Hello, I deploy endpoint security over a 25 PCs lan connected to a single Win2008R2 domain controller used as a RAC, RAS, dns, print and files server in a small school. Pricing is the main problem and they don't want to use EFSW on the server. I don't find examples (or very confused ones) of the firewall rules needed for a good configuration of the server if I install endpoint protection security on this DC. Are there any examples of xml files containing predefined firewall rules (or a profile) for all the standard functions of active directory and others roles and services ? The actual firewall is configured "automatic with exceptions" (default rules have been included but I disabled all the inbound rules) user rules for ports 53,88,123,135,389,445,464,636 and ERAS have been added but the server is still slow to respond and I need fine tuning instructions. If Eset firewall does not fit for a DC, I can disable it and use windows 2008 firewall instead on the server. I'd be glad to hear solutions from this forum. Thanks.