Is opening Port 389 (for LDAP) a risk IF it is only open to 1 outside IP Address?

high_sobo used Ask the Experts™

I'm in the process of setting up Sonicwall Hosted Email Security (HES) and my Domain Controllers are currently Windows 2003 servers (in the process of upgrading them now).  I have a SonicWall NSA 3500 firewall.

In order for HES to integrate easily with our users, they need port 389 open for LDAP queries.  I found a single IP address that HES uses to query LDAP and I opened and nat'd port 389 ONLY for this single IP address.

Does this pose a security risk.  I'm thinking that is does not, because port 389 is only open to one IP address.  But I'm not sure with today's sophisticated hacking methods if I'm okay to leave it setup this way long term.

One last thing, I did consider LDAPS (ssl), but because I'm a month or so away from upgrading my Domain Controllers, I didn't want to go down this road until my migration is complete.

Thank you
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Sonicwall is top of the line, and this device still receives regular updates. Therefore, I would consider it safe. Of course, nothing is really safe in this world, but currently, phishing is more worthwhile for online hackers (as phishing leads to bank accounts, and hence, real money).
You should be fine. Unless your business is something that really attracts hackers, opening to a single WAN ip address for one protocol is safe. It is not an easy thing to spoof an ip address and attack your site in the manner you are suggesting.


Thank you both for your prompt responses!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial