Network Services; Configuring Tcp/Ip; Configuring The Windows Firewall; Table 4 Required Port Exceptions - Cisco TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0 Configuration Manual
Hardening windows server 2003 for cisco tms 13.0
Hide thumbs
Also See for TELEPRESENCE MANAGEMENT SUITE SECURE SERVER - CONFIGURATION GUIDE 13.0:
- Troubleshooting manual (16 pages)
Table of Contents
Advertisement
Uninterruptible Power Supply
Volume Shadow Copy
Network services
In general any services not required by Cisco TMS should not be running on the Cisco TMS server in
order to reduce the attack surface of the server. This is particularly important for network services.
1.
Go to Windows Start > Control Panel > Network Connections. Ensure that only the 'Local
Area Connection' is available.
2.
Select this connection.
3.
Under the General tab, click the Properties button.
4.
Make sure Internet Protocol (TCP/IP) is enabled.
5.
Client for Microsoft Networks should be enabled if you wish to allow domain administrators to
log into the server.
6.
File and Printer Sharing for Microsoft Networks is not recommended, but may be required if
you want to create shares to transfer files over the network (like Software packages or Cisco
TMS Upgrades) to the Cisco TMS server.
7.
Make sure any other services are unchecked and disabled.
Configuring TCP/IP
To further secure the server the Internet Protocol (TCP/IP) protocol settings must be configured
correctly.
1.
Go to Windows Start > Control Panel > Network Connections > Local Area Connection.
2.
Under the General tab, click the Properties button.
3.
Click Internet Protocol (TCP/IP).
4.
Click the Advanced button.
5.
Select the WINS tab, disable any WINS servers that have been defined and uninstall WINS
itself.
6.
Click the Disable NetBIOS over TCP/IP radio button.
Configuring the Windows Firewall
Windows Server 2003 with SP1 comes with Windows Firewall, which should be used to block
unsolicited incoming TCP/IP traffic. The firewall will be enabled by default if Windows was installed
from SP1 media or newer.
To make sure it is enabled:
1.
Go to Windows Start > Control Panel > Windows Firewall.
2.
Select the On radio button.
To configure what incoming traffic to allow,
1.
Click the Exceptions tab.
2.
For each port to allow, click Add Port.
3.
Select the proper protocol.
4.
Specify the port number.
5.
Enter a description.
Table 4 lists the port exceptions required for the Cisco TMS server.
Table 4 Required port exceptions
Port
Protocol
80
TCP
161
UDP
Cisco TMS Secure Server Configuration Guide 13.0
Service
HTTP
SNMP
Securing Windows Server 2003 tasks
Page 17 of 34
Advertisement
Table of Contents
