We inherit the naming/invoker services from the app server so any advice applicable to the application server should also be applicable to us.
What are you securing the ports against? How do you want to restrict access?
You're right, I should have posted my question to the App Server forum.
I'm seeking advice on how to protect access to the naming service, invokers, and others running on ports 1099, 1098, 4444, etc. Out of the box, those service are open to everybody.