|
Home > Archive > IIS Server Security > January 2006 > Firewall on Windows box
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Firewall on Windows box
|
|
| David Thielen 2006-01-02, 5:58 pm |
| Hi;
This is sort of off-topic. We are going to put our web server at a col-lo
facility so it will be outside our firewall.
Is there a way using the windows firewall to give as good a protection as a
hardware firewall for our web server? We need to set it so that it only
allows http, https, & dns in from anywhere and remote desktop, ftp, and Sql
Server access only from a limited IP range (our network).
Can this be done or do I need to put a firewall at the co-lo facility too?
--
thanks - dave
| |
| MikeV06 2006-01-02, 5:58 pm |
| On Mon, 2 Jan 2006 09:16:02 -0800, David Thielen wrote:
> Hi;
>
> This is sort of off-topic. We are going to put our web server at a col-lo
> facility so it will be outside our firewall.
>
> Is there a way using the windows firewall to give as good a protection as a
> hardware firewall for our web server? We need to set it so that it only
> allows http, https, & dns in from anywhere and remote desktop, ftp, and Sql
> Server access only from a limited IP range (our network).
>
It is not great, but it can be used to do what you ask using the
exceptions. Security policies can be set as well - along with directory
security in the server profiles.
> Can this be done or do I need to put a firewall at the co-lo facility too?
I always like a hardwire firewall since it takes the banging on the closed
ports rather than the server. But, what you want can be done.
| |
| David Thielen 2006-01-02, 5:58 pm |
| Hi;
Should I set this in the network TCP/IP properties and/or the firewall?
--
thanks - dave
"MikeV06" wrote:
> On Mon, 2 Jan 2006 09:16:02 -0800, David Thielen wrote:
>
>
> It is not great, but it can be used to do what you ask using the
> exceptions. Security policies can be set as well - along with directory
> security in the server profiles.
>
>
> I always like a hardwire firewall since it takes the banging on the closed
> ports rather than the server. But, what you want can be done.
>
| |
| WenJun Zhang[msft] 2006-01-03, 7:50 am |
| Hi Dave,
You can refer to:
Help: Configure Exceptions and Notifications
http://www.microsoft.com/technet/pr...3/library/Serve
rHelp/8b5e3b52-b77b-4d98-a058-b8083f393583.mspx
Best regards,
WenJun Zhang
Microsoft Online Partner Support
This posting is provided "AS IS" with no warranties, and confers no rights.
| |
| David Wang [Msft] 2006-01-03, 8:58 pm |
| NETSH.EXE Firewall set PortOpening /? is your friend.
microsoft.public.windows.networking.firewall is a newsgroup dedicated to
your questions.
--
//David
IIS
http://blogs.msdn.com/David.Wang
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"David Thielen" <thielen@nospam.nospam> wrote in message
news:EA61B162-1C62-4DC4-AE99-F26153064F45@microsoft.com...[vbcol=seagreen]
> Hi;
>
> Should I set this in the network TCP/IP properties and/or the firewall?
>
> --
> thanks - dave
>
>
> "MikeV06" wrote:
>
|
|
|
|
|