Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

Firewall Software on SPPS? (black ice, etc)

  Asked By: Jyoti    Date: Dec 26    Category: Sharepoint    Views: 1629

Most of our servers have ISS / Black Ice firewall agent software loaded on
them to further protect from malicious intent and attacks. I haven't tried
running this on a SPPS server yet, but I'm rebuilding my server (trying Win
SP3 and SPPS SP2) and wanted to have Black ICE on it.

It has settings for Exchange and IIS server and I'm wondering if there's any
specific ports I need to open other than what Exchange and IIS need.




6 Answers Found

Answer #1    Answered By: Aishwarya Dixit     Answered On: Dec 26

I don't know how the Black Ice will do with SPS, but there are no
additional ports  to open  on your firewall. Pretty much everything is
over port 80.

Answer #2    Answered By: Indrajeet Patil     Answered On: Dec 26

Are web folders over port 80 as well?

Answer #3    Answered By: Alton Vance     Answered On: Dec 26

Yes, but it used WebDav which uses extend "verbs" that the black  ice might
block. Sharepoint is a VERY sensitive product and I will not recommend
installing anything that might cause you a lot of nightmare down the road.

Answer #4    Answered By: Sydney Lewis     Answered On: Dec 26

My experience is, that you shouldn't set black  ice to some other setting
than "trusting", when using standard settings. I'd be happy to find
somewhere the specification of most restrictive black ice  settings
possible (that won't stop sps from working)...

Answer #5    Answered By: Jayme Raymond     Answered On: Dec 26

If sharepoint indeed only needs port 80 (and 137/138/139 for content source
indexing potentially), then I should be able to set it to paranoid and add a
rule that allows inbound port 80.

If I explicitly allow inbound port 80 from intranet addresses, then it won't
care about the verbs or anything else. It should still scan for known
malicious things like nimda, codered, etc.

Since I'm building it slowly, I'll test a couple of settings  and report back
to everyone what worked.

Answer #6    Answered By: Devika Bellad     Answered On: Dec 26

Reporting back.

I ran Black ice  on my test server  allowing port 80, 3389 (term
services), 161 (for snmp) and ran some stress testing on it. No
problems to report; worked like a charm.

Didn't find what you were looking for? Find more on Firewall Software on SPPS? (black ice, etc) Or get search suggestion and latest updates.