Solved

Basic Firewall Security Recommendations

Posted on 2011-03-03
2
353 Views
Last Modified: 2012-05-11
I need to tighten up my networks firewall policies.  I was hoping someone could post the recommended ports that need opened for a secure SMB.

I have only 4 ports I can think of that I would absolutely need to have open.  The internet (HTTP and HTTPS) and Exchange 2010 (Incoming and Outgoing SMTP SSL)

I'm sure there are allot more ports I'd like to use, such as Remote Desktop, VPN, POP3, Windows Update and ActiveSync.

Does anyone have a preconfigured list of ports to open for the average small business?
0
Comment
Question by:ND02G
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 100 total points
ID: 35033706
Start with everything locked. Open only what you need when you need it.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 400 total points
ID: 35034272
You will need to be able to make DNS queries to the Internet. (UDP and TCP 53 outbound). NTP to get time (UDP/53 outbound). Windows Update is http/https outbound. ActiveSync for mobile devices is 443 inbound, and you probably also want 443 inbound for OWA. ICMP echo outbound is nice, as is ICMP echo-reply inbound so you can ping.

You may or may not need to be able to FTP outbound.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question