Surf Control v5.5 manual Firewall Port Configuration, Web Filter communication ports

Page 16

INSTALLATION DECISIONS

Firewall Port Configuration

2

FIREWALL PORT CONFIGURATION

Web Filter for ISA requires you to edit your system policy to allow Web Filter to communicate across certain network ports. Opening up these ports at the firewall will enable you to use all of the available Web Filter services. For instructions on setting up ISA policy rules for Web Filter services, go to the section on "Firewall Policy Rules" on page 65. The table below describes which ports need to be configured at the firewall for each Web Filter service you want to use:

Table 2-1 Web Filter communication ports

Web Filter Service

Port

Corporate Network Detection Service

51118

 

 

SMTP E-mail Notifications

25

 

 

EUM Login Agent

61695

 

 

EUM Login Agent for Netware

61696

 

 

Group enumeration in Active Directory (LDAPS)

636

 

 

Group enumeration in Active Directory and Netware (LDAP)

389

 

 

Live Updates

Allow outbound access to *.surfcontrol.com

 

 

Real-Time Monitor

5000

 

 

Remote Administration Client (UDP)

1024 - 65535

 

 

SurfControl Report Central

Allow inbound access to 8888 and/or 8443

 

 

SQL Server (Remote installations only)

Allow inbound and outbound access to 1433 -1434

 

 

User Name Resolution (NetBIOS)

139

 

 

Workstation name resolution

53

 

 

Workstation name resolution (WINS)

42

 

 

 

 

SurfControl Web Filter for ISA v5.5

Starter Guide 11

Image 16
Contents SurfControl Web Filter Trademarks SurfControl Web Filter Table of Contents Appendix Chapter ISA Server Microsoft ISA Server EditionHOW WEB Filter and ISA Server Interact System Requirements Hardware RequirementsGeneral System Requirements SQL Server Licensing System Requirements Installation Decisions User Name Resolution IntroductionNetwork Considerations Database OptionsDeployment Recommendations Network ConsiderationsDMZ Recommendations Network Considerations Firewall Port Configuration Web Filter communication portsISA Server ISA Server AuthenticationISA Server 2004/2006 User Name Resolution EUMMethods of Installing EUM EUM Agent on Domain ControllersEUM on Windows 2000 and 2003 domain controllers EUM on Windows NT domain controllersBefore installation Ignoring Users in NetWare EUM NetwareeumLogging Levels EUM Login Agent Installing the Login Agent on NT DomainsInstalling the Login Agent on Windows 2000 Login Agent LocationEumLogin.ini file Below is a copy of the supplied .ini fileHow to configure the file EumLogin.ini file sectionsConfiguring a logon and logoff script Add an Exception to the Windows FirewallDatabase Platforms Database ConsiderationsSQL Server Express SQL Server SQL Server minimum requirements on Web Filter serverDatabase Authentication Reasons to Install SQL Server on a Dedicated ServerWindows Authentication SQL AuthenticationOther Considerations Internet Threat DatabaseCategorization Options Internet Threat Database Improvement ProgramRemote Administration Client Mail NotificationsRemote Administration Client minimum requirements Privacy Edition ConsiderationsInstalling Web Filter Installation Process NetWare client on to the Web Filter serverInstalling SQL Server Express Optional Installing Surfcontrol WEB Filter Select I accept the terms of the license agreementInstalling SurfControl Web Filter Select SurfControl Web Filter Installing SurfControl Web Filter Installing SurfControl Web Filter Changes to the Server Configuring WEB Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Configuring Web Filter Automatic Database Management screen is displayed Internet Threat Database Update screen is displayedThreat Database Configuring Web Filter Click Add to list Enterprise User Monitoring recommended NetBIOS Configuring Web Filter Configuring Web Filter Installing Service Pack Installing Service Pack Installing Service Pack Further Configuration Post Installation Tasks ALL InstallationsFirewall Policy Rules for ISA Server 2004 Network DependentInstalling the EUM Agent on Your Domain Controllers User Name Resolution Making changes to the EUM Agent configuration Select Domain Controllers screen is displayedUser Name Resolution Installing the EUM Login Agent on Your Network Installing NetwareeumAutomatically loading the NetWare EUM Unloading the NetWare EUMAdd Web Filter Servers to NetWare EUM Ignored users in NetWare EUMInstall Surfcontrol Report Central Installing the Remote Administration Client Select I accept the terms of the license agreement Select Remote Administration Installing the Remote Administration Client Remote Administration Client and Windows Vista InstallShield Wizard Complete screen is displayedAllow Internet Threat Database Updates Configure IE and the VCAFirewall Policy Rules Allow VCA Spider FunctionalityAllow the Remote Administration Client Access Configure a Firewall Policy Rule for the VCAFrom Access Rule Destinations, click Add From the Primary Connection Information screen, click NewSRC Allow Remote Access to Surfcontrol Report CentralEnter 8888 in the Port Range From field Click Apply in the Firewall Policy window Appendix Contact Technical Support Location Contact information Sales and Feedback