To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Firewall rules for Microsoft Lync?

Dean_Youngblood
Dean_Youngblood Posts: 7 Security Scout
in Business Suite

Hi all.

My knowledge about F-secure Client Security Premium and Policy Manager server is not that great, but I'm learning. I have one question about firewall and Lync.

 

The internal F-secure firewall stops Microsoft Lync (message "No available media ports"). Lync needs 20-40 open high ports (range 1024-65535). What is the easiest way to add Lync to the firewall based on the above? As far as I understand adding Lync to "application control" is not enough. General firewall rules will still be enabled (in this case "Deny rest"). 

 

kindly, Dean

Comments

  • Dean_Youngblood
    Dean_Youngblood Posts: 7 Security Scout

    Just curious if this question is lacking an answer because you think is to basic? Please let me know how to implement this if you know. I will hit the "kudo"-button as hard as I can if I get an answer Smiley Wink

     

    Thanks,

    Dean Y

  • Vad
    Vad Posts: 1,069 Cybercrime Crusader

    Hello Dean,

     

    To create a firewall rule for Lync:

    1. In Policy Manager Console, Anti-Virus mode, select Firewall rules.

    2. Select the security level you want to edit.

    3. In the table select the place where you want to add a new rule, and press "Add after" or "Add before"

    4. Select Allow rule

    5. On "Remote host" page select "Specified remote hosts" and specify IP address(es) or DNS name(s) of your Lync server(s).

    6. On "Services" page select "All traffic" and "<=>" direction.

     

    Best regards,

    Vad

     

  • Dean_Youngblood
    Dean_Youngblood Posts: 7 Security Scout

    Hi Vlad. 

     

    The problem is that Lync is P2P so no server involvment after the "call" is initiated. The clients therefore does not know to which other client to allow connection inbound. Different every time (more ore less). The (very bad) work around is to allow 1024-65535 inbound on every(!) client for any host(!) on the local network (in this case 172.16.0.0/12). That will at least stop anything coming from outside the network but render the client firewall useless if the attacker (or should I say when?) is present locally on the network. 

     

    I guess I can't be the only one using Lync and F-secure togheter? Any more input. 

    Thank you!

    /Dean Y

  • Dean_Youngblood
    Dean_Youngblood Posts: 7 Security Scout
    Yes, that should work. Very good. Thank you!
This discussion has been closed.

Categories