I am looking for firewall rules that I can import into my ruleset that will allow all the Active Directory communication between (servers and servers) and (servers and workstations).
We are busy migrating from a NT4 enviroment to AD and we still need the netbios over TCPIP and WINS traffic to be allowed as well.
HIPS 7 patch 6
HIP 7 extension 7.0.4 should include a firewall rules template for "Typical Corporate Environment".
This will include a rules group for Windows AD Authentication. You could use this as a baseline and run the firewall in adaptive mode on a couple of DCs to learn additional rules if needed. A best practice is to have a consise firewall rule set, relying on the state table to handle return traffic for outgoing connections.
Also, Microsoft has several good articles:
How to configure a firewall for domains and trusts
Active Directory in Networks Segmented by Firewalls
Active Directory Replication over Firewalls
Configuring an Intranet Firewall
Message was edited by: bgable on 3/24/10 6:47:20 AM PDTMessage was edited by: bgable on 3/24/10 6:54:39 AM PDT