System safety and protection is often a concern and I thought I would post what has worked for the majority of sites that require more security and restrictions. Generally It is still recommend to not use the firewall but it is possible. Please note this post is for informational use and please make changes at your own discretion. As always with any changes take a backup so you can revert if you need to. If anyone finds any information they feel that needs to be modified or changed please let me know.



To add antivirus software you need to have the the following folders Excluded:
On HQ/ DVS Server
32-Bit Drive:\Program Files\Shoreline Communications
32-Bit Drive:\Shoreline Data\
64-Bit Drive:\Program Files (x86)\Shoreline Communications
64-Bit Drive::\Shoreline Data\

Contact Center/ECC Server
32-Bit Drive:\Program Files\ShoreTel
64-Bit Drive:\Program Files (x86)\ShoreT

End Users Connect Client
32-Bit Drive:\Program Files\Shoreline Communications
32-Bit Drive:\Documents and Settings\%User%\Application Data\Shoreware Client\
64-Bit Drive:\Program Files (x86)\Shoreline Communications
64-Bit Drive:\Program Files (x86)\Mitel
64-Bit Drive:\Program Files (x86)\Mitel Presenter
64-Bit Drive:\Users\%User%\AppData\Roaming\ShoreWare

End Users Contact Center Agent Toolbar
32-Bit Drive:\Documents and Settings\%User%\Application Data\ShoreTel Contact Center
32-Bit Drive:\Documents and Settings\%User%\Local Settings\Application Data\ShoreTel Contact Center
64-Bit Drive:\Users\%user%\AppData\Roaming\ShoreTel Contact Center
64-Bit Drive:\Users\%user%\AppData\Local\ShoreTel Contact Center




Windows Firewall Settings:
All equipment Must be Ping To Detect Correctly

TCP 1024-65535 ShoreTel TCP control
UDP 1024-65535 ShoreTel UDP SIP
TCP 111 ShoreTel RPC TCP
UDP 111 ShoreTel RPC UDP
(all other exceptions are built-in for IIS, RPC port 135, etc)

Network Firewalls:
Access to ShoreTel switch:/phone/Communicator including interoffice VPN:
UDP 1024-65535 ShoreTel UDP SIP

Access to ShoreTel server including interoffice VPN:
TCP 1024-65535 ShoreTel TCP control
UDP 1024-65535 ShoreTel UDP SIP
TCP 111 ONC-RPC TCP
UDP 111 ONC-RPC UDP
TCP 135 DCE-RPC TCP
UDP 135 DCE-RPC UDP
TCP 80 HTTP
TCP 443 HTTPS
TCP 21 FTP
TCP 20 FTP data


As stated above please use this information at your own discretion and let me know if you feel anything should be added or modified.