+ Post New Thread
Results 1 to 9 of 9
Windows Server 2008 R2 Thread, Keep firewall enabled? in Technical; Adding my first 2008 R2 DC to my domain my 2003 DC's don't have the microsoft firewall enabled should I ...
  1. #1

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,613
    Thank Post
    746
    Thanked 1,706 Times in 1,519 Posts
    Rep Power
    437

    Keep firewall enabled?

    Adding my first 2008 R2 DC to my domain my 2003 DC's don't have the microsoft firewall enabled should I leave it enabled on the 2008 R2 DC or not?

    Clients all have firewall enabled.

    Ben

  2. #2

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,268
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    Yes I would, just because it is inside the network does not make it safe and the firewall will add an extra little bit of protection. Server2k8 is quite good at opening up ports that it needs for its own services and many other thrid party server applications are now firewall aware and will open up their required ports on install. There is the occational program that needs an exception added manually but this is a small hassle compared to reinstalling the whole thing if it gets comped by a worm loose inside the network.

  3. #3

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,074
    Thank Post
    160
    Thanked 937 Times in 731 Posts
    Blog Entries
    3
    Rep Power
    275
    I have the firewall enabled on all our 2k8 Servers, Extra bit of protection especially these days with the amount of viruses people seem to aquire... just to be on the safe side.

    As Synack Said, Server 2k8 is pretty good at opening the ports it requires.

    James

  4. #4
    IanT's Avatar
    Join Date
    Aug 2008
    Location
    @ the back of my server racks farting.....
    Posts
    1,893
    Thank Post
    2
    Thanked 118 Times in 109 Posts
    Rep Power
    60
    Windows firewall, waste of time, I always turn them off, cause too many problems

  5. #5

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,074
    Thank Post
    160
    Thanked 937 Times in 731 Posts
    Blog Entries
    3
    Rep Power
    275
    Quote Originally Posted by IanT View Post
    Windows firewall, waste of time, I always turn them off, cause too many problems
    likewise, did that before.. but seriously they don't seem to upset things in 2k8

  6. #6
    joe90bass's Avatar
    Join Date
    Oct 2007
    Location
    S Wales
    Posts
    1,355
    Thank Post
    329
    Thanked 107 Times in 96 Posts
    Rep Power
    51
    Have it enabled on my 2008 and 2008R2 boxes. Never did on 2003, but having had a worm, and seen how many viruses get picked up by Sophos on kids and staff USB drives I now prefer to have that little extra protection just in case another Worm gets in....

    Did have one issue where the Ports needed for Netlogon replication didn't get opened on our 2008R2 DC box (2008 DC was okay though). Didn't spot it for a while, when I did though it explained a few things....

    Oh, and another issue I had was that when I used GPOs to control the server firewalls it went a bit wrong and I had total lockdown. A bit of googling turned up similar problems, and the general consensus was to manually allow things on each server rather than via GPO, worked fine ever since. Can't remember what these extra ports were now, as mentioned above most Apps tend to open the ports themselves on install, and Windows does if adding roles/features.

  7. #7

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,309
    Thank Post
    901
    Thanked 1,797 Times in 1,548 Posts
    Blog Entries
    12
    Rep Power
    466
    We keep them enabled. If you have it enabled it slows the confikr worm right down.

    As others have said its much better regarding ports than previous versions

  8. #8
    rh91uk's Avatar
    Join Date
    Sep 2008
    Location
    UK
    Posts
    877
    Thank Post
    137
    Thanked 132 Times in 114 Posts
    Rep Power
    36
    Agree with all the above, keep it on. Especially with Conficker about ..... our biggest mistake here was turning it off and we got infected with it!

  9. #9
    t_h
    t_h is offline
    t_h's Avatar
    Join Date
    Aug 2009
    Location
    Manchester
    Posts
    131
    Thank Post
    7
    Thanked 20 Times in 18 Posts
    Rep Power
    15
    Never had a problem with Windows Firewall, client or server. It tends to be the third party firewalls that are a bit overzealous. Definitely enabled.



SHARE:
+ Post New Thread

Similar Threads

  1. List of enabled VPN Users....
    By IanT in forum Windows
    Replies: 1
    Last Post: 18th August 2009, 03:39 PM
  2. Access IP enabled boilers from outside with IIS?
    By TheFopp in forum Windows Server 2000/2003
    Replies: 6
    Last Post: 30th January 2009, 07:25 PM
  3. Cookies must be enabled? Bah they are.....
    By Scotmk in forum Web Development
    Replies: 6
    Last Post: 19th October 2007, 03:49 PM
  4. Do I need any of these protocols enabled on my printers?
    By sidewinder in forum Wireless Networks
    Replies: 4
    Last Post: 17th October 2007, 12:05 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •