<div>
It all depends on what its being used for, if there is no remote access, no OWA then you can lock it down very tightly. Personally I would not rely on the Windows firewall alone - its simply not robust enough.
</div>


It all depends on what its being used for, if there is no remote access, no OWA then you can lock it down very tightly. Personally I would not rely on the Windows firewall alone - its simply not robust enough.

<div>
<b>Roles:</b><br />
Internal DNS<br />
Domain Controller<br />
RRAS<br />
OWA<br />
Active Sync<br />
File &amp;&nbsp;Print<br />
<br />
I would of thought there would be some doco on standard ports that would be opened .... ?
</div>


Roles:
Internal DNS
Domain Controller
RRAS
OWA
Active Sync
File & Print

I would of thought there would be some doco on standard ports that would be opened .... ?

<div>
Thanks.<br />
<br />
I was hoping there would be a list of 'mostly used ports/exceptions' that I could focus in on. THis is a fairly standard SBS, but understand that not every server is the same.
</div>


Thanks.

I was hoping there would be a list of 'mostly used ports/exceptions' that I could focus in on. THis is a fairly standard SBS, but understand that not every server is the same.

<div>
<div class="content wysiwyg-content">
I have recently reviewed a small office network that is running SBS 2003 and CA ITM eTrust.<br />
<br />
The Windows Firewall is currently disabled, and there is no other firewall enabled on Server as far as I can tell. There is ofcourse the Internet Router providing protection to the outside world but still a concern.<br />
<br />
What are the recommendations as far as recommending the firewall being enabled and what exceptions I will need to consider to limit downtime to Users?
</div>
</div>


I have recently reviewed a small office network that is running SBS 2003 and CA ITM eTrust.

The Windows Firewall is currently disabled, and there is no other firewall enabled on Server as far as I can tell. There is ofcourse the Internet Router providing protection to the outside world but still a concern.

What are the recommendations as far as recommending the firewall being enabled and what exceptions I will need to consider to limit downtime to Users?

Windows Firewall on SBS 2003

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).

Windows Server 2003

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.