Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

EV & Discovery Firewall rules (Windows 2008 R2)

Created: 17 Oct 2012 • Updated: 15 Nov 2012 | 1 comment
DMP's picture
This issue has been solved. See solution.

I have two new EV servers that I will migrating to "64bit", EV01 that has all all the standard tasks of an EV server for Microsoft Exchange needs and another EV02 that only has  the Journaling task with eDiscovery.

My issue is... there is no single document on what is required as to what needs to be done so it all works together within a Windows 2008 R2 environment with the Firewall ON. I'm told every environement is potentially different. Well I'm sure it is but there must be some basic steps to get Enterprise Vault to work base on a standard Windows 2008 R2 with the Firewall turn ON I dont think its that magical but what Enterprise Vault & eDiscovery need seem to be. I keep on discovering what is needed as I come accross each of the issue. To date here is a high level of what I have done.

1-Enable from the Component Services the "COM+ network access (DCOM-In)" and then addport range
 Right-click My Computer and select Properties.
 Click the Default Protocols tab.
 Select Connection-oriented TCP/IP, and click Properties.
 Use the Add button to add the required port range, for example, "49153-49453"

2-Run the following command from CMD windows with Administrator previlages (BOTH SERVERS)
netsh advfirewall firewall add rule name = RPC-eVault dir = in protocol = tcp action = allow localport = 135 remoteip = localsubnet profile = DOMAIN
netsh advfirewall firewall add rule name = RPC-eVault dir = in protocol = udp action = allow localport = 135 remoteip = localsubnet profile = DOMAIN

For both rule set the specific port range as in step #1 (49153-49453) as per the one done in step # 1

3-Allowing Enterprise Vault to communicate with Discovery Accelerator through the firewall in Windows Server 2008 R2 (EV02 ONLY)

  1. Click the Windows Start menu, and then click Control Panel.
  2. Click System and Security, and then click Windows Firewall.
  3. Click Allow a program or feature through Windows Firewall.
  4. Click Change settings, and then click Allow another program.
  5. Click Browse, and then browse to the Discovery Accelerator program folder (typically, C:\Program Files (x86)\Enterprise Vault Business      Accelerator).
  6. Click AcceleratorService.exe, and then click Open.
  7. Click Add, and then click OK.

4- Additionalallowed program
   Follow steps describe in # 3
   from the EV01 server (That has all the archiving tasks)
 C:\Program Files (x86)\Enterprise Vault\DirectoryService.exe

   from the EV02 server (Where the journaling task is and eDiscovery)
 C:\Program Files (x86)\Enterprise Vault Business Accelerator\AnalyticsServerApp.exe
 C:\Program Files (x86)\Enterprise Vault Business Accelerator\AcceleratorManager.exe

   * the programs were added following reviewing windows logs for the Firewall under
 Application and Services Logs -> Microsoft -> Windows -> Windows Firewall with Advanced Security -> Firewall

I will keep on testing my configuration but if someone has any experience with this it would be very much appriciate if you could help me

Comments 1 CommentJump to latest comment

AndrewB's picture

i've always just used the technotes about required ports for EV. did those not have what you're looking for?

Destination ports required by Enterprise Vault

Article:TECH62337  |  Created: 2008-01-06  |  Updated: 2011-09-15  | 

Article URL

Enterprise Vault is now supported within environments restricting RPC/DCOM network traffic. This document describes how to configure Enterprise Vault for restricted DCOM access.

Article:TECH69642  |  Created: 2009-01-14  |  Updated: 2010-01-17  |  Article URL

Andy Becker | Authorized Symantec Consultant | Trace3 | Symantec National Partner |