Choosing a Firewall Rule Type
Applies To: Windows Server 2008
Choosing a firewall rule type
Windows Firewall with Advanced Security provides four basic types of firewall rules. By using one of these firewall rule types, you can create exceptions to explicitly allow or explicitly deny a connection through the firewall.
You can change the settings for any of these firewall rules after you create them. You can add further specificity to the criteria for the firewall rule, for example, to specify to which users or computers the firewall rule applies, to which scope the firewall rule applies, and to which interface types the firewall rule applies. To make these changes, right-click the firewall rule in the Results pane and select Properties.
Note
As a best practice, give the firewall rules a unique name. Unique names make management using the netsh commands much easier.
Program
You can use this type of firewall rule to allow a connection based on the program that is trying to connect. This provides easy configuration to allow connections for Microsoft Outlook or other programs. It is also useful if you are not sure of the port or other settings required to allow access. You only need to specify the path to the program executable (.exe) file.
Port
You can use this type of firewall rule to allow a connection based on the port over which the remote user or computer is trying to connect. You specify the protocol (either UDP or TCP) and the local port. You can specify more than one port number.
Predefined
You can use this type of firewall rule to allow a connection by selecting one of the programs or experiences from the list. Most of the well known services and programs available on computers running this version of Windows appear in this list.
Custom
You can use this type of firewall rule to create a firewall rule that you can configure as needed to allow a connection based on criteria not covered by the other types of firewall rules.