• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 807
  • Last Modified:

SBS 2011 Block Ports On Workstation

Recently my network got hit by a spamming virus/malware. I need to block email ports on all the workstations. I read other forums that suggest I use IPSec via GPO to block specific ports on the workstations, but none of them are very detailed.

I open the Group Policy Management, but not sure where to go from there to create a new GPO?
0
datzent83
Asked:
datzent83
  • 3
  • 2
1 Solution
 
Cliff GaliherCommented:
Unfortunately in the case of malware, it often can and does disable firewall rules. So using software or group policies is insufficient. You must block it at the network edge with appropriate UTM/firewall rules.
0
 
datzent83Author Commented:
Can you please give me the steps on how I can block it at the network edge with appropriate UTM/firewall rules.
0
 
Cliff GaliherCommented:
Each UTM is different. Configuring a SonicWall is very different than configuring a Cisco which is again VERY different than Watchguard. So no, no easy way to give you a step by step.
0
 
datzent83Author Commented:
I don't have a hardware firewall. My SBS is my DHCP. I need to make sure that port 25 passes only through the SBS server.
0
 
Cliff GaliherCommented:
There is no way to enforce that. SBS is not a gateway/edge device. And that is where such rules are enforced. Even small businesses should have a UTM at their edge. The companies I listed above all make small business devices and price them accordingly.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now