?
Solved

Basic Firewall Security Recommendations

Posted on 2011-03-03
2
Medium Priority
?
364 Views
Last Modified: 2012-05-11
I need to tighten up my networks firewall policies.  I was hoping someone could post the recommended ports that need opened for a secure SMB.

I have only 4 ports I can think of that I would absolutely need to have open.  The internet (HTTP and HTTPS) and Exchange 2010 (Incoming and Outgoing SMTP SSL)

I'm sure there are allot more ports I'd like to use, such as Remote Desktop, VPN, POP3, Windows Update and ActiveSync.

Does anyone have a preconfigured list of ports to open for the average small business?
0
Comment
Question by:ND02G
2 Comments
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 400 total points
ID: 35033706
Start with everything locked. Open only what you need when you need it.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 1600 total points
ID: 35034272
You will need to be able to make DNS queries to the Internet. (UDP and TCP 53 outbound). NTP to get time (UDP/53 outbound). Windows Update is http/https outbound. ActiveSync for mobile devices is 443 inbound, and you probably also want 443 inbound for OWA. ICMP echo outbound is nice, as is ICMP echo-reply inbound so you can ping.

You may or may not need to be able to FTP outbound.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
This article will help to fix the below errors for MS Exchange Server 2016 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month16 days, 15 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question