Basic Firewall Security Recommendations

I need to tighten up my networks firewall policies.  I was hoping someone could post the recommended ports that need opened for a secure SMB.

I have only 4 ports I can think of that I would absolutely need to have open.  The internet (HTTP and HTTPS) and Exchange 2010 (Incoming and Outgoing SMTP SSL)

I'm sure there are allot more ports I'd like to use, such as Remote Desktop, VPN, POP3, Windows Update and ActiveSync.

Does anyone have a preconfigured list of ports to open for the average small business?
ND02GAsked:
Who is Participating?
 
kevinhsiehConnect With a Mentor Commented:
You will need to be able to make DNS queries to the Internet. (UDP and TCP 53 outbound). NTP to get time (UDP/53 outbound). Windows Update is http/https outbound. ActiveSync for mobile devices is 443 inbound, and you probably also want 443 inbound for OWA. ICMP echo outbound is nice, as is ICMP echo-reply inbound so you can ping.

You may or may not need to be able to FTP outbound.
0
 
Aaron TomoskyConnect With a Mentor SD-WAN SimplifiedCommented:
Start with everything locked. Open only what you need when you need it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.