Solved

Best Win Server 2003 R2 Firewall Opton and how to enable for Domain properly

Posted on 2014-09-30
7
168 Views
Last Modified: 2014-10-19
Have a Win Server 2003 R2 that has Symantec Endpoint Protection Cloud (SEP) SBS 2013 installed on it.

This version of the product, for Servers does not have a Firewall but has below modules for Win Server

Network: Intrusion Protection
Computer: Anti Virus, Anti Spyware, Sonar
Web: Download Intelligence

Have a Hardware Firewall protecting the network but want to find the best option for adding a software firewall on the Win Server 2003 Domain Controller.

I do not have much experience turning on the Win Firewall for Win Server 2003 in Domain.  When I go to Control Panel and click on Windows Firewall, I see the location to turn on the Windows Firewall in General tab and understand the Exceptions and Advanced tab.

But on this Win Server 2003 it says "Windows Firewall: Is using your non Domain Settings".

When I turned it on, then none of the desktops, on the Domain, could login.  

So it seems, I need to do configure the Windows Firewall, in a special way for Domain?  How would I do this?  

The Windows resource sites have tons of info. but no simple explanation on this that I could find.

Thanks in advance for tips and help.

Also, 3rd party good Firewall programs that would work well on Win Server 2003 would be considered but not sure which are the best standalone ones that work well in Win Server 2003.

Thanks
0
Comment
Question by:rdwolf
7 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 40354687
I haven't used this Symantec product, but the literature states that it does include a firewall.  Are you sure that the firewall isn't installed?  All of the other Symantec Endpoint Protection (on-premises) products I've used include the firewall as an option.  This normally shows up in the client status screen as "Network Threat Protection." The fact that you see Network: Intrusion Protection listed indicates that at least a portion of the firewall protection is installed.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40355393
I'm with hypercat: Symantec Endpoint Protection always includes a firewall, in my experience.

I would not recommend using the built-in Windows firewall on a Windows Server 2003 domain controller. You have to open so many ports for it to function as a DC that your firewall ends up looking more like a screen door than a wall.
0
 

Accepted Solution

by:
rdwolf earned 0 total points
ID: 40356122
For SEP.cloud SBS it only has a firewall option for non servers.  This is confirmed with their tech. Support.  The standalone SEP has firewall for server only.  So still need more help
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 23

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 500 total points
ID: 40356382
you should consider to replace the Windows2003 Server with Win2008R2 or Win2012.
This versions keep supported some time and has included a great and usable firewall.
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40358484
Planning on that before July 2015 but that is not an option now.

Any suggestions on 3rd party  firewalls for Win server 2003 anyone?
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40368150
Have not received any  info. on original question.  Last asked this same question on 10/1/14: "Any suggestions on 3rd party  firewalls for Win server 2003 anyone?"
0
 

Author Closing Comment

by:rdwolf
ID: 40389803
Never got answers to my original question.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now