Welcome: Guest!

Sharepoint Forum

 
Home » Forum » Sharepoint       Ask a questionRSS Feeds

Firewall Software on SPPS? (black ice, etc)

  Asked By: Jyoti Devalekar         Date: Dec 26, 2009      Category: Sharepoint      Views: 303
 

Most of our servers have ISS / Black Ice firewall agent software loaded on
them to further protect from malicious intent and attacks. I haven't tried
running this on a SPPS server yet, but I'm rebuilding my server (trying Win
SP3 and SPPS SP2) and wanted to have Black ICE on it.

It has settings for Exchange and IIS server and I'm wondering if there's any
specific ports I need to open other than what Exchange and IIS need.

Comments?

Tagged:              

 

6 Answers Found

 
Answer #1       Answered By: Aishwarya Dixit          Answered On: Dec 26, 2009       

I don't know how the Black Ice will do with SPS, but there are no
additional ports  to open  on your firewall. Pretty much everything is
over port 80.

 
Answer #2       Answered By: Indrajeet Patil          Answered On: Dec 26, 2009       

Are web folders over port 80 as well?

 
Answer #3       Answered By: Alton Vance          Answered On: Dec 26, 2009       

Yes, but it used WebDav which uses extend "verbs" that the black  ice might
block. Sharepoint is a VERY sensitive product and I will not recommend
installing anything that might cause you a lot of nightmare down the road.

 
Answer #4       Answered By: Sydney Lewis          Answered On: Dec 26, 2009       

My experience is, that you shouldn't set black  ice to some other setting
than "trusting", when using standard settings. I'd be happy to find
somewhere the specification of most restrictive black ice  settings
possible (that won't stop sps from working)...

 
Answer #5       Answered By: Jayme Raymond          Answered On: Dec 26, 2009       

If sharepoint indeed only needs port 80 (and 137/138/139 for content source
indexing potentially), then I should be able to set it to paranoid and add a
rule that allows inbound port 80.

If I explicitly allow inbound port 80 from intranet addresses, then it won't
care about the verbs or anything else. It should still scan for known
malicious things like nimda, codered, etc.

Since I'm building it slowly, I'll test a couple of settings  and report back
to everyone what worked.

 
Answer #6       Answered By: Devika Bellad          Answered On: Dec 26, 2009       

Reporting back.

I ran Black ice  on my test server  allowing port 80, 3389 (term
services), 161 (for snmp) and ran some stress testing on it. No
problems to report; worked like a charm.

 
Didn't find what you were looking for? Find more on Firewall Software on SPPS? (black ice, etc) Or get search suggestion and latest updates.


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011