I have Win Server 2008 R2 with AD, DNS, DHCP and Fileserver roles installed. I have enabled windows firewall. Server is loceted in internal secure network. What extra security rules should I add to the firewall? Any suggestions?
Asked
Active
Viewed 170 times
1 Answers
3
I don't add any. The defaults are pretty sane. It's restrictive by default and only opens up ports for the roles you add.
James
- 819
- 4
- 10
-
+1. Windows Firewall is based on a "whitelist" mentality, which means anything not specifically allowed is denied by default. If you come across a program that won't work, then you just need to open the firewall for that port. – Hyppy May 11 '11 at 22:24
-
There is only one exception I've found - on a multi-site network, the domain controllers seem to reject requests from other subnets, and only respond to sites in their own subnet. This is easy fixed though. – Mark Henderson May 11 '11 at 22:41