Need help to configure CIS on Windows Server 2008 R2

Ok, thank you for checking this post, and here is my problem:

I used to install CIS with firewall standalone, but I changed my mind recently since it is just too hard to find a free antivirus for server products. So I reinstalled CIS, with both antivirus and firewall included, and now I am having a huge problem.

No matter what I do, as long as the firewall is turned “on”, all my server-type application vanished from the active connections list(such as apache’s httpd.exe), I’ve put them all in the “trusted application” section, just like what I did before when I was using firewall standalone. But it is just not working at all, I’ve tried every possible solution I could think of, like putting my network area into a fully trusted state, put all the essential processes into trusted application (ex. svchost.exe), it just won’t make any difference!

So then … A really funny situation right now. If I choose to install both the antivirus and the firewall, actually only the antivirus and the sandbox thing is working properly. And if I choose to install firewall standalone, then there is only one option left – no antivirus.

If I am missing anything in configuration please tell me, because everything works fine after I turned off the firewall, and goes to die after I turned it on. And my point is ---- that is just how I did when I was using firewall standalone, and … adding an antivirus function shouldn’t be that hard.

My website was down because of this, and now the only workaround is to turn off the firewall. And I really need to emphasize this, the only files that were affected are the server-type applications, firefox works fine, online games work fine … but not things like apache and my hmailserver.

Really need your help! and I appreciate for your time and apologize for my terrible English.

bump bump bump bump bump bump …

First of all CIS was not tested with Win 2008 R2.

You need to have open port(s) for your server type applications. That may be lacking. Can you post me screenshot of your Global Rules (Firewall → Advanced → Network Security Policy → Global Rules)?