Solved

SBS 2011 Block Ports On Workstation

Posted on 2013-06-01
5
791 Views
Last Modified: 2013-06-06
Recently my network got hit by a spamming virus/malware. I need to block email ports on all the workstations. I read other forums that suggest I use IPSec via GPO to block specific ports on the workstations, but none of them are very detailed.

I open the Group Policy Management, but not sure where to go from there to create a new GPO?
0
Comment
Question by:datzent83
  • 3
  • 2
5 Comments
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39213185
Unfortunately in the case of malware, it often can and does disable firewall rules. So using software or group policies is insufficient. You must block it at the network edge with appropriate UTM/firewall rules.
0
 

Author Comment

by:datzent83
ID: 39213225
Can you please give me the steps on how I can block it at the network edge with appropriate UTM/firewall rules.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 39213279
Each UTM is different. Configuring a SonicWall is very different than configuring a Cisco which is again VERY different than Watchguard. So no, no easy way to give you a step by step.
0
 

Author Comment

by:datzent83
ID: 39213345
I don't have a hardware firewall. My SBS is my DHCP. I need to make sure that port 25 passes only through the SBS server.
0
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39213379
There is no way to enforce that. SBS is not a gateway/edge device. And that is where such rules are enforced. Even small businesses should have a UTM at their edge. The companies I listed above all make small business devices and price them accordingly.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question