The Application Server role installation process provides an option for enabling COM+ Network Access. When COM+ Network Access is enabled, a firewall exception rule is created that opens port 135. The following sections describe situations in which you should enable COM+ Network Access. They also describe situations in which you should not enable COM+ Network Access.
Enabling COM+ Network Access
- You should enable COM+ Network Access when
one or more of the COM+ applications on the server are called from
clients or applications that reside on different computers.
- If your product collects COM+ performance
data by remotely calling an object that tracks performance, you
must enable COM+ Network Access.
Note | |
Enabling COM+ Network Access in Application Server does not automatically make COM+ applications remotely accessible. To ensure that a remote COM+ application is accessible, you must configure the application to use a static TCP endpoint. |
Disabling COM+ Network Access
- You should not enable COM+ Network Access if
all the applications that are hosted in COM+ on the local computer
are called only from other applications on the local computer, such
as an ASP.NET page or a workflow. In this case, COM+ Network Access
is not necessary, and leaving COM+ Network Access disabled helps
reduce the attack surface area.
Additional references
- Installing and
Configuring Application Server
- For more information about COM+ Network
Access, see What's New in COM+ 1.5 (http://go.microsoft.com/fwlink/?LinkId=81264).
- For information about configuring a COM+
application to use a static TCP endpoint, see Cannot set a fixed
endpoint for a COM+ application (http://go.microsoft.com/fwlink/?LinkId=93633).
- For information about COM+, see COM+
(Component Services) (http://go.microsoft.com/fwlink/?LinkId=93848).
- For information about security and Web
applications, see Securing Your Application Server (http://go.microsoft.com/fwlink/?LinkId=94263).