Windows Firewall (User Management)
Windows Firewall
The Windows Firewall object allows Microsoft's Windows Firewall to be enabled or disabled on any validated computer having the Windows XP x86 SP3 or Windows XP x64 SP2 operating system installed. The ability to specify certain port and program exceptions is also specified on this object's setting tab. Windows Firewall is only applicable on Windows XP x86 SP3 and Windows XP x64 SP2 or greater.
Settings
Windows Firewall
Select an action (Enable/Disable) to configure the Windows Firewall component on client computers.
Display a notification when Windows Firewall blocks a program
This check box can be set to one of three (3) different states: on (enabled) 
Select this check box to display a visual notification to the user when the Firewall blocks a program from accepting an incoming request. The notification dialog box will allow the user to determine if the Windows Firewall should allow the program to keep blocking the program or to allow incoming requests to the program. Clear this check box for no visual notification or occur. Gray the box to leave the client’s setting untouched.
Enable file and print sharing
This check box can be set to one of three (3) different states: on (enabled)
Select this check box to enable File and Print sharing on each validated client. Clear this box to disable File and Print sharing on each validated client. Gray the box to leave the client’s setting untouched.
Don't allow exceptions (inbound firewall only)
This check box can be set to one of three (3) different states: on (enabled)
Select this box to disallow all excepted traffic specified in the exceptions list. Clear this box to allow traffic. Gray the box to leave the client’s setting untouched.
Exceptions
The Exceptions list is a holding place for all Firewall port and program exceptions. Click Add to add an exception to the Exception list. Click Edit to edit an existing exception on the list. Click Delete to remove a configured port or program from the Exception list.
Action
Select Open or Close from the Action list. This will configure the specified port to be opened or closed for incoming traffic.
Type
Select TCP, UDP or Program from the Protocol list to specify the type of port or program to be configured.
Exception
When the Type is set to TCP or UDP, type the port number to be opened or closed into the Exception entry box. When the Type is set to Program, specify the path to the executable program into the Exception entry box.
Description
Type a meaningful description or reason for the exception in the Description box.
Scope
Select Any Computer, My Network (subnet) only or Custom List from the Scope list. Any Computer specifies that incoming traffic on the port is allowed regardless of where it is coming from. My Network (subnet) only specifies that incoming traffic on the specified port is allowed only if the request is coming from the local network. Custom List specifies that incoming traffic from any computer specified in the custom list is allowed. Delineate the custom list of IP addresses by commas.
Advanced
The Windows Firewall Advanced tab allows specific types of ICMP messages to be enabled or disabled. ICMP messages are used for diagnostics and troubleshooting. The requests listed below are types of requests that the computer may or may not need to respond to. Select each Internet request type that the computer will respond to. Clear each Internet request type that the computer will not respond to.
Default filters
Domain profile
A rule in the Domain profile applies when a computer is connected to a domain.
Allow inbound connections that do not match a rule
Check this box to allow an inbound connection request even if it does not match a Domain profile rule. This check box can be set to one of three (3) different states: on (enabled)
Allow outbound connections that do not match a rule
Check this box to allow an outbound connection request even if it does not match a Domain profile rule. This check box can be set to one of three (3) different states: on (enabled)
Private profile
A rule in the Private profile applies when a computer is connected to a private network location.
Allow inbound connections that do not match a rule
Check this box to allow an inbound connection request even if it does not match a Private profile rule. This check box can be set to one of three (3) different states: on (enabled)
Allow outbound connections that do not match a rule
Check this box to allow an outbound connection request even if it does not match a Private profile rule. This check box can be set to one of three (3) different states: on (enabled)
Public profile
A rule in the Public profile applies when a computer is connected to a public network location.
Allow inbound connections that do not match a rule
Check this box to allow an inbound connection request even if it does not match a Public profile rule. This check box can be set to one of three (3) different states: on (enabled)
Allow outbound connections that do not match a rule
Check this box to allow an outbound connection request even if it does not match a Public profile rule. This check box can be set to one of three (3) different states: on (enabled)
Validation Logic
Select the Validation Logic tab to set the validation rules for this element.
Notes
Select the Notes tab to create any additional notes needed to document the profile element.
Description
When adding or modifying a profile object element, the description appears above the settings tab. Enter a description to annotate the element. The default value for new profile elements can be changed by going to the system Preferences.