID: 24739530
I have installed about 15 SBS 2008. I never ever turn the firewall off and never need to. You need to look at the situation more carefully. You talk about having trouble with RDP. RDP is a a essential component of SBS 2008 and all MS Servers. I don't believe the server/firewall/OS is closing the ports. More likely to be a router or other software running on the server. What anti virus are you running? What router does the client use?

Hardware based firewalls (maybe on the router) and sofware based firewalls (typically MS server firewall) are essential. It does not matter if you are a big or small business. The Internet is a bad place and hackers love to take over Small Business Servers and use then as SMTP relays and proxies.
0
 
LVL 13

Accepted Solution

by:
itgroove earned 0 total points
ID: 24739749
LOL.  Yes, I get that and I wouldn't have posted this without considering the 'situation more carefully'. All of our customers have a Gateway/Firewall, we would never consider not having a firewall, however the local one is the one that is causing trouble.
And I'm happy for your luck in this situation (or maybe you hit the nail on the head, what AV are you using?  We use Trend) but I can say with utmost confidence that we have tested RDP connections inside the network - the local SBS box was blocking the port from connectivity (note, we use a different port, to obsure the port but the firewall should be honouring our exception rule, just like it would for TCP3389).  In these cases (and it is not just RDP), after a period of time, it will just close.  We can ping the server, we can get to it using a file share - thus the server is up but inside the network and out, RDP will be off (or in some cases, OWA/https or SMTP will be denying connectivity).
This looks to be a directly related problem that we've stumbled upon - that may be exactly the problem we are running into.  http://support.microsoft.com/default.aspx?scid=kb;EN-US;961775
 
0
 
LVL 13

Author Comment

by:itgroove
ID: 24791073
Didn't get much commentary but I do appreciate barnescr attempt.  I believe, at least for 2 most recent occurrences, that the support article I have posted is relevant and will recur.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question