You are reading:
Protecting Your Data: A Guide to Windows Firewall


Advanced / Network Connection Settings / Settings / Add...



A new service can be added by clicking the Add... button. These service settings require a name, an IP address of the computer that's hosting the service, and the external and internal port numbers for the service.


Although this is similar to a port-based exception, this advanced option provides some additional functionality. Since these services can be used by Internet Connection Services, both an internal and an external port number can be specified as an exception. Internet Connection Services provides the forwarding mechanism between the internal network and the external network, and Windows Firewall handles the security.

Using these settings to add a port-based exception can double the number of open ports on a computer, since both an external and internal port number can be specified. Although open ports to an internal network are preferable to open ports that are externally facing, any open port should be considered carefully before it creates another opening in your Windows Firewall.