Solved

Basic Firewall Security Recommendations

Posted on 2011-03-03
2
337 Views
Last Modified: 2012-05-11
I need to tighten up my networks firewall policies.  I was hoping someone could post the recommended ports that need opened for a secure SMB.

I have only 4 ports I can think of that I would absolutely need to have open.  The internet (HTTP and HTTPS) and Exchange 2010 (Incoming and Outgoing SMTP SSL)

I'm sure there are allot more ports I'd like to use, such as Remote Desktop, VPN, POP3, Windows Update and ActiveSync.

Does anyone have a preconfigured list of ports to open for the average small business?
0
Comment
Question by:ND02G
2 Comments
 
LVL 38

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
Comment Utility
Start with everything locked. Open only what you need when you need it.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 400 total points
Comment Utility
You will need to be able to make DNS queries to the Internet. (UDP and TCP 53 outbound). NTP to get time (UDP/53 outbound). Windows Update is http/https outbound. ActiveSync for mobile devices is 443 inbound, and you probably also want 443 inbound for OWA. ICMP echo outbound is nice, as is ICMP echo-reply inbound so you can ping.

You may or may not need to be able to FTP outbound.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
how to add IIS SMTP to handle application/Scanner relays into office 365.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now