COM+ Network Access and Application Server
Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012
The Application Server role installation process provides an option for enabling COM+ Network Access. When COM+ Network Access is enabled, a firewall exception rule is created that opens port 135. The following sections describe situations in which you should enable COM+ Network Access. They also describe situations in which you should not enable COM+ Network Access.
Enabling COM+ Network Access
You should enable COM+ Network Access when one or more of the COM+ applications on the server are called from clients or applications that reside on different computers.
If your product collects COM+ performance data by remotely calling an object that tracks performance, you must enable COM+ Network Access.
Note
Enabling COM+ Network Access in Application Server does not automatically make COM+ applications remotely accessible. To ensure that a remote COM+ application is accessible, you must configure the application to use a static TCP endpoint.
Disabling COM+ Network Access
- You should not enable COM+ Network Access if all the applications that are hosted in COM+ on the local computer are called only from other applications on the local computer, such as an ASP.NET page or a workflow. In this case, COM+ Network Access is not necessary, and leaving COM+ Network Access disabled helps reduce the attack surface area.
Additional references
For more information about COM+ Network Access, see What's New in COM+ 1.5 (https://go.microsoft.com/fwlink/?LinkId=81264).
For information about configuring a COM+ application to use a static TCP endpoint, see Cannot set a fixed endpoint for a COM+ application (https://go.microsoft.com/fwlink/?LinkId=93633).
For information about COM+, see COM+ (Component Services) (https://go.microsoft.com/fwlink/?LinkId=93848).
For information about security and Web applications, see Securing Your Application Server (https://go.microsoft.com/fwlink/?LinkId=94263).