Solved

Best Win Server 2003 R2 Firewall Opton and how to enable for Domain properly

Posted on 2014-09-30
7
170 Views
Last Modified: 2014-10-19
Have a Win Server 2003 R2 that has Symantec Endpoint Protection Cloud (SEP) SBS 2013 installed on it.

This version of the product, for Servers does not have a Firewall but has below modules for Win Server

Network: Intrusion Protection
Computer: Anti Virus, Anti Spyware, Sonar
Web: Download Intelligence

Have a Hardware Firewall protecting the network but want to find the best option for adding a software firewall on the Win Server 2003 Domain Controller.

I do not have much experience turning on the Win Firewall for Win Server 2003 in Domain.  When I go to Control Panel and click on Windows Firewall, I see the location to turn on the Windows Firewall in General tab and understand the Exceptions and Advanced tab.

But on this Win Server 2003 it says "Windows Firewall: Is using your non Domain Settings".

When I turned it on, then none of the desktops, on the Domain, could login.  

So it seems, I need to do configure the Windows Firewall, in a special way for Domain?  How would I do this?  

The Windows resource sites have tons of info. but no simple explanation on this that I could find.

Thanks in advance for tips and help.

Also, 3rd party good Firewall programs that would work well on Win Server 2003 would be considered but not sure which are the best standalone ones that work well in Win Server 2003.

Thanks
0
Comment
Question by:rdwolf
7 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 40354687
I haven't used this Symantec product, but the literature states that it does include a firewall.  Are you sure that the firewall isn't installed?  All of the other Symantec Endpoint Protection (on-premises) products I've used include the firewall as an option.  This normally shows up in the client status screen as "Network Threat Protection." The fact that you see Network: Intrusion Protection listed indicates that at least a portion of the firewall protection is installed.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40355393
I'm with hypercat: Symantec Endpoint Protection always includes a firewall, in my experience.

I would not recommend using the built-in Windows firewall on a Windows Server 2003 domain controller. You have to open so many ports for it to function as a DC that your firewall ends up looking more like a screen door than a wall.
0
 

Accepted Solution

by:
rdwolf earned 0 total points
ID: 40356122
For SEP.cloud SBS it only has a firewall option for non servers.  This is confirmed with their tech. Support.  The standalone SEP has firewall for server only.  So still need more help
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 23

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 500 total points
ID: 40356382
you should consider to replace the Windows2003 Server with Win2008R2 or Win2012.
This versions keep supported some time and has included a great and usable firewall.
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40358484
Planning on that before July 2015 but that is not an option now.

Any suggestions on 3rd party  firewalls for Win server 2003 anyone?
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40368150
Have not received any  info. on original question.  Last asked this same question on 10/1/14: "Any suggestions on 3rd party  firewalls for Win server 2003 anyone?"
0
 

Author Closing Comment

by:rdwolf
ID: 40389803
Never got answers to my original question.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question