Enterprise Vault™ Configuring a Windows Server's Firewall for File System Archiving
Firewall access required for archiving without the FSA Agent
You can configure a Windows file server target without installing the FSA Agent, if you do not require placeholder shortcuts, or FSA Reporting.
Table: Windows server firewall ports required for archiving without the FSA Agent lists the access that FSA requires through a Windows server's firewall, for archiving without the FSA Agent.
The table lists the inbound port requirements, and the associated programs and services. From Windows Server 2008 onwards, you can use Windows Firewall rules to open selected ports for specified programs and their services, for enhanced security.
Table: Windows server firewall ports required for archiving without the FSA Agent
Inbound port | Protocol | Program | Service | Required for | Notes |
|---|---|---|---|---|---|
445 | TCP | System | (none) | CIFS share (SMB file sharing) | On Windows Server 2003 this port is included in the supplied Windows Firewall exception File and Printer Sharing. On Windows Server 2008 R2 this configuration is provided for example by the supplied inbound rule File and Printer Sharing (SMB-In). |
135 | TCP | svchost.exe | RpcSs | RPC (DCOM) Endpoint Mapper | On Windows Server 2008 R2 this configuration is provided for example by the supplied inbound rule Com+ Network Access (DCOM-In). |
RPC Dynamic Ports (Randomly allocated high TCP port) | TCP | svchost.exe | Winmgmt | RPC (DCOM) connection ports for Windows Management Instrumentation (WMI) | On Windows Server 2008 R2 this configuration is provided for example by the supplied inbound rule DFS Management (WMI-In). |