Is the firewall on Windows Server 2008 R2 sufficient?

security firewall windows-server-2008-r2 windows-firewall

I'm planning a few servers to be run on Rackspace cloud. Aside from using load balancers to control the flow of web traffic, how good is the Windows Firewall? I'm thinking in terms of throughput as well as security.


Solution 1:

The Windows firewall is just fine for most applications. As with running any server, start out with a default deny policy and open up only the ports that you need.

Perhaps the more important question is whether or not your application software is secure...

Solution 2:

The Windows Firewall is lean, mean, and does its job well. I doubt it would affect your throughput, and I'd trust it over any 3rd party software firewalls. ErikA is right in that you start with a default deny policy (preferably including outbound traffic also) to minimize your attack surface.

However, the benefits of a hardware firewall should be understood, since relying only on a software firewall isn't a best-case scenario. Even if you can't use one, it will help you understand the pros and cons of each ("Why should I bother having two firewalls???")

Related

How to configure CentOS Iptables without getting locked out
iptables input, output, forward
Why does Sql server write 100's of files to System Volume Information (all with the same name)
Temporary FTP accounts?
Regex for sed to grab multiple lines or a better way?
Order of installation of Active Directory and DNS on Windows Server 2008 R2
How can I make Status Information for Nagios services easier to read?
Remote access to Windows Server 2008
NRPE and the $USER1$ variable
Basic SSH port change not working on EC2 instance
Can I use an SSD as Cache to a NAS?
In Linux, how can I create thin-provisioned file so it can be mounted and a filesystem created on it?