Solved

SBS 2011 Block Ports On Workstation

Posted on 2013-06-01
5
798 Views
Last Modified: 2013-06-06
Recently my network got hit by a spamming virus/malware. I need to block email ports on all the workstations. I read other forums that suggest I use IPSec via GPO to block specific ports on the workstations, but none of them are very detailed.

I open the Group Policy Management, but not sure where to go from there to create a new GPO?
0
Comment
Question by:datzent83
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39213185
Unfortunately in the case of malware, it often can and does disable firewall rules. So using software or group policies is insufficient. You must block it at the network edge with appropriate UTM/firewall rules.
0
 

Author Comment

by:datzent83
ID: 39213225
Can you please give me the steps on how I can block it at the network edge with appropriate UTM/firewall rules.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 39213279
Each UTM is different. Configuring a SonicWall is very different than configuring a Cisco which is again VERY different than Watchguard. So no, no easy way to give you a step by step.
0
 

Author Comment

by:datzent83
ID: 39213345
I don't have a hardware firewall. My SBS is my DHCP. I need to make sure that port 25 passes only through the SBS server.
0
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 39213379
There is no way to enforce that. SBS is not a gateway/edge device. And that is where such rules are enforced. Even small businesses should have a UTM at their edge. The companies I listed above all make small business devices and price them accordingly.
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question