Re: Domain Controller Firewall

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "Cary Shultz" <cwshultz@xxxxxxxx>
• Date: Mon, 30 Jan 2006 01:35:34 -0500

---

Well, I am about three years behind in my reading! Just now starting with
WIN2003. Kinda hard to believe, but that is how it is....

--
Cary W. Shultz
Roanoke, VA 24012

"Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx> wrote in message
news:ef5v6UWJGHA.3352@xxxxxxxxxxxxxxxxxxxxxxx
>I certainly do not mind Cary. I believe multiple opinions are more
> beneficial to the OP than one.
>
>> In another thread (do not remember where it is....either in this one or
>> in
>> the Group Policy newsgroup) it has been suggested that running the
>> software Firewall on a Domain Controller is not needed and was
>> recommended
>> to not implement.
>
> Haven't read that myself, but I'm about 18 months behind on my reading, so
> it doesn't surprise me. Personally, I don't enable the firewall on any
> servers. I like the feature of SP1 that enables by default until we run
> Windows update and then disables. But after that, none of our client's
> servers have this enabled. Client PCs certainly. But the servers don't
> move around into and out of secure areas, and are well protected by the
> hordes of perimeter firewalls and other security devices in and around the
> VLANs in the data centres.
>
> --
> Paul Williams
> Microsoft MVP - Windows Server - Directory Services
> http://www.msresource.net | http://forums.msresource.net
>
>


.

---

• Follow-Ups:
  • Re: Domain Controller Firewall
    • From: Paul Williams [MVP]

• References:
  • Re: Domain Controller Firewall
    • From: Paul Williams [MVP]
  • Re: Domain Controller Firewall
    • From: Paul Williams [MVP]
  • Re: Domain Controller Firewall
    • From: Cary Shultz
  • Re: Domain Controller Firewall
    • From: Paul Williams [MVP]

• Prev by Date: Re: ForestPrep / Domain Prep Scenerio
• Next by Date: Re: Setting-up DNS for Active Directory Users without losing user data.
• Previous by thread: Re: Domain Controller Firewall
• Next by thread: Re: Domain Controller Firewall
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Domain Controller Firewall ... I don't enable the firewall on any ... I like the feature of SP1 that enables by default until we run ... Windows update and then disables. ... servers have this enabled. ... (microsoft.public.windows.server.active_directory) RE: Slow user logon on Terminal server after migration to Windows 2003 ... The Terminal Servers are 2000 or 2003. ... "Inside the firewall zone" means that the Citrix Servers have a firewall ... available RPC ports? ... (microsoft.public.windows.server.active_directory) Re: medical records, web server, & stateful firewall vs packet filter ... > image and SQL servers directly (the image server link in particular ... The image and SQL servers ... the 2 firewall layers should run different s/ware - the idea is that a major ... security always cost a lot more than you expect (this comes up whenever we ... (comp.dcom.sys.cisco) Re: I have been hacked (WAS: Have I been hacked or is nmap wrong?) ... > console based ftp client. ... the FTP servers have? ... > They are really mail servers, at least smtp for outgoing mails ... If you're firewall was dropping incoming packets destined to ... (freebsd-questions) RE: Secure Network Design (DMZ, LAN, etc) ... you'll see that their both on the same subnet. ... It has a port for the trusted network and a port ... Our firewall handles NAT. ... > servers, wouldn't it require a public IP and therefore be somewhat ... (Security-Basics)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2006-01