• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Library Database Ports

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> Installation >> Library Database Ports Page: [1]
Login
Message << Older Topic   Newer Topic >>
Library Database Ports - 12.Mar.2003 2:03:00 PM   
kiheiman

 

Posts: 11
Joined: 20.Jan.2003
From: Chandler, AZ
Status: offline 		I have a LAN behind ISA server. Within the LAN are library workstations. These workstations run a program called Bookwhere that allow them to query bookwhere databases at various libraries across the country. Each library selects a port to use for the queries. Unfortunately, a single standard port is not used. Typical ports are 210, 2100, 2200, 2010, 7090, 230, 2101, 5666, 2301, 2201, 31310, 3000, 2210, 5500, 21021.

Would it be better to create "allow" packet filters for each of the needed ports or to open up all ports with a single packet filter and then block ports that I do not want used such as 21, 79, 113, 143, 139, etc.

I am concerned that if I have too many filters, then the performance of the system will suffer.

I have the book "Configuring ISA Server 2000", but I could not find any specific info about performance hits by having to many filtering rules.
Post #: 1
RE: Library Database Ports - 14.Mar.2003 9:03:00 AM   
sysadmin

 

Posts: 89
Joined: 21.Oct.2002
From: India
Status: offline 		Hi!
What u say is for the local machines which try to initiate a connection.
What about the remote machines? Do they listen on specific ports? I mean the bookwhere application must be listening on some specific ports.

If this is the case, then u can open outbound connections for the remote specific ports only.

thanx
Sysadmin

(in reply to kiheiman)
Post #: 2
RE: Library Database Ports - 15.Mar.2003 2:50:00 AM   
kiheiman

 

Posts: 11
Joined: 20.Jan.2003
From: Chandler, AZ
Status: offline 		Yes - each remote library picks a specific port to use. There is a master database where one can go to get a port list of all libraries.

Do I need to build an outgoing packet filter for each port that I need to use or would it be better to just open all ports and then restrict the ones that I do not want used?

(in reply to kiheiman)
Post #: 3
RE: Library Database Ports - 15.Mar.2003 7:15:00 PM   
spouseele

 

Posts: 12826
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi kiheiman,

when the different Library systems use a different socket ( TCP port number), you have to create first for each used socket a specific protocol definition (TCP port XYZ outbound). Then you can allow those protocols in a protocol rule for the intended users.

HTH,
Stefaan

(in reply to kiheiman)
Post #: 4
RE: Library Database Ports - 17.Mar.2003 10:56:00 AM   
sysadmin

 

Posts: 89
Joined: 21.Oct.2002
From: India
Status: offline 		Yes! I agree with Stephan,
It is always better to open only the desired ports and keep the rest closed, rather than going the other way of opening first all the ports and then closing the ones not required.

thanks
sysadmin

(in reply to kiheiman)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> Installation >> Library Database Ports Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts