The Application Server role installation process provides an option for enabling COM+ Network Access. When COM+ Network Access is enabled, a firewall exception rule is created that opens port 135. The following sections describe situations in which you should enable COM+ Network Access. They also describe situations in which you should not enable COM+ Network Access.

Enabling COM+ Network Access

  • You should enable COM+ Network Access when one or more of the COM+ applications on the server are called from clients or applications that reside on different computers.

  • If your product collects COM+ performance data by remotely calling an object that tracks performance, you must enable COM+ Network Access.


Enabling COM+ Network Access in Application Server does not automatically make COM+ applications remotely accessible. To ensure that a remote COM+ application is accessible, you must configure the application to use a static TCP endpoint.

Disabling COM+ Network Access

  • You should not enable COM+ Network Access if all the applications that are hosted in COM+ on the local computer are called only from other applications on the local computer, such as an ASP.NET page or a workflow. In this case, COM+ Network Access is not necessary, and leaving COM+ Network Access disabled helps reduce the attack surface area.

Additional references