Solved

Best Win Server 2003 R2 Firewall Opton and how to enable for Domain properly

Posted on 2014-09-30
7
173 Views
Last Modified: 2014-10-19
Have a Win Server 2003 R2 that has Symantec Endpoint Protection Cloud (SEP) SBS 2013 installed on it.

This version of the product, for Servers does not have a Firewall but has below modules for Win Server

Network: Intrusion Protection
Computer: Anti Virus, Anti Spyware, Sonar
Web: Download Intelligence

Have a Hardware Firewall protecting the network but want to find the best option for adding a software firewall on the Win Server 2003 Domain Controller.

I do not have much experience turning on the Win Firewall for Win Server 2003 in Domain.  When I go to Control Panel and click on Windows Firewall, I see the location to turn on the Windows Firewall in General tab and understand the Exceptions and Advanced tab.

But on this Win Server 2003 it says "Windows Firewall: Is using your non Domain Settings".

When I turned it on, then none of the desktops, on the Domain, could login.  

So it seems, I need to do configure the Windows Firewall, in a special way for Domain?  How would I do this?  

The Windows resource sites have tons of info. but no simple explanation on this that I could find.

Thanks in advance for tips and help.

Also, 3rd party good Firewall programs that would work well on Win Server 2003 would be considered but not sure which are the best standalone ones that work well in Win Server 2003.

Thanks
0
Comment
Question by:rdwolf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 40354687
I haven't used this Symantec product, but the literature states that it does include a firewall.  Are you sure that the firewall isn't installed?  All of the other Symantec Endpoint Protection (on-premises) products I've used include the firewall as an option.  This normally shows up in the client status screen as "Network Threat Protection." The fact that you see Network: Intrusion Protection listed indicates that at least a portion of the firewall protection is installed.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40355393
I'm with hypercat: Symantec Endpoint Protection always includes a firewall, in my experience.

I would not recommend using the built-in Windows firewall on a Windows Server 2003 domain controller. You have to open so many ports for it to function as a DC that your firewall ends up looking more like a screen door than a wall.
0
 

Accepted Solution

by:
rdwolf earned 0 total points
ID: 40356122
For SEP.cloud SBS it only has a firewall option for non servers.  This is confirmed with their tech. Support.  The standalone SEP has firewall for server only.  So still need more help
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 24

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 500 total points
ID: 40356382
you should consider to replace the Windows2003 Server with Win2008R2 or Win2012.
This versions keep supported some time and has included a great and usable firewall.
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40358484
Planning on that before July 2015 but that is not an option now.

Any suggestions on 3rd party  firewalls for Win server 2003 anyone?
0
 

Assisted Solution

by:rdwolf
rdwolf earned 0 total points
ID: 40368150
Have not received any  info. on original question.  Last asked this same question on 10/1/14: "Any suggestions on 3rd party  firewalls for Win server 2003 anyone?"
0
 

Author Closing Comment

by:rdwolf
ID: 40389803
Never got answers to my original question.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question