Microsoft Windows Firewall is enabled and configured when you build a deployment using the Windows Esri Amazon Machine Image (AMI). All ports that are necessary for ArcGIS Enterprise components to run are open to inbound connections.
See the following pages for information on the ports required by ArcGIS Enterprise components:
- Ports used by Portal for ArcGIS
- Ports used by ArcGIS Server
- Ports used by ArcGIS Data Store
- Ports used by ArcGIS GeoEvent Server
Outbound connections are allowed by default in the Windows Firewall on the Amazon Elastic Compute Cloud (EC2) instances you create from an Esri Windows AMI.
Windows Firewall and Amazon EC2 security groups
Amazon EC2 security groups provide protection against unsolicited incoming traffic. If you need additional security, you can configure the Windows Firewall on the Windows EC2 instances.
To completely open a port to inbound traffic, the port must be allowed by both the Amazon security group and Windows Firewall.