Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Firewall Outbound Port Blocking

Avatar of felixresources
felixresources asked on
NetworkingCiscoTCP/IP
5 Comments1 Solution1329 ViewsLast Modified:
Due to a recent increase in torrentz and p2p usage on our network, and the current equipment and services available, we have decided that the best way to stop this with out spending money, is to block all unknown ports outbound access on the firewall at our ISP. (currently we have all outbound open)

I need some advice on which ports need to be open for outbound.

We are going to leave the following open with restrictions.  

Port 80 and 443: Allowed only from our web proxy.
Port 21: Open outbound
Port 25: Allowed only from our authorised email servers.

Are there any other critial ports that need consideration. I assume DNS ports need to be open, or would a better option be to allow ALL out from our DC's\DNS servers?

Other inbound services that might need consideration; we have webmail, rpc over http, pptp vpn, blackberry, pop3, imap, sql replication from external. I am not sure if these need corresponding ports open for outbound responses? I might just open all outbound access from the servers hosting these.

Cheers
ASKER CERTIFIED SOLUTION
Avatar of shubhanshu_jaiswal
shubhanshu_jaiswal

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answers