You are reading:
Protecting Your Data: A Guide to Windows Firewall
Exceptions / Add Port
To add a port number exception, select the "Add Port..." button at the bottom of the Windows Firewall Exception tab. The resulting dialog box asks for the name to associate with the open port, the port number, and the type of port (TCP or UDP).
Windows Firewall only allows a single port to be specified in the port number field. If multiple port numbers are required, separate port-based exceptions must be created. This can be very tedious if many port numbers are required, but that's probably the intention. You don't want to open many ports!
If multiple port numbers are required, name the port exception with the name of the service and the associated port number and type as seen in the example above. When viewing these specially named port-based exceptions from the main Exceptions tab, the open port numbers are clearly identified.
As mentioned earlier, adding a port number is less secure than assigning an application-based exception. Many software manufacturers will recommend opening a port instead of an application because it provides an easier support method for the software manufacturer. Unfortunately, this creates a larger security concern by opening a generic port instead of assigning an exception to the application. Before opening a port, be sure to try an application-based exception!
Exceptions / Add Port / Change Scope
As with application-based exceptions, port-based exceptions also allow a scope specification. These port-based exception scopes are identical to those seen in the Exceptions / Add a Program / Change Scope description.
