????
Your IP : 216.73.216.234

Current Path : C:/Windows/System32/en-US/
Current File : C:/Windows/System32/en-US/FirewallAPI.dll.mui
MZ����@���	�!�L�!This program cannot be run in DOS mode.

$��<߱�R���R���R�U�����R�U�P���R�Rich��R�PEL�!x

��E@ u8.rdata�@@.rsrc� v@@S)~
T88S)~$��8.rdata8x.rdata$zzzdbg �7.rsrc$01�W@.rsrc$02 7NZ�>9Ɓ��=x�=���Jw��S)~x7�(�@�p	��	�$h�	�i�	���	��	�
�$
�10
�7H
��`
�Fx
���
���
���
���
���
���� ��8��P��h����������������������(��@��X��p�����������������
��
��0
��H
��`
��x
���
��
��
��
��
�� � 8�!P�"h�+��.��/��0��1��3��4�5(�6@�ZX�[p�\��]��^��_��`��a�b�c0��H��`��x������������������� ��8�P�h�����	������%��&�4(�5@�DX�Ep�T��c��d��s��t�������0��H��`��x������������������� ��8��P��h���������������������(�@�X�p������������.�/0�>H�?`�@x�N��]��^��m��}����� ��8��P��h�������������	��	��		�
	(�	@�	X�"	p�#	��(	��)	��/	��0	��1	�4	�5	0�;	H�<	`�A	x�B	��H	��N	��T	��U	��W	�Z	 �[	8�a	P�g	h�h	��i	��j	��m	��p	��w	��x	�y	(��	@��	X��	p��	���	���	���	���	���	��	��	0��	H��	`�
x�
��"
��2
��B
��Q
��q
��
 ��
8��
P��
h��
���
���
���
��<��K��[�j(�n@�qX�tp�z�������������������0��H��`��x����������������� ��  ��8 �P �<h �B� �C� �D� �H� �I� �J� ��!��(!��@!��X!��p!���!�
�!�
�!�

�!�
�!�
"�
"�
0"�
H"�
`"�
x"�
�"�#
�"�)
�"�0
�"�n
�"�I#�� #��8#��P#��h#���#���#���#���#���#���#��$��($�l@$�oX$�up$���$���$���$���$���$�%�	%	(%	8%	H%	X%	h%	x%	�%	�%	�%	�%	�%	�%	�%	�%	&	&	(&	8&	H&	X&	h&	x&	�&	�&	�&	�&	�&	�&	�&	�&	'	'	('	8'	H'	X'	h'	x'	�'	�'	�'	�'	�'	�'	�'	�'	(	(	((	8(	H(	X(	h(	x(	�(	�(	�(	�(	�(	�(	�(	�(	)	)	()	8)	H)	X)	h)	x)	�)	�)	�)	�)	�)	�)	�)	�)	*	*	(*	8*	H*	X*	h*	x*	�*	�*	�*	�*	�*	�*	�*	�*	+	+	(+	8+	H+	X+	h+	x+	�+	�+	�+	�+	�+	�+	�+	�+	,	,	(,	8,	H,	X,	h,	x,	�,	�,	�,	�,	�,	�,	�,	�,	-	-	(-	8-	H-	X-	h-	x-	�-	�-	�-	�-	�-	�-	�-	�-	.	.	(.	8.	H.	X.	h.	x.	�.	�.	�.	�.	�.	�.	�.	�.	/	/	(/	8/	H/	X/	h/	x/	�/	�/	�/	�/	�/	�/	�/	�/	0	0	(0	80	H0	X0	h0	x0	�0	�0	�0	�0	�0	�0	�0	�0	1	1	(1	81	H1	X1	h1	x1	�1	�1	�1	�1	�1	�1	�1	�1	2	2	(2	82	H2	X2	h2	x2	�2	�2	�2	�2	�2	�2	�2	�2	3	3	(3	83	H3	X3	h3	x3	�3	�3	�3	�3	�3	�3	�3	�3	4	4	(4	84	H4	X4	h4	x4	�4	�4	�4	�4	�4	�4	�4	�4	5	5	(5	85	H5	X5	h5	x5	�5	�5	�5	�5	�5	�5	�5	�5	6	6	(6	86	H6	X6	h6	x6	�6	�6	�6	�6	�6	�6	�6	�6	7	7	(7	87	H7	X7	h7�W��0Xx��X���YJ��[$��b|�lc��Hd���e���f|�0j8�hk��Xp��TtX��uX�x���x��yF�8~�����Ԉ.��������H����t��������X�d���
����	���"��� �������*
����	���b	��h	�L��,�4�DV��X��$�v����hB��H�����!r��&���*J�0r��5��|<��x?��\C��D���G��dJ��8L�TP��Qx��Sp��Uf�\Y���[b�`^��_D�P`J��a���d
��l��0m���oh�`qv��q��|u��0w���y���~��t����|��������r������:�Ȟh�0�\�����p�2���*�Ъ��d���@�D�����(���س������|���H�
�T���@����� �*�L����X�\���@�����*��>�X���������B���������h���,���������D	,�p
���
���f�\�d��<���n�l"��<'�T(���+���0���1h��3���4��t9|��:���>��p?��DF���HN� K��O�$Q�@S��4\*�`^v��`���bL��e@�f���g���i��|nj��o��q��rD�@t��8u�Tw���z���{��`��,�`�����\���P����H�L����n�|������������|��� �������h��|���\��x�2�����`��p���T�����������P���(���ܽ��t�|���	��������������������Z���Z�8�t��������h���4������������4������8�������.�������:���������l���H���0����������|����������L���������h�(�������T����F�(������������p�&�����@������X�L������t��$
x����
D�����:�,�4��� D� #���%n�&�4*�P+��/���4���8t�`;�pA��FT�hG:��H���I�
�xTl��X,�Z���[���\<��a���dt�e���j��o|�Trx��w>�y�z\�x}��������L��������|����v�����h�P���D�����̐|�H���MUI���47T�/>/%d���]�Q">O��Ί�	������MUIen-US!Firewall log files (*.log)*.logBrowselog[The value entered for the log file size is not valid. Enter a value between 1 and 32767 k.PACOM+ Network AccessCOM+ Network Access (DCOM-In)FInbound rule to allow DCOM traffic for COM+ Network Access. [TCP 135]COM+ Remote Administration%COM+ Remote Administration (DCOM-In)]Inbound rule to allow DCOM traffic to the COM+ System Application for remote administration.PAJAllows this computer to replicate data using the Storage Replica feature. Remote Desktop Licensing Server%Remote Desktop Licensing Server(RPC)VInbound rule for Remote Desktop Licensing Server to be remotely managed via RPC / TCP-Remote Desktop Licensing Server(RPC - EPMAP)cInbound rule for the RPCSS service to allow RPC / TCP traffic for Remote Desktop Licensing Server.)Remote Desktop Licensing Server(NP - In)_Inbound rule to allow Remote Desktop Licensing Server to be remotely managed over Named Pipes.1Remote Desktop Licensing Server - WMI(DCOM - In)jInbound rule to allow DCOM traffic for remote WMI management of Remote Desktop Licensing Server.[TCP 135]0Remote Desktop Licensing Server - WMI(TCP - In)DInbound rule for WMI management of Remote Desktop Licensing Server.1Remote Desktop Licensing Server - WMI(WMI - Out)EOutbound rule for WMI management of Remote Desktop Licensing Server..This group contains Rules for System Insights^This feature allows the Hyper-V management clients to communicate with its server. (Uses WMI)�This feature manages authentication, authorization, auditing and accounting for network connection attempts sent by access servers that are compatible with the IETF RADIUS protocolPA_This group contains rules relating to Microsoft cloud identity, including tenant restrictions.PAMSMQ Service exclusion for TCPMSMQ Service exclusion for UDPMQDS Service exclusion for TCPMQDS Service exclusion for UDP%MSMQ Service exclusion for MulticastMessage Queuing TCP InboundMessage Queuing TCP OutboundMessage Queuing UDP InboundMessage Queuing UDP OutboundMQDS TCP InboundMQDS TCP OutboundMQDS UDP InboundMQDS UDP Outbound"Message Queuing Multicast Inbound#Message Queuing Multicast OutboundMessage QueuingEThis feature allows remote activation of COM+ components (Uses DCOM)GThis feature allows remote administration of a COM+ server (Uses DCOM)wThis feature is used to allow incoming connection requests using Remote Desktop Licensing Protocol. (Uses RPC and WMI)Work Folders Front End Service!Work Folders Front End (HTTP-In)�This firewall rule enables the Work Folders frontend service to receive unencrypted data from PCs and devices that are using Work Folders to sync with this server using the HTTP protocol on port 80."Work Folders Front End (HTTPS-In)�This firewall rule enables the Work Folders frontend service to receive encrypted data from PCs and devices that are using Work Folders to sync with this server using the HTTPS protocol on port 443.PAVWindows Communication Foundation Net.TCP Listener Adapter (TCP-In) (.NET 3.5 for x86)VWindows Communication Foundation Net.TCP Listener Adapter (TCP-In) (.NET 3.5 for x64)VWindows Communication Foundation Net.TCP Listener Adapter (TCP-In) (.NET 4.0 for x86)VWindows Communication Foundation Net.TCP Listener Adapter (TCP-In) (.NET 4.0 for x64)tAn inbound rule for Windows Communication Foundation to allow TCP traffic to the Net.TCP Listener Adapter [TCP 808]!Windows Communication FoundationPAFile and Printer SharingNetBIOS Name ServiceNetBIOS Datagram ServiceNetBIOS Session Service
SMB over TCPUPnP Framework!SSDP Component of UPnP FrameworkUPnP Framework over TCPRemote DesktopDomain Name Server (DNS)2Dynamic Host Configuration Protocol Server (DHCP)2Dynamic Host Configuration Protocol Client (DHCP)Incoming Connection VPN (PPTP)Incoming Connection VPN (L2TP)IP Security (IPsec - IKE) IP Security (IPsec - IKE/NAT-T)1Phase 1: Local address = %s, Remote address = %s1Phase 2: Local address = %s, Remote address = %s, Protocol = 0x%x, Protocol = Any, Local port = 0x%x, Local port = Any, Remote port = 0x%x, Remote port = AnyPAWindows Defender Firewall�Windows Defender Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network./Windows Defender Firewall Authorization Driver�Windows Defender Firewall Authorization Driver is a kernel mode driver that provides deep inspection services on inbound and outbound network traffic.!Allow authenticated IPsec bypass[Allows specific computers to have unrestricted, but authenticated, access to the computer.YesNoEnabled	DisabledPA
Group Policy
Local PolicyGroup and Local PolicyDomainPrivateAll interfacesOffOnDon't allow exceptionsAll subnetsLocal subnet onlyCustom subnetsAddRemoveModify'Allow outgoing destination unreachablePAAllow outgoing source quenchAllow redirectAllow incoming echo requestAllow incoming router requestAllow outgoing time exceeded!Allow outgoing parameter problem!Allow incoming timestamp requestAllow incoming mask requestAllow outgoing packet too big1The rule was parsed successfully from the store.�The rule is from a later version of the service. Some fields were not understood and have been ignored. This may cause the rule to be less restrictive than on the version where it was created. To mitigate any risk from this fallback behavior, ensure that the original rule is as specific as possible. To avoid this fallback behavior, create version-specific GPO's, or apply a Platform condition to the rule.�The rule is from a newer schema version than the service, and the unknown fields could not be ignored.  The whole rule was ignored.?The name contains invalid characters, or is an invalid length.FThe description contains invalid characters, or is an invalid length.FThe application contains invalid characters, or is an invalid length.BThe service contains invalid characters, or is an invalid length.PAZThe authorized remote machines list contains invalid characters, or is an invalid length.WThe authorized remote users list contains invalid characters, or is an invalid length.hThe group (sometimes called the embedded context) contains invalid characters, or is an invalid length.*The service was unable to parse the rule.EAn invalid port range was specified, or 0 was used as a port number.ZSome of the keywords specified on the remote address are only valid on the local address.7Number of interfaces and interface buffer don't match.The interface type is invalid.The action is invalid.The direction is invalid.IThe protocol-specific options do not match the protocol that was chosen.dThe rule was parsed successfully, but there was an unknown semantic error when processing the rule.An error occurred.!Enable Windows Defender FirewallDisable Stealth Mode(Windows Defender Firewall Shielded ModePA'Disable Unicast Responses to MulticastLog Dropped PacketsLog Successful ConnectionsLog Ignored RulesMaximum Log File SizeLog File PathDisable Inbound Notifications6Allow User preferred merge of Authorized Applications2Allow User preferred merge of Globally open portsAllow Local Policy MergeAllow Local IPsec Policy MergeDisabled InterfacesDefault Outbound ActionDefault Inbound ActionCurrent ProfileDisable Stateful FTPIgnored Disable Stateful PPTPIPsec SA Idle timeIPsec preshared key encoding
IPsec ExemptIPsec CRL Check<All>AllowBlockBThe rule ID contains invalid characters, or is an invalid length.NThe phase 1 auth set ID contains invalid characters, or is an invalid length.SThe quick mode crypto set ID contains invalid characters, or is an invalid length.RThe main mode crypto set ID contains invalid characters, or is an invalid length.,The application name could not be resolved.The Rule ID was not specified..Mismatch in number of ports and ports buffer.%One of the port keywords is invalid.=Mismatch in number of V4 address subnets and subnets buffer.=Mismatch in number of V6 address subnets and subnets buffer.;Mismatch in number of V4 address ranges and ranges buffer.;Mismatch in number of V6 address ranges and ranges buffer.SThe address range is invalid.  The end address is less than the beginning address.,One or more of the subnet masks is invalid.0One or more of the address prefixes is invalid.1One or more of the address keywords are invalid.ZSome of the keywords specified on the local address are only valid on the remote address.,Mismatch in number of ICMP and ICMP buffer.Invalid ICMP code specified.�Allow-Bypass action specified, but the rule does not meet allow-bypass criteria (inbound, authenticate/encrypt flags set, remote machine auth list specified)  The protocol number is invalid.Invalid flags specified.TAutogenerate flag is set but Authenticate / Authenticate-encrypt flags are not set.2Autogenerate flag is set but the action is block.PA6Autogenerate flag is set along with Dynamic RPC flag.RThe Authentication and Authentication & Encryption flags cannot be used together.PAuthorization lists can only be used if authentication is required on the rule.MNumber of valid OS Platforms and the list of valid OS Platforms don't match +The phase 1 auth set ID must be specified.0The quick mode crypto set ID must be specified.The Set ID was not specified.The IPsec phase is invalid. No suites specified in the set.,One of the phase 1 auth methods is invalid.,One of the phase 2 auth methods is invalid.4Anonymous cannot be the only authentication method.$Invalid auth suite flags specified._Machine certificates can only be used in phase 2 auth if they are machine health certificates._Machine Preshared Key was selected as an authentication type, but no key string was specified.bThe certificate authority name is required, and must be formatted as an X.509 distinguished name.RBoth machine and user auth cannot be proposed within the same authentication set./The main mode crypto set ID must be specified.*The phase 1 crypto set flags are invalid.0The main mode lifetime, in minutes, is invalid.1The main mode lifetime, in sessions, is invalid.9One of the main mode key exchange algorithms is invalid.7One of the main mode encryption algorithms is invalid.1One of the main mode hash algorithms is invalid.:One of the quick mode key exchange algorithms is invalid.6One of the quick mode encapsulation types is invalid.8One of the quick mode encryption algorithms is invalid.2One of the quick mode hash algorithms is invalid.1The quick mode lifetime, in minutes, is invalid.3The quick mode lifetime, in kilobytes, is invalid.@Remote user authorization can only be applied to inbound rules.NAn unspecified, multicast, broadcast, or loopback IPv6 address was specified.PAGIf the action is Do Not Secure, the auth and crypto sets must be null.-Either Encryption or Hash must be specified.WBlock action was specified in conjunction with require security or require encryption..The phase 1 authentication set was not found..The phase 2 authentication set was not found.0The quick mode cryptographic set was not found.�A conflict was detected between the phase 1 and phase 2 authentication sets. When preshared keys are used in phase 1, there cannot be a phase 2 authentication set.]A local address cannot be used in conjunction with an interface or interface type condition.
Program NameInterfacesLocal AddressesRemote AddressesLocal PortRemote PortEndPoint 1 AddressesEndPoint 2 AddressesEndpoint 1 PortEndpoint 2 PortNot ConfiguredThe profile type is invalid.PublicNAn unspecified, multicast, broadcast, or loopback IPv4 address was specified.qMachine health certificates and regular certificates cannot both be proposed within the same authentication set.None;Endpoint 'any' cannot be specified for a tunnel-mode rule.IPsec Through NATPolicy Version6The target schema version specified is not supported.KThe same authentication method cannot be used more than once within a set.This error value is not used.8The target schema version does not support port ranges.XThe Authentication (Dynamic Encryption) flag cannot be used when direction is Outbound.tWhen the Authentication (Dynamic Encryption) flag is set, the Authentication & Encryption flag must be set as well.PThe target schema version does not support Authentication (Dynamic Encryption).HThe target schema version does not support outbound Allow-Bypass rules.rAllow-Bypass action specified, but the rule does not meet allow-bypass criteria (authenticate/encrypt flags set) �Defer to user' setting can only be used in a firewall rule where program path and TCP/UDP protocol are specified with no additional conditions.\Port ranges are only allowed in connection security rules when the action is Do Not Secure.MThe target schema version does not support the platform operator specified. 5The DTM flag requires at least one dynamic endpoint.CA dynamic tunnel-mode exemption rule cannot have tunnel endpoints.CThe target schema version does not support tunnel-mode exemptions.fAuthentication mode,"Require inbound and clear outbound" can only be set when using IPsec tunneling. @Bypass Tunnel If Secure may not be set on Transport-Mode rules.*One of the platform operators is invalid.0%s unregistered from Windows Defender Firewall.s%s unregistered from Windows Defender Firewall. Windows Defender Firewall is now controlling the filtering for %s.FirewallRuleCategoryConSecRuleCategoryStealthRuleCategoryBootTimeRuleCategory, NAuthentication (No Encapsulation) cannot be specified on a tunnel-mode rule. \Authentication (No Encapsulation) cannot be specified on a rule that uses a preshared key. AThe target schema version does not support certificate criteria.<Certificate criteria version does not match schema version.gThe certificate criteria are invalid.  A thumbprint hash must be specified when FollowRenewal is used.GThe certificate criteria are invalid.  The thumbprint hash is invalid.MThe certificate criteria are invalid.  One or more of the EKU's are invalid.AThe certificate criteria are invalid.  The name type is invalid.FThe certificate criteria are invalid.  The subject name is not valid.LThe certificate criteria are invalid.  The criteria type flags are invalid.�The certificate criteria are invalid.  You need to specify at least one set of validation criteria and one set of selection criteria for each set of certificate proposal with the same signing method.�The local user authorization list contains invalid characters, or is an invalid length. If PolicyAppId is specified, it may only contain alphanumeric characters and any of the characters ":", "/", ".", and "_".PARThe authorized local user list may not be used in conjunction with a service SID.KThe target schema version does not support the authorized local user list.4Disable Stealth Mode IPsec Secured Packet ExemptionjThe Kerberos proxy name must be a fully qualified domain name (FQDN). For example: kerbproxy.contoso.com 0IPsec Policy Agent service hardening - LDAP/TCPGAllow IPsec Policy Agent outbound LDAP/TCP traffic to Active Directory0IPsec Policy Agent service hardening - LDAP/UDPGAllow IPsec Policy Agent outbound LDAP/UDP traffic to Active DirectoryUIPsec Policy Agent service hardening - Block any other traffic to IPsec Policy AgentWIPsec Policy Agent service hardening - Block any other traffic from IPsec Policy Agent=MpsSvc service hardening - Block any other traffic to MpsSvc?MpsSvc service hardening - Block any other traffic from MpsSvc+Inbound service restriction rule for %1!s!+Block all inbound traffic to service %1!s!,Outbound service restriction rule for %1!s!.Block all outbound traffic from service %1!s!PA9IPsec Policy Agent service hardening - Remote ManagementGAllow IPsec Policy Agent inbound RPC/TCP traffic for Remote Management"The remote endpoints are invalid.%The remote endpoint FQDN is invalid.&The choice of key modules is invalid.)The forward path SA lifetime is invalid.JThe target schema version does not support custom key module preferences.WThe target schema version does not support transport rule machine authorization lists.TThe target schema version does not support transport rule user authorization lists.DTransport machine authorization SDDL specified on tunnel-mode rule.PAATransport user authorization SDDL specified on tunnel-mode rule.iThe Apply Global Authorization flag cannot be used when a per-rule authorization list is also specified..The transport rule machine SDDL is not valid.+The transport rule user SDDL is not valid.This error value is not used.NThe phase 2 auth set ID contains invalid characters, or is an invalid length.>The target schema version does not support dynamic endpoints.�When specifying tunnel endpoints in both IPv4 and IPv6, a tunnel endpoint may not be dynamic for one address family and explicit for the other.  (A dynamic tunnel endpoint is one set to "Any".)�The edge traversal flags are inconsistent.  Defer To App must be set without Edge Traversal, but Defer To User must be set with Edge Traversal.NThe target schema version does not support Authentication (No Encapsulation).eWhen the Authentication (No Encapsulation) flag is set, the Authentication flag must be set as well.HThe target schema version does not support tunnel authentication modes.HThe target schema version does not support tunnel authentication modes.AThe target schema version does not support the IP_HTTPS keyword.?The target schema version does not support the IP_TLS keyword.CThe target schema version does not support dynamic edge traversal.PA%The local user owner SID is invalid.GThe target schema version does not support the local user owner field.=The target schema version does not support profile crossing.VThe target schema version does not support one or more of the address keywords given.(The application package SID is invalid.EThe target schema version does not support application package SIDs.VLogical endpoints (trust tuples) cannot be combined with specific addresses or ports.AOne or more of the logical endpoints (trust tuples) are invalid.MThe target schema version does not support logical endpoints (trust tuples).KThe target schema version does not support the Key Manager Dictation flag.NThe target schema version does not support the Key Manager Notification flag.\The target schema version does not support one or more of the authentication methods given.XThe target schema version does not support the requested certificate signing algorithm.HThe target schema version does not support targeting Intermediate CA's.�When specifying multiple certificate authentication proposals, all the certificate proposals with the same signing method must must be grouped together within the set.CThe target schema version does not support kerberos proxy servers.JThe main mode crypto set ID should be the global main mode crypto set ID.^The target schema version does not support one of the main mode encryption algorithms chosen.XThe target schema version does not support one of the main mode hash algorithms chosen.`The target schema version does not support one of the main mode key exchange algorithms chosen._The target schema version does not support one of the quick mode encryption algorithms chosen.YThe target schema version does not support one of the quick mode hash algorithms chosen.aThe target schema version does not support one of the quick mode key exchange algorithms chosen.?The encryption and hash algorithms specified are incompatible.JMalformed query: Mismatch in the number of ORed terms and the terms arrayQMalformed query: Mismatch in the number of ANDed conditions and conditions array-Malformed query: Invalid confition match key.Malformed query: Invalid condition match type-Malformed query: Invalid condition data type7Malformed query: Invalid key and data type combinationIMalformed query: Protocol condition present without a protocol conditionFMalformed query: Profile Key unavailable for this object type queriedPAEMalformed query: Status Key unavailable for this object type queriedGMalformed query: FilterID Key unavailable for this object type queriedJMalformed query: Application Key unavailable for this object type queriedGMalformed query: Protocol Key unavailable for this object type queriedIMalformed query: Local Port Key unavailable for this object type queriedJMalformed query: Remote Port Key unavailable for this object type queriedKMalformed query: Service Name Key unavailable for this object type queriedHAuthentication (No Encapsulation) may not be used on tunnel-mode rules.XAuthentication (No Encapsulation) may not be used on rules that contain preshared keys.;A runtime error occurred while trying to enforce the rule./The main mode cryptographic set was not found.?The target schema version does not support local only mapping.|The key module in the rule is incompatible with the authentication methods specified in the associated authentication sets.@The target schema version does not support Security Realm flag.uFirewall Rules with security realm Id field would require authentication and encryption, and action should be Allow./A string for the security realm Id is invalid.>The target schema version does not support security realm Id.BThe Sytem OS Only and Game OS Only flags cannot be used together.PThe target schema version does not support specifying System OS or Game OS flagLThe target schema version does not support specifying Development mode flag"A string for the FQBN is invalid.<The target schema version does not support specifying fqbn.FThe target schema version does not support specifying compartment Id.MThe target schema version does not support specifying callout and audit flagRThe target schema version does not support specifying app container loopback flagPAmpssvcMicrosoft Corporation-Microsoft Windows Defender Firewall Provider)Windows Defender Firewall Static SessionPA*Windows Defender Firewall Dynamic SessionBoot Time Filter4This filter is in effect before the service starts.Logging Filter/This filter implements logging, if configured. Port Scanning Prevention Filter}This filter prevents port scanning. This many times means there are no listeners. If debugging ensure your scenario has one.Loopback Permit Filter&This filter permits loopback traffic.Secondary Connections Filter=This filter permits secondary connections for FTP protocols. Deep Protocol Inspection Filter:This filter implements deep inspection for FTP protocols.FTP Inspection Filter'This filter enables inspection of FTP.Microsoft Corporation3Microsoft Windows Defender Firewall IPsec ProviderState Management FilterMIndicates different options to WFP to allow customization of state creation."State Management Provider Context"Contains State Management Options#Security Realm Id Provider ContextContains Security Realm Id#Interface to Bind Provider Context%Contains The Interface Id to Bind to$Policy Silent Mode Provider Context-The poicy is inspected only but not enforced)Microsoft Defender Firewall WSH Provider)Microsoft Defender Firewall EDP ProviderPAUPnP Framework (TCP-In).Inbound rule for UPnP Framework traffic [TCP]UPnP Framework (TCP-Out)/Outbound rule for UPnP Framework traffic [TCP]UPnP Framework (UDP-In).Inbound rule for UPnP Framework traffic [UDP]UPnP Framework (UDP-Out)/Outbound rule for UPnP Framework traffic [UDP]1Windows Defender Firewall with Advanced SecurityQConfigure policies that provide enhanced network security for Windows computers.+This group contains Rules for Work FoldersPA\This feature provides the ability to allow inbound traffic to the Net.TCP Listener Adapter.Core Networking-Core Networking - Packet Too Big (ICMPv6-In).Core Networking - Packet Too Big (ICMPv6-Out)�Packet Too Big error messages are sent from any node that a packet traverses which is unable to forward the packet because the packet is too large for the next link.PA3Core Networking - Router Solicitation (ICMPv6-Out)2Core Networking - Router Solicitation (ICMPv6-In)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration.3Core Networking - Router Advertisement (ICMPv6-In)4Core Networking - Router Advertisement (ICMPv6-Out)cRouter Advertisement messages are sent by routers to other nodes for stateless auto-configuration.>Core Networking - Neighbor Discovery Solicitation (ICMPv6-In)?Core Networking - Neighbor Discovery Solicitation (ICMPv6-Out)tNeighbor Discovery Solicitations are sent by nodes to discover the link-layer address of another on-link IPv6 node.?Core Networking - Neighbor Discovery Advertisement (ICMPv6-In)@Core Networking - Neighbor Discovery Advertisement (ICMPv6-Out)�Neighbor Discovery Advertisement messages are sent by nodes to notify other nodes of link-layer address changes or in response to a Neighbor Discovery Solicitation request.FCore Networking - Inverse Neighbor Discovery Solicitation (ICMPv6-In)GCore Networking - Inverse Neighbor Discovery Solicitation (ICMPv6-Out)�Inverse Neighbor Discovery Solicitations are sent by nodes to discover the IP address of another IPv6 node given its link-layer address.GCore Networking - Inverse Neighbor Discovery Advertisement (ICMPv6-In)HCore Networking - Inverse Neighbor Discovery Advertisement (ICMPv6-Out)�Inverse Neighbor Discovery Solicitations are sent by nodes to notify other nodes of IP address changes or in response to an Inverse Neighbor Discovery Solicitation request.<Core Networking - Certificate Path Solicitation (ICMPv6-In)=Core Networking - Certificate Path Solicitation (ICMPv6-Out)ySEND - Secure Neighbor Discovery - Certificate Path Solicitation is a secure version of Neighbor Discovery Solicitation.=Core Networking - Certificate Path Advertisement (ICMPv6-In)>Core Networking - Certificate Path Advertisement (ICMPv6-Out)PA{SEND - Secure Neighbor Discovery - Certificate Path Advertisement is a secure version of Neighbor Discovery Advertisement.7Core Networking - Multicast Listener Query (ICMPv6-In)8Core Networking - Multicast Listener Query (ICMPv6-Out){An IPv6 multicast-capable router uses the Multicast Listener Query message to query a link for multicast group membership.8Core Networking - Multicast Listener Report (ICMPv6-In)9Core Networking - Multicast Listener Report (ICMPv6-Out)�The Multicast Listener Report message is used by a listening node to either immediately report its interest in receiving multicast traffic at a specific multicast address or in response to a Multicast Listener Query.;Core Networking - Multicast Listener Report v2 (ICMPv6-In)<Core Networking - Multicast Listener Report v2 (ICMPv6-Out)�Multicast Listener Report v2 message is used by a listening node to either immediately report its interest in receiving multicast traffic at a specific multicast address or in response to a Multicast Listener Query.6Core Networking - Multicast Listener Done (ICMPv6-In)7Core Networking - Multicast Listener Done (ICMPv6-Out)PA�Multicast Listener Done messages inform local routers that there are no longer any members remaining for a specific multicast address on the subnet.=Core Networking - Multicast Router Advertisement (ICMPv6-In)>Core Networking - Multicast Router Advertisement (ICMPv6-Out)rMulticast Router Advertisement messages are sent by routers to advertise that IP multicast forwarding is enabled.<Core Networking - Multicast Router Solicitation (ICMPv6-In)=Core Networking - Multicast Router Solicitation (ICMPv6-Out)sMulticast Router Solicitation messages are sent in order to discover routers with IP multicast forwarding enabled.;Core Networking - Multicast Router Termination (ICMPv6-In)PA<Core Networking - Multicast Router Termination (ICMPv6-Out)sMulticast Router Termination messages are sent when a router stops IP multicast routing functions on an interface.6Core Networking - Destination Unreachable (ICMPv6-In)7Core Networking - Destination Unreachable (ICMPv6-Out)�Destination Unreachable error messages are sent from any node that a packet traverses which is unable to forward the packet for any reason except congestion.,Core Networking - Time Exceeded (ICMPv6-In)-Core Networking - Time Exceeded (ICMPv6-Out)�Time Exceeded error messages are generated from any node that a packet traverses if the Hop Limit value is decremented to zero at any point on the path.0Core Networking - Parameter Problem (ICMPv6-In)1Core Networking - Parameter Problem (ICMPv6-Out)aParameter Problem error messages are sent by nodes as a result of incorrectly generated packets.KCore Networking - Destination Unreachable Fragmentation Needed (ICMPv4-In)LCore Networking - Destination Unreachable Fragmentation Needed (ICMPv4-Out)�Destination Unreachable Fragmentation Needed error messages are sent from any node that a packet traverses which is unable to forward the packet because fragmentation was needed and the don't fragment bit was set.PA@Core Networking - Dynamic Host Configuration Protocol (DHCP-In)ACore Networking - Dynamic Host Configuration Protocol (DHCP-Out)\Allows DHCP (Dynamic Host Configuration Protocol) messages for stateful auto-configuration.JCore Networking - Dynamic Host Configuration Protocol for IPv6(DHCPV6-In)KCore Networking - Dynamic Host Configuration Protocol for IPv6(DHCPV6-Out)pAllows DHCPV6 (Dynamic Host Configuration Protocol for IPv6) messages for stateful and stateless configuration."Core Networking - Teredo (UDP-In)#Core Networking - Teredo (UDP-Out)PA�Inbound UDP rule to allow Teredo edge traversal, a technology that provides address assignment and automatic tunneling for unicast IPv6 traffic when an IPv6/IPv4 host is located behind an IPv4 network address translator.�Outbound UDP rule to allow Teredo edge traversal, a technology that provides address assignment and automatic tunneling for unicast IPv6 traffic when an IPv6/IPv4 host is located behind an IPv4 network address translator.PA!Core Networking - IPv6 (IPv6-In)"Core Networking - IPv6 (IPv6-Out)�Inbound rule required to permit IPv6 traffic for ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) and 6to4 tunneling services.�Outbound rule required to permit IPv6 traffic for ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) and 6to4 tunneling services.?Core Networking - Internet Group Management Protocol (IGMP-In)@Core Networking - Internet Group Management Protocol (IGMP-Out)ZIGMP messages are sent and received by nodes to create, join and depart multicast groups.PA(Core Networking - Group Policy (NP-Out)GOutbound rule to allow SMB traffic for Group Policy updates. [TCP 445])Core Networking - Group Policy (TCP-Out)JOutbound rule to allow remote RPC traffic for Group Policy updates. [TCP] Core Networking - DNS (UDP-Out)�Outbound rule to allow DNS requests. DNS responses based on requests that matched this rule will be permitted regardless of source address.  This behavior is classified as loose source mapping. [LSM] [UDP 53]+Core Networking - Group Policy (LSASS-Out)LOutbound rule to allow remote LSASS traffic for Group Policy updates [TCP].#Core Networking - IPHTTPS (TCP-In)$Core Networking - IPHTTPS (TCP-Out)rInbound TCP rule to allow IPHTTPS tunneling technology to provide connectivity across HTTP proxies and firewalls.sOutbound TCP rule to allow IPHTTPS tunneling technology to provide connectivity across HTTP proxies and firewalls.1Networking - Destination Unreachable (ICMPv4-In)2Networking - Destination Unreachable (ICMPv4-Out)�Destination Unreachable error messages are sent from any node that a packet traverses which is unable to forward the packet for any reason except congestion.'Networking - Source Quench (ICMPv4-In)(Networking - Source Quench (ICMPv4-Out)�Source Quench messages are sent from any node that a packet traverses which discards the datagram because they are arriving too fast or there are buffering issues."Networking - Redirect (ICMPv4-In)#Networking - Redirect (ICMPv4-Out)�Redirect messages are sent to indicate that the node which the packet was sent to is no longer the best gateway to reach the network in question.PA'Networking - Time Exceeded (ICMPv4-In)(Networking - Time Exceeded (ICMPv4-Out)�Time Exceeded error messages are generated from any node which a packet traverses if the Hop Limit value is decremented to zero at any point on the path.+Networking - Timestamp Request (ICMPv4-In),Networking - Timestamp Request (ICMPv4-Out)iTimestamp Request messages are sent by nodes who wish to obtain the current timestamp from another node.+Networking - Parameter Problem (ICMPv4-In),Networking - Parameter Problem (ICMPv4-Out)aParameter Problem error messages are sent by nodes as a result of incorrectly generated packets.PA"Networking - Redirect (ICMPv6-In)#Networking - Redirect (ICMPv6-Out)PA�Redirect messages are sent to indicate that the node which the packet was sent to is no longer the best gateway to reach the network in question.-Networking - Router Solicitation (ICMPv6-In)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration.PA4Networking - Generic Routing Encapsulation (GRE-In)5Networking - Generic Routing Encapsulation (GRE-Out)�Generic Routing Encapsulation is used for encapsulation of an arbitrary network layer protocol over another arbitrary network layer protocol.6Networking - PGM Reliable Transport Protocol (PGM-In)7Networking - PGM Reliable Transport Protocol (PGM-Out)�Pragmatic General Multicast is a reliable multicast transport protocol used for applications that require ordered or unordered, duplicate-free, multicast data delivery from multiple sources to multiple receivers.(Networking - Packet Too Big (ICMPv4-In))Networking - Packet Too Big (ICMPv4-Out)�Packet Too Big error messages are sent from any node that a packet traverses which is unable to forward the packet because the packet is too large for the next link.-Networking - Router Solicitation (ICMPv4-In).Networking - Router Solicitation (ICMPv4-Out)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration..Networking - Address Mask Request (ICMPv4-In)/Networking - Address Mask Request (ICMPv4-Out)oAddress Mask Request messages are sent by nodes who wish to obtain the subnet mask for their assigned address.&Networking - Echo Request (ICMPv4-In)'Networking - Echo Request (ICMPv4-Out)&Networking - Echo Request (ICMPv6-In)'Networking - Echo Request (ICMPv6-Out)PA@Echo Request messages are sent as ping requests to other nodes.Core Networking Diagnostics<Core Networking Diagnostics - ICMP Echo Request (ICMPv4-In)=Core Networking Diagnostics - ICMP Echo Request (ICMPv4-Out)<Core Networking Diagnostics - ICMP Echo Request (ICMPv6-In)=Core Networking Diagnostics - ICMP Echo Request (ICMPv6-Out)EICMP Echo Request messages are sent as ping requests to other nodes.PAKey Management Service Key Management Service (TCP-In)mInbound rule for the Key Management Service to allow for machine counting and license compliance. [TCP 1688]BITS PeercachingBITS Peercaching (WSD-In)PAdInbound rule for BITS Peercaching to discover neighbors who may have content via WSDAPI. [UDP 3702]BITS Peercaching (WSD-Out)eOutbound rule for BITS Peercaching to discover neighbors who may have content via WSDAPI. [UDP 3702]BITS Peercaching (Content-In)DInbound rule for BITS Peercaching content transfer port. [TCP 2178]BITS Peercaching (Content-Out)EOutbound rule for BITS Peercaching content transfer port. [TCP 2178]BITS Peercaching (RPC)PARInbound rule for the Peercaching authorization exchange port via dynamic RPC/TCP.BITS Peercaching (RPC-EPMAP)[Inbound rule for the RPCSS service in order to allow RPC/TCP traffic for BITS Peercaching.File and Printer Sharing)File and Printer Sharing (NB-Session-In)bInbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]*File and Printer Sharing (NB-Session-Out)cOutbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]"File and Printer Sharing (SMB-In)PA~Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]#File and Printer Sharing (SMB-Out)Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]&File and Printer Sharing (NB-Name-In)VInbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]'File and Printer Sharing (NB-Name-Out)WOutbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]*File and Printer Sharing (NB-Datagram-In)jInbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]+File and Printer Sharing (NB-Datagram-Out)kOutbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]1File and Printer Sharing (Spooler Service - RPC)iInbound rule for File and Printer Sharing to allow the Print Spooler Service to communicate via TCP/RPC.7File and Printer Sharing (Spooler Service - RPC-EPMAP)UInbound rule for the RPCSS service to allow RPC/TCP traffic for the Spooler Service.4File and Printer Sharing (Echo Request - ICMPv4-In)5File and Printer Sharing (Echo Request - ICMPv4-Out)4File and Printer Sharing (Echo Request - ICMPv6-In)5File and Printer Sharing (Echo Request - ICMPv6-Out)@Echo Request messages are sent as ping requests to other nodes.(File and Printer Sharing (LLMNR-UDP-In)dInbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355])File and Printer Sharing (LLMNR-UDP-Out)eOutbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355](File and Printer Sharing over SMBDirect3File and Printer Sharing over SMBDirect (iWARP-In)SInbound rule for File and Printer Sharing over SMBDirect to allow iWARP [TCP 5445]#File and Printer Sharing over QUIC'File and Printer Sharing (SMB-QUIC-In)zInbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Winquic. [UDP 443](File and Printer Sharing (SMB-QUIC-Out){Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Winquic. [UDP 443]PARemote DesktopRemote Desktop (TCP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389];RemoteApp and Desktop Connection Management - WMI (TCP-In)OInbound rule for WMI management of RemoteApp and Desktop Connection Management<RemoteApp and Desktop Connection Management - WMI (DCOM-In)wInbound rule to allow DCOM traffic for remote WMI management of RemoteApp and Desktop Connection Management. [TCP 135]<RemoteApp and Desktop Connection Management - WMI (TCP-Out)QOutbound  rule for WMI management of RemoteApp and Desktop Connection ManagementARemoteApp and Desktop Connection Management - WMI (Async-TCP-In)\Inbound rule for asynchronous WMI management of RemoteApp and Desktop Connection Management2RemoteApp and Desktop Connection Management (RPC)mInbound rule to allow RemoteApp and Desktop Connection Management to be remotely managed via RPC/TCP traffic/Remote Desktop Web Access - WMI (Async-TCP-In)PAJInbound rule for asynchronous WMI management of Remote Desktop Web Access*Remote Desktop Web Access - WMI (DCOM-In)ZInbound rule to allow DCOM traffic for remote WMI management of Remote Desktop Web Access)Remote Desktop Web Access - WMI (TCP-In)=Inbound rule for WMI management of Remote Desktop Web Access*Remote Desktop Web Access - WMI (TCP-Out)?Outbound  rule for WMI management of Remote Desktop Web Access$Remote Desktop - User Mode (TCP-In)$Remote Desktop - User Mode (UDP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]!Remote Desktop - Shadow (TCP-In)oInbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)Remote Desktop - (TCP-WS-In)\Inbound rule for the Remote Desktop service to allow RDP over WebSocket traffic. [TCP 3387]Remote Desktop (WebSocket)Remote Desktop - (TCP-WSS-In)cInbound rule for the Remote Desktop service to allow RDP traffic over secure WebSocket. [TCP 3392]Remote Desktop ServicesRemote Desktop Services (RPC)YInbound rule to allow Remote Desktop Services to be remotely managed via RPC/TCP traffic$Remote Desktop Services (RPC-EPMAP)XInbound rule for the RPCSS service to allow RPC/TCP traffic for Remote Desktop Services Remote Desktop Services (NP-In)WInbound rule to allow Remote Desktop Services to be remotely managed over Named Pipes.(Remote Desktop Services - WMI (DCOM-In)PAcInbound rule to allow DCOM traffic for remote WMI management of Remote Desktop Services. [TCP 135]'Remote Desktop Services - WMI (TCP-In);Inbound rule for WMI management of Remote Desktop Services(Remote Desktop Services - WMI (WMI-Out)<Outbound rule for WMI management of Remote Desktop Services-Remote Desktop Services - User Mode (TCP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]-Remote Desktop Services - User Mode (UDP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]*Remote Desktop Services - Shadow (TCP-In)oInbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)WMS Dashboard)Inbound rule for the Multipoint manager.WMS Manager+Inbound rule for the Multipoint dashboard.iSCSI ServiceiSCSI Service (TCP-In)aInbound rule for the iSCSI Service to allow communications with an iSCSI server or device. [TCP]iSCSI Service (TCP-Out)bOutbound rule for the iSCSI Service to allow communications with an iSCSI server or device. [TCP]Remote Event Log Management"Remote Event Log Management (RPC)QInbound rule for the local Event Log service to be remotely managed via RPC/TCP.$Remote Event Log Management (NP-In)VInbound rule for the local Event Log service to be remotely managed over Named Pipes.PA(Remote Event Log Management (RPC-EPMAP)]Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Event Log Service.PARemote Service Management Remote Service Management (RPC)WInbound rule for the local Service Control Manager to be remotely managed via RPC/TCP."Remote Service Management (NP-In)\Inbound rule for the local Service Control Manager to be remotely managed over Named Pipes.&Remote Service Management (RPC-EPMAP)cInbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.Remote AdministrationRemote Administration (RPC)BInbound rule for all services to be remotely managed via RPC/TCP.Remote Administration (NP-In)GInbound rule for all services to be remotely managed over Named Pipes."Remote Administration (RPC-EPMAP)XInbound rule for the RPCSS service to allow RPC/TCP traffic for all the local services.PA,Windows Defender Firewall Remote Management2Windows Defender Firewall Remote Management (RPC)SInbound rule for the Windows Defender Firewall to be remotely managed via RPC/TCP.8Windows Defender Firewall Remote Management (RPC-EPMAP)_Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Windows Defender Firewall.*Windows Remote Management (Compatibility)$Windows Remote Management (HTTP-In)IInbound rule for Windows Remote Management via WS-Management. [TCP 5985]Windows Remote ManagementPAWireless Portable Devices$Wireless Portable Devices (TCP-Out)aOutbound rule for Wireless Portable Devices to allow use of the Usermode Driver Framework. [TCP]$Wireless Portable Devices (SSDP-In)mInbound rule for Wireless Portable Devices to allow use of the Simple Service Discovery Protocol. [UDP 1900]%Wireless Portable Devices (SSDP-Out)PAnOutbound rule for Wireless Portable Devices to allow use of the Simple Service Discovery Protocol. [UDP 1900]$Wireless Portable Devices (UPnP-In)_Inbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP 2869]%Wireless Portable Devices (UPnP-Out)[Outbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP])Wireless Portable Devices (UPnPHost-Out)[Outbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP]PAMedia Center Extenders'Media Center Extenders - SSDP (UDP-In)jInbound rule for Media Center Extenders to allow use of the Simple Service Discovery Protocol. [UDP 1900](Media Center Extenders - SSDP (UDP-Out)kOutbound rule for Media Center Extenders to allow use of the Simple Service Discovery Protocol. [UDP 1900]'Media Center Extenders - RTSP (TCP-In)[Inbound rule for Media Center Extenders to allow RTSP AV Control. [TCP 554, TCP 8554-8558](Media Center Extenders - RTSP (TCP-Out)PAVOutbound rule for Media Center Extenders to allow WMDRM-ND and RTSP AV Control. [TCP](Media Center Extenders - qWave (UDP-In)wInbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177])Media Center Extenders - qWave (UDP-Out)xOutbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177](Media Center Extenders - qWave (TCP-In)wInbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177])Media Center Extenders - qWave (TCP-Out)xOutbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]1Media Center Extenders - HTTP Streaming (TCP-In)SInbound rule for Media Center Extenders to allow HTTP Media Streaming. [TCP 10244]&Media Center Extenders - XSP (TCP-In)OInbound rule for Media Center Extenders to allow terminal sessions. [TCP 3390]PA4Media Center Extenders - WMDRM-ND/RTP/RTCP (UDP-In)�Inbound rule for Media Center Extenders to allow WMDRM-ND and RTP/RTCP AV Streaming. [UDP 7777-7781, UDP 5004-5005, UDP 50004-50013]5Media Center Extenders - WMDRM-ND/RTP/RTCP (UDP-Out)\Outbound rule for Media Center Extenders to allow WMDRM-ND and RTP/RTCP AV Streaming. [UDP]+Media Center Extenders - Service (TCP-Out)pOutbound rule for Media Center Extenders to allow extender devices to locate and connect to the computer. [TCP]7Media Center Extenders - Device Provisioning (TCP-Out)YOutbound rule for Media Center Extenders to allow traffic for Device Provisioning. [TCP]2Media Center Extenders - Media Streaming (TCP-In)^Inbound rule for Media Center Extenders to allow UPnP traffic for Media Streaming. [TCP 2869]PA3Media Center Extenders - Media Streaming (TCP-Out)ZOutbound rule for Media Center Extenders to allow UPnP traffic for Media Streaming. [TCP]5Media Center Extenders - Device Validation (TCP-Out)WOutbound rule for Media Center Extenders to allow traffic for Device Validation. [TCP]3Media Center Extenders - Media Streaming (UDP-Out)sOutbound rule for Media Center Extenders to allow Media Streaming devices to respond to an SSDP search. [UDP 1900](Media Center Extenders - UPnP (TCP-Out)eOutbound rule for Media Center Extenders to allow UPnP devices to transmit device information. [TCP]Windows Media PlayerWindows Media Player (UDP-In)JInbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]Windows Media Player (UDP-Out)KOutbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]Windows Media Player (TCP-Out)POutbound rule for Windows Media Player to allow TCP/HTTP Media Streaming. [TCP]DWindows Media Player - Internet Group Management Protocol (IGMP-In)>Inbound rule for Windows Media Player to allow IGMP messages.EWindows Media Player - Internet Group Management Protocol (IGMP-Out)?Outbound rule for Windows Media Player to allow IGMP messages."Windows Media Player x86 (UDP-In)#Windows Media Player x86 (UDP-Out)#Windows Media Player x86 (TCP-Out)-Windows Media Player Network Sharing Service<Windows Media Player Network Sharing Service (qWave-UDP-In)�Inbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]=Windows Media Player Network Sharing Service (qWave-UDP-Out)�Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]<Windows Media Player Network Sharing Service (qWave-TCP-In)PA�Inbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]=Windows Media Player Network Sharing Service (qWave-TCP-Out)�Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]7Windows Media Player Network Sharing Service (SSDP-In)�Inbound rule for the Windows Media Player Network Sharing Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]8Windows Media Player Network Sharing Service (SSDP-Out)�Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]7Windows Media Player Network Sharing Service (UPnP-In)PAvInbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP 2869]8Windows Media Player Network Sharing Service (UPnP-Out)rOutbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP]AWindows Media Player Network Sharing Service (HTTP-Streaming-In)mInbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10243]BWindows Media Player Network Sharing Service (HTTP-Streaming-Out)nOutbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10243]@Windows Media Player Network Sharing Service (Streaming-UDP-In)JInbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]AWindows Media Player Network Sharing Service (Streaming-UDP-Out)KOutbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]AWindows Media Player Network Sharing Service (Streaming-TCP-Out)POutbound rule for Windows Media Player to allow TCP/HTTP Media Streaming. [TCP]6Windows Media Player Network Sharing Service (UDP-In)bInbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [UDP]7Windows Media Player Network Sharing Service (UDP-Out)cOutbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [UDP]6Windows Media Player Network Sharing Service (TCP-In)bInbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [TCP]7Windows Media Player Network Sharing Service (TCP-Out)cOutbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [TCP]<Windows Media Player Network Sharing Service (UPnPHost-Out)rOutbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP]DWindows Media Player Network Sharing Service x86 (Streaming-UDP-In)EWindows Media Player Network Sharing Service x86 (Streaming-UDP-Out)EWindows Media Player Network Sharing Service x86 (Streaming-TCP-Out)PA8Windows Media Player Network Sharing Service (Internet)AWindows Media Player Network Sharing Service (HTTP-Streaming-In)mInbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10245]Connect to a Network Projector(Connect to a Network Projector (WSD-In)[Inbound rule for Connect to a Network Projector to discover devices via WSDAPI. [UDP 3702])Connect to a Network Projector (WSD-Out)PA\Outbound rule for Connect to a Network Projector to discover devices via WSDAPI. [UDP 3702](Connect to a Network Projector (TCP-In)bInbound rule for Connect to a Network Projector to communicate with devices on the network. [TCP])Connect to a Network Projector (TCP-Out)cOutbound rule for Connect to a Network Projector to communicate with devices on the network. [TCP]/Connect to a Network Projector (WSD Events-In)]Inbound rule for Connect to a Network Projector to allow WSDAPI Events Discovery. [TCP 5357]0Connect to a Network Projector (WSD Events-Out)^Outbound rule for Connect to a Network Projector to allow WSDAPI Events Discovery. [TCP 5358]5Connect to a Network Projector (WSD EventsSecure-In)ZInbound rule for Connect to a Network Projector to allow Secure WSDAPI Events. [TCP 5358]6Connect to a Network Projector (WSD EventsSecure-Out)PA[Outbound rule for Connect to a Network Projector to allow Secure WSDAPI Events. [TCP 5358]PA.Windows Peer to Peer Collaboration Foundation7Windows Peer to Peer Collaboration Foundation (TCP-In)iInbound rule for the Windows Peer to Peer Collaboration Foundation for Peer to Peer Communication. [TCP]8Windows Peer to Peer Collaboration Foundation (TCP-Out)jOutbound rule for the Windows Peer to Peer Collaboration Foundation for Peer to Peer Communication. [TCP]7Windows Peer to Peer Collaboration Foundation (WSD-In)nInbound rule for the Windows Peer to Peer Collaboration Foundation to discover devices via WSDAPI. [UDP 3702]8Windows Peer to Peer Collaboration Foundation (WSD-Out)PAoOutbound rule for the Windows Peer to Peer Collaboration Foundation to discover devices via WSDAPI. [UDP 3702]8Windows Peer to Peer Collaboration Foundation (PNRP-In)mInbound rule for the Windows Peer to Peer Collaboration Foundation to allow Peer Name Resolution. [UDP 3540]9Windows Peer to Peer Collaboration Foundation (PNRP-Out)nOutbound rule for the Windows Peer to Peer Collaboration Foundation to allow Peer Name Resolution. [UDP 3540]8Windows Peer to Peer Collaboration Foundation (SSDP-In)�Inbound rule for the Windows Peer to Peer Collaboration Foundation to allow use of the Simple Service Discovery Protocol. [UDP 1900]9Windows Peer to Peer Collaboration Foundation (SSDP-Out)PA�Outbound rule for the Windows Peer to Peer Collaboration Foundation to allow use of the Simple Service Discovery Protocol. [UDP 1900]Windows Meeting Space Windows Meeting Space (DFSR-In)hInbound rule for Windows Meeting Space to allow Distributed File System Replication traffic. [TCP 5722]!Windows Meeting Space (DFSR-Out)iOutbound rule for Windows Meeting Space to allow Distributed File System Replication traffic. [TCP 5722]Windows Meeting Space (TCP-In)MInbound rule for Windows Meeting Space to allow collaboration traffic. [TCP] Windows Meeting Space (TCP-Out)NOutbound rule for Windows Meeting Space to allow collaboration traffic. [TCP]Windows Meeting Space (UDP-In)PAMInbound rule for Windows Meeting Space to allow collaboration traffic. [UDP] Windows Meeting Space (UDP-Out)NOutbound rule for Windows Meeting Space to allow collaboration traffic. [UDP]Windows Meeting Space (P2P-In)TInbound rule for Windows Meeting Space to allow Peer Networking traffic. [TCP 3587] Windows Meeting Space (P2P-Out)UOutbound rule for Windows Meeting Space to allow Peer Networking traffic. [TCP 3587]PANetwork DiscoveryNetwork Discovery (SSDP-In)'Network Discovery for Teredo (SSDP-In)eInbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]Network Discovery (SSDP-Out)fOutbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]Network Discovery (UPnP-In)'Network Discovery for Teredo (UPnP-In)WInbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP 2869]Network Discovery (UPnP-Out)SOutbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]Network Discovery (NB-Name-In)OInbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137] Network Discovery (NB-Name-Out)POutbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]#Network Discovery (NB-Datagram-In)cInbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]$Network Discovery (NB-Datagram-Out)PAdOutbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]Network Discovery (WSD-In)ZInbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]Network Discovery (WSD-Out)[Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]!Network Discovery (LLMNR-UDP-In)]Inbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]"Network Discovery (LLMNR-UDP-Out)^Outbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]Network Discovery (Pub-WSD-In)ZInbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702] Network Discovery (Pub WSD-Out)[Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702](Network Discovery (WSD EventsSecure-In)dInbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358])Network Discovery (WSD EventsSecure-Out)PAeOutbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]"Network Discovery (WSD Events-In)]Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]#Network Discovery (WSD Events-Out)^Outbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]!Network Discovery (UPnPHost-Out)SOutbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]Network Discovery (WSD-In)dInbound rule for Network Discovery to discover devices via Device Association Framework. [UDP 3702]Remote AssistanceRemote Assistance (TCP-In)2Inbound rule for Remote Assistance traffic. [TCP]Remote Assistance (TCP-Out)PA3Outbound rule for Remote Assistance traffic. [TCP]%Remote Assistance (RA Server TCP-In)IInbound rule for Remote Assistance to allow offers for assistance. [TCP]&Remote Assistance (RA Server TCP-Out)JOutbound rule for Remote Assistance to allow offers for assistance. [TCP] Remote Assistance (SSDP UDP-In)eInbound rule for Remote Assistance to allow use of the Simple Service Discovery Protocol. [UDP 1900]!Remote Assistance (SSDP UDP-Out)PAfOutbound rule for Remote Assistance to allow use of the Simple Service Discovery Protocol. [UDP 1900] Remote Assistance (SSDP TCP-In)WInbound rule for Remote Assistance to allow use of Universal Plug and Play. [TCP 2869]!Remote Assistance (SSDP TCP-Out)SOutbound rule for Remote Assistance to allow use of Universal Plug and Play. [TCP]Remote Assistance (DCOM-In)VInbound rule for Remote Assistance to allow offers for assistance via DCOM. [TCP 135]Remote Assistance (PNRP-Out)YOutbound rule for Remote Assistance to allow use of Peer Name Resolution Protocol. [UDP]Remote Assistance (PNRP-In)PAZInbound rule for Remote Assistance to allow use Peer Name Resolution Protocol. [UDP 3540]"Remote Scheduled Tasks Management(Remote Scheduled Tasks Management (RPC)PInbound rule for the Task Scheduler service to be remotely managed via RPC/TCP..Remote Scheduled Tasks Management (RPC-EPMAP)\Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Task Scheduler service.$Distributed Transaction Coordinator-Distributed Transaction Coordinator (TCP-In)PAQInbound rule to allow traffic for the Distributed Transaction Coordinator. [TCP].Distributed Transaction Coordinator (TCP-Out)ROutbound rule to allow traffic for the Distributed Transaction Coordinator. [TCP]*Distributed Transaction Coordinator (RPC)�Inbound rule for the Kernel Transaction Resource Manager for Distributed Transaction Coordinator service to be remotely managed via RPC/TCP.0Distributed Transaction Coordinator (RPC-EPMAP)�Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Kernel Transaction Resource Manager for Distributed Transaction Coordinator service.PARouting and Remote Access$Routing and Remote Access (L2TP-In)KInbound rule for RRAS to allow Layer 2 Tunnel Protocol traffic. [UDP 1701]%Routing and Remote Access (L2TP-Out)LOutbound rule for RRAS to allow Layer 2 Tunnel Protocol traffic. [UDP 1701]%Routing and Remote Access (PPTP-Out)SOutbound rule for RRAS to allow Point-to-Point Tunnel Protocol traffic. [TCP 1723]$Routing and Remote Access (PPTP-In)RInbound rule for RRAS to allow Point-to-Point Tunnel Protocol traffic. [TCP 1723]#Routing and Remote Access (GRE-In)OInbound rule for RRAS to allow Generic Routing Encapsulation Protocol traffic.$Routing and Remote Access (GRE-Out)OOutbound rule for RRAS to allow Generic Routing Encapsulation Protocol TrafficPA9Windows Collaboration Computer Name Registration ServiceCWindows Collaboration Computer Name Registration Service (PNRP-In)xInbound rule for the Windows Collaboration Computer Name Registration Service to allow Peer Name Resolution. [UDP 3540]DWindows Collaboration Computer Name Registration Service (PNRP-Out)yOutbound rule for the Windows Collaboration Computer Name Registration Service to allow Peer Name Resolution. [UDP 3540]CWindows Collaboration Computer Name Registration Service (SSDP-In)�Inbound rule for the Windows Collaboration Computer Name Registration Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]DWindows Collaboration Computer Name Registration Service (SSDP-Out)�Outbound rule for the Windows Collaboration Computer Name Registration Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]PA)Windows Management Instrumentation (WMI)-Windows Management Instrumentation (DCOM-In)\Inbound rule to allow DCOM traffic for remote Windows Management Instrumentation. [TCP 135],Windows Management Instrumentation (WMI-In)WInbound rule to allow WMI traffic for remote Windows Management Instrumentation. [TCP]PA.Windows Management Instrumentation (ASync-In)dInbound rule to allow Asynchronous WMI traffic for remote Windows Management Instrumentation. [TCP]-Windows Management Instrumentation (WMI-Out)XOutbound rule to allow WMI traffic for remote Windows Management Instrumentation. [TCP]PARemote Volume Management6Remote Volume Management - Virtual Disk Service (RPC)iInbound rule for the Remote Volume Management - Virtual Disk Service to be remotely managed via RPC/TCP.=Remote Volume Management - Virtual Disk Service Loader (RPC)pInbound rule for the Remote Volume Management - Virtual Disk Service Loader to be remotely managed via RPC/TCP.%Remote Volume Management (RPC-EPMAP)ZInbound rule for the RPCSS service to allow RPC/TCP traffic for Remote Volume Management.Performance Logs and Alerts%Performance Logs and Alerts (TCP-In)?Inbound rule for Performance Logs and Alerts traffic. [TCP-In]&Performance Logs and Alerts (DCOM-In)XInbound rule for Performance Logs and Alerts to allow remote DCOM activation. [TCP-135]jThe firewall rules that are part of Core Networking are required for reliable IPv4 and IPv6 connectivity.9Windows Remote Management - Compatibility Mode (HTTP-In)ZCompatibility mode inbound rule for Windows Remote Management via WS-Management. [TCP 80]PACast to Device functionality4Cast to Device streaming server (HTTP-Streaming-In)VInbound rule for the Cast to Device server to allow streaming using HTTP. [TCP 10246]4Cast to Device streaming server (RTCP-Streaming-In)XInbound rule for the Cast to Device server to allow streaming using RTSP and RTP. [UDP]4Cast to Device streaming server (RTP-Streaming-Out)YOutbound rule for the Cast to Device server to allow streaming using RTSP and RTP. [UDP]4Cast to Device streaming server (RTSP-Streaming-In)lInbound rule for the Cast to Device server to allow streaming using RTSP and RTP. [TCP 23554, 23555, 23556],Cast to Device functionality (qWave-UDP-In)�Inbound rule for the Cast to Device functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]-Cast to Device functionality (qWave-UDP-Out)�Outbound rule for the Cast to Device functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177],Cast to Device functionality (qWave-TCP-In)�Inbound rule for the Cast to Device functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]PA-Cast to Device functionality (qWave-TCP-Out)�Outbound rule for the Cast to Device functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]VInbound rule for the Cast to Device server to allow streaming using HTTP. [TCP 10247]PA'Cast to Device SSDP Discovery (UDP-In)EInbound rule to allow discovery of Cast to Device targets using SSDP$Cast to Device UPnP Events (TCP-In)HInbound rule to allow receiving UPnP Events from Cast to Device targetsSInbound rule to allow receiving UPnP Events from Cast to Device targets [TCP 5706]PAProximity Sharing,Proximity sharing over TCP (TCP sharing-In),Inbound rule for Proximity sharing over TCP-Proximity sharing over TCP (TCP sharing-Out)-Outbound rule for Proximity sharing over TCP"TPM Virtual Smart Card Management,TPM Virtual Smart Card Management (DCOM-In)^Inbound rule for remote TPM Virtual Smart Card Management to allow DCOM activation. [TCP 135]+TPM Virtual Smart Card Management (TCP-In)IInbound rule for remote TPM Virtual Smart Card Management traffic. [TCP],TPM Virtual Smart Card Management (TCP-Out)JOutbound rule for remote TPM Virtual Smart Card Management traffic. [TCP]Remote Shutdown*Inbound Rule for Remote Shutdown (TCP-In):Inbound rule for the Remote Shutdown via dynamic RPC/TCP.-Inbound Rule for Remote Shutdown (RPC-EP-In)<Inbound rule for the RPCSS service to allow RPC/TCP trafficPARemote Event MonitorRemote Event Monitor (RPC)6Inbound rule for remote event monitoring via RPC/TCP.!Remote Event Monitor (RPC-EPMAP)YInbound rule for the RPCSS service to allow RPC/TCP traffic for remote event monitoring.Wi-Fi Direct Network Discovery$Wi-Fi Direct Network Discovery (In)?Inbound rule to discover WSD devices on Wi-Fi Direct networks.%Wi-Fi Direct Network Discovery (Out)@Outbound rule to discover WSD devices on Wi-Fi Direct networks.Wi-Fi Direct Spooler Use (In);Inbound rule to use WSD printers on Wi-Fi Direct networks.Wi-Fi Direct Spooler Use (Out)<Outbound rule to use WSD printers on Wi-Fi Direct networks.#Wi-Fi Direct Scan Service Use (In);Inbound rule to use WSD scanners on Wi-Fi Direct networks.$Wi-Fi Direct Scan Service Use (Out)<Outbound rule to use WSD scanners on Wi-Fi Direct networks.PASoftware Load Balancer,Software Load Balancer Multiplexer (TCP-In)bThe Software Load Balancer Multiplexer enables TCP communication to the Network Controller. [TCP]PA>This group is to enable core networking diganostics features.AllJoyn RouterAllJoyn Router (TCP-In).Inbound rule for AllJoyn Router traffic [TCP]AllJoyn Router (TCP-Out)/Outbound rule for AllJoyn Router traffic [TCP]AllJoyn Router (UDP-In)PA.Inbound rule for AllJoyn Router traffic [UDP]AllJoyn Router (UDP-Out)/Outbound rule for AllJoyn Router traffic [UDP]DIAL protocol serverDIAL protocol server (HTTP-In)^Inbound rule for DIAL protocol server to allow remote control of Apps using HTTP. [TCP 10247]mDNSmDNS (UDP-In)$Inbound rule for mDNS traffic [UDP]mDNS (UDP-Out)%Outbound rule for mDNS traffic [UDP]PAConnected Devices Platform$Connected Devices Platform (TCP-In):Inbound rule for Connected Devices Platform traffic [TCP]%Connected Devices Platform (TCP-Out);Outbound rule for Connected Devices Platform traffic [TCP]$Connected Devices Platform (UDP-In)PA:Inbound rule for Connected Devices Platform traffic [UDP]%Connected Devices Platform (UDP-Out);Outbound rule for Connected Devices Platform traffic [UDP]=Connected Devices Platform - Wi-Fi Direct Transport (TCP-In)QInbound rule to use Wi-Fi Direct traffic in the Connected Devices Platform [TCP]>Connected Devices Platform - Wi-Fi Direct Transport (TCP-Out)SOutbound rule to use Wi-Fi Direct traffic in the Connected Devices Platform  [TCP]PAWindows Device Management0Windows Device Management Sync Client (TCP out)FAllow outbound TCP traffic from Windows Device Management Sync Client7Windows Device Management Enrollment Service (TCP out)MAllow outbound TCP traffic from Windows Device Management Enrollment Service:Windows Device Management Certificate Installer (TCP out)PAllow outbound TCP traffic from Windows Device Management Certificate Installer4Windows Device Management Device Enroller (TCP out)JAllow outbound TCP traffic from Windows Device Management Device Enroller!Active Directory Domain Services3Active Directory Domain Controller - LDAP (TCP-In)3Active Directory Domain Controller - LDAP (UDP-In):Active Directory Domain Controller - Secure LDAP (TCP-In)FActive Directory Domain Controller - LDAP for Global Catalog (TCP-In)MActive Directory Domain Controller - Secure LDAP for Global Catalog (TCP-In)-Active Directory Domain Controller (TCP-Out)-Active Directory Domain Controller (UDP-Out)9Active Directory Domain Controller - SAM/LSA (NP-UDP-In)9Active Directory Domain Controller - SAM/LSA (NP-TCP-In)FActive Directory Domain Controller - NetBIOS name resolution (UDP-In):Active Directory Domain Controller - W32Time (NTP-UDP-In)_Inbound rule to allow remote RPC/TCP access to the Active Directory Domain Controller service.oInbound rule for the RPCSS service to allow RPC/TCP traffic to the Active Directory Domain Controller service.hInbound rule for the Active Directory Domain Controller service to allow remote LDAP traffic. [TCP 389]hInbound rule for the Active Directory Domain Controller service to allow remote LDAP traffic. [UDP 389]oInbound rule for the Active Directory Domain Controller service to allow remote Secure LDAP traffic. [TCP 636]sInbound rule for the Active Directory Domain Controller service to allow remote Global Catalog traffic. [TCP 3268]zInbound rule for the Active Directory Domain Controller service to allow remote Secure Global Catalog traffic. [TCP 3269]HOutbound rule for the Active Directory Domain Controller service. [TCP]HOutbound rule for the Active Directory Domain Controller service. [UDP]sInbound rule for the Active Directory Domain Controller service to be remotely managed over Named Pipes. [UDP 445]sInbound rule for the Active Directory Domain Controller service to be remotely managed over Named Pipes. [TCP 445]lInbound rule for the Active Directory Domain Controller service to allow NetBIOS name resolution. [UDP 138]}Inbound rule for the Active Directory Domain Controller service to allow NTP traffic for the Windows Time service. [UDP 123]?Active Directory Domain Controller -  Echo Request (ICMPv4-In)_Inbound rule for the Active Directory Domain Controller service to allow Echo requests (ping).@Active Directory Domain Controller -  Echo Request (ICMPv4-Out)`Outbound rule for the Active Directory Domain Controller service to allow Echo requests (ping).?Active Directory Domain Controller -  Echo Request (ICMPv6-In)_Inbound rule for the Active Directory Domain Controller service to allow Echo requests (ping).@Active Directory Domain Controller -  Echo Request (ICMPv6-Out)`Outbound rule for the Active Directory Domain Controller service to allow Echo requests (ping).)Active Directory Domain Controller (RPC)/Active Directory Domain Controller (RPC-EPMAP)PANetlogon ServiceNetlogon Service (NP-In)OInbound rule for the NetLogon service to be remotely managed over Named Pipes.Netlogon Service Authz (RPC)TInbound rule for the NetLogon service to process remote authz requests via RPC/TCP.DFS ReplicationDFS Replication (RPC-In)3Inbound rule to allow DFS Replication RPC traffic.DFS Replication (RPC-EPMAP)QInbound rule for the RPCSS service to allow RPC/TCP traffic for DFS Replication.PADFS ManagementDFS Management (TCP-In)eInbound rule for DFS Management to allow the DFS Management service to be remotely managed via DCOM.DFS Management (DCOM-In)WInbound rule for DFS Management to allow remote DCOM activation via the RPCSS service.DFS Management (WMI-In)CInbound rule for DFS Management to allow remote invocation of WMI.DFS Management (SMB-In)uInbound rule for DFS Management to allow Server Message Block transmission and reception via Named Pipes. [TCP 445].Storage Migration Service
SMS (Any-In)PA;Allow inbound connections to the Storage Migration ServicePA]This feature is used for machine counting and license compliance in enterprise environments.PA Storage Migration Service ProxySMS Proxy (Any-In)AAllow inbound connections to the Storage Migration Service ProxyWindows Deployment Services(Windows Deployment Services (RPC-EPMAP)]Inbound rule for the RPCSS service to allow RPC/TCP traffic for Windows Deployment Services.%Windows Deployment Services (RPC-In)GInbound rule for Windows Deployment Services to allow RPC/TCP traffic.%Windows Deployment Services (UDP-In)CInbound rule for Windows Deployment Services to allow UDP traffic.$Windows Deployment Services (NP-In)[Inbound rule to allow Windows Deployment Services to be remotely managed over Named Pipes.�This feature allows Background Intelligent Transfer Service (BITS) clients that are in the same subnet to locate and share files that are stored in the BITS cache. (Uses WSDAPI and RPC) Portmap for UNIX-based Software)Portmap for UNIX-based Software (UDP-In)PAhAn inbound rule for Portmap for Unix-based Software to allow traffic for the Portmap service. [UDP 111])Portmap for UNIX-based Software (TCP-In)iAn inbound rule for Portmap for Unix-based Software to allow traffic for the Portmap service.  [TCP 111]Server for NFSServer for NFS (NFS-UDP-In)DAn inbound rule for Server for NFS to allow NFS traffic. [UDP 2049]Server for NFS (NFS-UDP-Out)+An outbound rule for Server for NFS. [UDP]Server for NFS (NFS-TCP-In)DAn inbound rule for Server for NFS to allow NFS traffic. [TCP 2049]Server for NFS (NFS-TCP-Out)+An outbound rule for Server for NFS. [TCP]PA~This feature is used for sharing local files and printers with other users on the network. (Uses NetBIOS, LLMNR, SMB and RPC)*World Wide Web Services (HTTP Traffic-In)World Wide Web Services (HTTP)+World Wide Web Services (HTTPS Traffic-In)'Secure World Wide Web Services (HTTPS)FTP Server (FTP Traffic-In)FTP Server)Web Management Service (HTTP Traffic-In)Web Management Service (HTTP)PA*World Wide Web Services (QUIC Traffic-In)&Secure World Wide Web Services (QUIC)WAn inbound rule to allow HTTP traffic for Internet Information Services (IIS) [TCP 80]YAn inbound rule to allow HTTPS traffic for Internet Information Services (IIS) [TCP 443]XAn inbound rule to allow QUIC traffic for Internet Information Services (IIS) [UDP 443]VAn inbound rule to allow FTP traffic for Internet Information Services (IIS) [TCP 21]kAn inbound rule to allow Web Management Service traffic for Internet Information Services (IIS) [TCP 8172]'FTP Server Secure (FTP SSL Traffic-In)`An inbound rule to allow FTP over SSL traffic for Internet Information Services (IIS) [TCP 990](FTP Server Secure (FTP SSL Traffic-Out)aAn outbound rule to allow FTP over SSL traffic for Internet Information Services (IIS) [TCP 989]FTP Server (FTP Traffic-Out)WAn outbound rule to allow FTP traffic for Internet Information Services (IIS) [TCP 20],FTP Server Passive (FTP Passive Traffic-In)PAbAn inbound rule to allow Passive FTP traffic for Internet Information Services (IIS) [TCP > 1023]/Microsoft Key Distribution Service (RPC EPMAP)/Microsoft Key Distribution Service (RPC EPMAP);Allow inbound TCP RPC Endpoint Mapper traffic to LSASS.exe)Microsoft Key Distribution Service (RPC))Microsoft Key Distribution Service (RPC)+Allow inbound TCP RPC traffic to LSASS.exeaThis feature is used for sharing local files over RDMA using the SMBDirect protocol. (Uses RDMA)PABThis feature is used for sharing local files using SMB over QUIC.EThis feature is used for accessing the desktop from a remote system.PAEThis feature is used for accessing the desktop from a remote system.PA\This feature allows users to connect interactively to a remote computer. (Uses RPC and WMI)IThis feature is used for connecting to iSCSI target servers and devices.PAConnection Broker Service Connection Broker Service (RPC)[Inbound rule to allow Connection Broker service to be remotely managed via RPC/TCP traffic&Connection Broker Service (RPC-EPMAP)PA^Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Connection Broker Service"Connection Broker Service (NP-In)]Inbound rule to allow the Connection Broker Service to be remotely managed over Named Pipes.*Connection Broker Service - WMI (DCOM-In)iInbound rule to allow DCOM traffic for remote WMI management of the Connection Broker Service. [TCP 135])Connection Broker Service - WMI (TCP-In)AInbound rule for WMI management of the Connection Broker Service*Connection Broker Service - WMI (WMI-Out)BOutbound rule for WMI management of the Connection Broker Service)Remote Desktop Virtualization Host AgentjInbound rule to allow Remote Desktop Virtualization Host Agent to be remotely managed via RPC/TCP traffic/Remote Desktop Virtualization Host Agent (RPC)mInbound rule for the RPCSS service to allow RPC/TCP traffic for the Remote Desktop Virtualization Host Agent5Remote Desktop Virtualization Host Agent (RPC-EPMAP)LInbound rule for WMI management of Remote Desktop Virtualization Host Agent8Remote Desktop Virtualization Host Agent - WMI (TCP-In)tInbound rule to allow DCOM traffic for remote WMI management of Remote Desktop Virtualization Host Agent. [TCP 135]9Remote Desktop Virtualization Host Agent - WMI (DCOM-In)MOutbound rule for WMI management of Remote Desktop Virtualization Host Agent9Remote Desktop Virtualization Host Agent - WMI (TCP-Out);Remote Desktop Virtualization Host Agent - WMI (TCP-Async)RInbound ASync rule for WMI management of Remote Desktop Virtualization Host Agent1Remote Desktop Virtualization Host Agent (NP-In)hInbound rule to allow Remote Desktop Virtualization Host Agent to be remotely managed over Named Pipes.#Remote Desktop Gateway Server Farm,Remote Desktop Gateway Server Farm (TCP-In)kInbound rule to allow connections from other members of the Remote Desktop Gateway Server farm. [TCP 3388]/Remote Desktop Gateway Server Farm (RPC-EPMAP)hInbound rule for the RPCSS service to allow RPC/TCP traffic for the Remote Desktop Gateway Server Farm.ERemote Desktop Gateway Server Farm (RPC HTTP Load Balancing Service)dInbound rule for the Remote Desktop Gateway Server Farm to allow RPC Load balancing communications.(Remote Desktop Gateway Server TransportPAJInbound rule group for HTTP and UDP transports of Remote Desktop Gateway.%Remote Desktop Gateway HTTP Listener�Inbound rule to allow connections to remote computers on your corporate network through HTTP(S) protocol on the Remote Desktop Gateway server.$Remote Desktop Gateway UDP Listener�Inbound rule to allow connections to remote computers on your corporate network through UDP protocol on the Remote Desktop Gateway server.,RemoteApp and Desktop Connection ManagementRemote Desktop Web AccessPAeThis feature allows remote viewing and management of the local event log. (Uses Named Pipes and RPC)PATThis feature allows remote management of local services. (Uses Named Pipes and RPC)cThe feature allows remotely manageable services to receive RPC traffic. (Uses Named Pipes and RPC)PAYThis feature allows remote management of the local Windows Defender Firewall. (Uses RPC)PA�This feature allows remote management of the system via WS-Management, a web services-based protocol for remote management of operating systems and devices.PA�This feature allows remote management of the system via WS-Management, a web services-based protocol for remote management of operating systems and devices.PA�This feature allows the transfer of media from your network enabled camera or media device to your computer using the Media Transfer Protocol (MTP). (Uses UPnP and SSDP)~This feature allows Media Center Extenders to communicate with a computer running Windows Media Center. (Uses SSDP and qWave)?This feature allows users to receive streaming media over UDP.PAVThis feature enables users to share media over a network. (Uses UPnP, SSDP and qWave)DThis feature allows users to share out home media over the Internet|This feature enables users to connect to projectors over wired or wireless networks to project presentations. (Uses WSDAPI)hThis feature is required to enable various peer-to-peer programs and technologies. (Uses SSDP and PNRP)�This feature is used for collaborating over a network to share documents, programs or your desktop with other people. (Uses DFSR and P2P)�This feature allows this computer to discover other devices and be discovered by other devices on the network. (Uses Function Discovery Host and Publication Services, UPnP, SSDP, NetBIOS and LLMNR)�This feature allows users of this computer to request remote assistance from other users on the network. (Uses UPnP, SSDP, PNRP and Teredo)WThis feature allows remote management of the local task scheduling service. (Uses RPC)PA�This feature coordinates transactions that update transaction-protected resources, such as databases, message queues and file systems.PA@This feature is used to allow incoming VPN and RAS connections.�This feature allows other computers to find and communicate with your computer using the Peer Name Resolution Protocol. (Uses SSDP and PNRP)PA�This feature allows remote management of Windows by exposing a set of manageable components in a set of classes defined by the Common Information Model (CIM) of the distributed management task force. (Uses DCOM)VThis feature provides remote software and hardware disk volume management. (Uses RPC)]This feature allows remote management of the Performance Logs and Alerts service. (Uses RPC)PAdThis feature enables streaming of music, video and pictures to DLNA Digital Media Renderer devices.eThis feature enables sharing of content between two PCs with proximity devices when tapped together.PAUThis feature allows remote management of TPM virtual smart card devices. (Uses DCOM)PA:This feature allows remote shutdown/restart of a computer8This feature allows remote event monitoring. (Uses RPC)JThis feature allows this computer to discover printers connected via WFD.5This group contains Rules for Software Load BalancerPA1This group contains Rules for the AllJoyn RouterPAhThis group contains Rules for DIAL protocol that enables apps discovery and launching on remote devices$This group contains rules for mDNS.=This group contains Rules for the Connected Devices PlatformPA8This group contains Rules for Windows Device Management5This feature enables network logon for domain users.PA�This feature is used to maintain a secure channel between domain clients and a domain controller for authenticating users and services. (Uses RPC)PA�This feature is used to replicate files among multiple servers keeping them in sync. It can be used with DFS-N to provide high availability and local access across a wide area network (WAN) (Uses RPC)PAThis feature is used to provide remote management capabilities for the Distributed File System (DFS). (Uses DCOM, WMI and SMB)PASOrchestrates storage migration by invoking Storage Migration Service Proxy servicePAEService to run inventory, transfer and cutover for storage migrationPAWindows Deployment Services provides a simplified, secure means of rapidly deploying \ Windows to computers via network-based installation, without the administrator visiting \ each computer directly or installing from physical media. (Uses RPC, UDP, and NP)PACThis feature provides support for Portmap for UNIX-based Software.PAHThis feature allows this computer to share files with the NFS protocol.Client for NFSClient for NFS (UDP-Out)XAn outbound rule for Client for NFS to allow traffic for the NFS client service. [UDP] Client for NFS (TCP-Out)XAn outbound rule for Client for NFS to allow traffic for the NFS client service. [TCP] PABThis feature provides a web server that will handle HTTP traffic.CThis feature provides a web server that will handle HTTPS traffic.MThis feature provides an FTP server for file transfers via the FTP protocol.BThis feature provides a web server that will handle QUIC traffic.�This feature provides a web management service that will handle HTTP traffic for remote Internet Information Services (IIS) management.�In a Remote Desktop Session Host server pool, this feature allows a user to reconnect to a Remote Desktop Session Host server where the user's disconnected session resides. (Uses RPC and WMI)MAllows the management and connection to the Hyper-V guest Operating Systems.PA�This feature is used for load balancing Remote Desktop client connections between members of a Remote Desktop Gateway server farm. (Uses RPC and RPC HTTP Load Balancing)NManages the assignment of remoteApp and desktop connection resources to users�Remote Desktop Web Access enables users to connect to resources provided by session collections and virtual desktop collections by using Start menu or a web browser.XFeature used to allow incoming connections to the HupScope image through ScopeProxy.exeScopeProxy-In-TCPBInbound rule to allow ScopeProxy traffic used for HupScope imagesDHCP Server v4 (UDP-In)\An inbound rule to allow traffic to the IPv4 Dynamic Host Control Protocol Server. [UDP 67]DHCP Server v6 (UDP-In)]An inbound rule to allow traffic to the IPv6 Dynamic Host Control Protocol Server. [UDP 547]DHCP Server (RPC-In)RAn inbound rule to allow traffic to allow RPC traffic for DHCP Server management.DHCP ServerDHCP Server (RPCSS-In)TAn inbound rule to allow traffic to allow RPCSS traffic for DHCP Server management.DHCP Server ManagementDHCP Server v4 (UDP-In)OAn inbound rule to allow traffic so that rogue detection works in V4. [UDP 68]DHCP Server v6 (UDP-In)PAn inbound rule to allow traffic so that rogue detection works in V6. [UDP 546];DHCP Server - Remote Service Management using SCM (RPC-in)�An inbound rule to allow services to be remotely managed using Service Control Manager. This rule is added with the DHCP Server role.DHCP Server Failover (TCP-In)rAn inbound rule to allow DHCP failover messages to the IPv4 Dynamic Host Configuration Protocol Server. [TCP 647]DHCP Server Failover (TCP-Out)sAn outbound rule to allow DHCP failover messages to the IPv4 Dynamic Host Configuration Protocol Server. [TCP 647]DHCP Server (SMB-In)UAn inbound rule to allow creation of DHCP server security groups remotely. [TCP 445]
SNMP ServicePA
Enables Simple Network Management Protocol (SNMP) requests to be processed by this computer. If this service is stopped, the computer will be unable to process SNMP requests. If this service is disabled, any services that explicitly depend on it will fail to start.*Allow inbound UDP traffic to SNMP service-Allow outbound UDP traffic from SNMP service1Block any other traffic to and from SNMP serviceSNMP Service (UDP In)SNMP Service (UDP Out)hInbound rule for the Simple Network Management Protocol (SNMP) Service to allow SNMP traffic. [UDP 161]iOutbound rule for the Simple Network Management Protocol (SNMP) Service to allow SNMP traffic. [UDP 161]0Block any other inbound traffic to SNMP service3Block any other outbound traffic from SNMP servicePA
SNMP TrapvReceives trap messages generated by local or remote Simple Network Management Protocol (SNMP) agents and forwards the messages to SNMP management programs running on this computer. If this service is stopped, SNMP-based programs on this computer will not receive SNMP trap messages. If this service is disabled, any services that explicitly depend on it will fail to start..Allow inbound UDP traffic to SNMPTRAP service5Block any other traffic to and from SNMPTRAP serviceSNMP Trap Service (UDP In)FInbound rule for the SNMP Trap Service to allow SNMP traps. [UDP 162]$RPC Endpoint Mapper (TCP, Incoming)DNS (TCP, Incoming)DNS (UDP, Incoming)RPC (TCP, Incoming)All Outgoing (TCP)All Outgoing (UDP)PInbound rule for the RPCSS service to allow RPC/TCP traffic to the DNS Service.<Inbound rule to allow remote TCP access to the DNS service.<Inbound rule to allow remote UDP access to the DNS service.@Inbound rule to allow remote RPC/TCP access to the DNS service.=Outbound rule to allow all TCP traffic from the DNS service.=Outbound rule to allow all UDP traffic from the DNS service.DNS Service1Enables/Disables firewall rules for DNS Service.PA'Remote Access Management (RRAS-RPC-In)PAFInbound rule to allow VPN (RRAS) to be remotely managed over RPC/TCP.&Remote Access Management (NPS-RPC-In)FInbound rule to allow VPN (RRAS) to be remotely managed over RPC/TCP.!Remote Access Management (NP-In)MInbound rule to allow Remote Access to be remotely managed over named pipes."Remote Access Management (WMI-In)LInbound rule to allow WMI traffic for Remote Access to be remotely managed.+Remote Access Management (Services-RPC-In)DInbound rule to allow services to be remotely managed over RPC/TCP.PARemote Access#Remote Access Management (DCOM-In)MInbound rule to allow DCOM traffic for Remote Access to be remotely managed.DHCP Relay Agent%DHCPv4 Relay Agent [Client] (UDP-In)DInbound rule for DHCPv4 Relay Agent to allow DHCP traffic. [UDP 67]&DHCPv4 Relay Agent [Client] (UDP-Out)EOutbound rule for DHCPv4 Relay Agent to allow DHCP traffic. [UDP 67]DHCPv6 Relay Agent%DHCPv6 Relay Agent [Server] (UDP-In)EInbound rule for DHCPv6 Relay Agent to allow DHCP traffic. [UDP 547]&DHCPv6 Relay Agent [Server] (UDP-Out)FOutbound rule for DHCPv6 Relay Agent to allow DHCP traffic. [UDP 547]'Windows Internet Naming Service (WINS)0Windows Internet Naming Service (WINS) (TCP-In)VInbound rule for the Windows Internet Naming Service to allow WINS requests. [TCP 42]1Windows Internet Naming Service (WINS) (TCP-Out)=Outbound rule for the Windows Internet Naming Service. [TCP]0Windows Internet Naming Service (WINS) (UDP-In)VInbound rule for the Windows Internet Naming Service to allow WINS requests. [UDP 42]1Windows Internet Naming Service (WINS) (UDP-Out)=Outbound rule for the Windows Internet Naming Service. [UDP]8Windows Internet Naming Service (WINS) (NB-Name-UDP-In)aInbound rule for the Windows Internet Naming Service to allow NetBIOS Name Resolution. [UDP 137];Windows Internet Naming Service (WINS) - Remote ManagementPAAWindows Internet Naming Service (WINS) - Remote Management (RPC)]Inbound rule for the Windows Internet Naming Service to allow remote management via RPC/TCP.GWindows Internet Naming Service (WINS) - Remote Management (RPC-EPMAP)eInbound rule for the RPCSS service to allow RPC/TCP traffic for the Windows Internet Naming Service.CWindows Internet Naming Service (WINS) - Remote Management (NP-In)^Inbound rule for the Windows Internet Naming Service to be remotely managed over Named Pipes.PAAD FSAD FS ManagementcYou can use AD FS Management snap-in to define and configure Active Directory Federation Services.Microsoft Corporation	10.0.0.0%Active Directory Federation ServicesGEnables Active Directory Federation Services to issue security tokens.%Active Directory Federation ServicesXEnables Active Directory Federation Services Proxy to forward security tokens requests.AD FS HTTP Services (TCP-In)%Inbound rule for AD FS HTTP servicesAD FS HTTPS Services (TCP-In)'Inbound rule for AD FS HTTPS services.1AD FS Smart-card Authentication Service (TCP-In):Inbound rule for AD FS Smart-card Authentication Service.Device Registration Service6.1.0.0Device Registration Service�Enables Device Registration Service to register personal devices. If this service is stopped, users cannot register their devices with their company.*Device Registration Service (HTTP-TCP-In)2Inbound HTTP rule for Device Registration Service+Device Registration Service (HTTPS-TCP-In)3Inbound HTTPS rule for Device Registration ServiceActive Directory Web Services`This service provides a Web Service interface to instances of the directory service (AD DS and AD LDS) that are running locally on this server. If this service is stopped or disabled, client applications, such as Active Directory PowerShell, will not be able to access or manage any directory service instances that are running locally on this server.:Inbound rule for the Active Directory Web Services. [TCP]Active Directory Web Services'Active Directory Web Services (TCP-In);Outbound rule for the Active Directory Web Services. [TCP](Active Directory Web Services (TCP-Out)Recommended Troubleshooting4Recommended Troubleshooting Client (HTTP/HTTPS Out)JAllow outbound HTTP/HTTPS traffic from Recommended Troubleshooting ClientSSH Server,Incoming connection to Secure Shell Server.Sirep Server (Service)Sirep Server (Service)Sirep Server (Ping)Sirep Server (Ping)PASirep Server (Protocol 2)Sirep Server (Protocol 2)/Remote File Server Resource Manager ManagementPA_Remote File Server Resource Manager Management - Windows Management Instrumentation (Async-In)dInbound rule to allow Asynchronous WMI traffic for remote Windows Management Instrumentation. [TCP]]Remote File Server Resource Manager Management - Windows Management Instrumentation (WMI-In)WInbound rule to allow WMI traffic for remote Windows Management Instrumentation. [TCP]JRemote File Server Resource Manager Management - Remote Registry (RPC-In)QInbound rule for the Remote Registry service to be remotely managed via RPC/TCP.IRemote File Server Resource Manager Management - Task Scheduler (RPC-In)PInbound rule for the Task Scheduler service to be remotely managed via RPC/TCP.GRemote File Server Resource Manager Management - FSRM Service (RPC-In)^Inbound rule for the File Server Resource Manager service to be remotely managed via RPC/TCP.ORemote File Server Resource Manager Management - FSRM Reports Service (RPC-In)eInbound rule for the File Server Storage Reports Manager service to be remotely managed via RPC/TCP.CRemote File Server Resource Manager Management - RpcSs (RPC-EPMAP)aInbound rule for the RpcSs service to allow RPC/TCP traffic for the File Server Resource Manager8Remote File Server Resource Manager Management (SMB-In)�Inbound rule for the File Server Resource Manager to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]Virtual Machine Monitoring6Virtual Machine Monitoring (Echo Request - ICMPv4-In)@Echo Request messages are sent as ping requests to other nodes.6Virtual Machine Monitoring (Echo Request - ICMPv6-In)@Echo Request messages are sent as ping requests to other nodes.+Virtual Machine Monitoring (NB-Session-In)+Allow NetBIOS Session Service connections.!Virtual Machine Monitoring (RPC)AAllow Task Scheduler service to be remotely managed via RPC/TCP.%Virtual Machine Monitoring (DCOM-In)BAllow DCOM traffic for remote Windows Management Instrumentation.(Peer Name Resolution Protocol (PNRP-IN)@An inbound rule to allow traffic to the PNRP service.[UDP 3540]Peer Name Resolution ProtocolFax Service (RPC-In)MInbound rule that opens the RPC data transmission ports for the fax service.Windows Fax Service2Fax service RPC endpoint mapper protocol (RPC-In)>Inbound rule for the fax service RPC endpoint mapper (EPMAP).LPD ServiceAOpens the default port used by the Line Printer Daemon protocol.PA*Microsoft Media Foundation Network Source7Microsoft Media Foundation Network Source IN [TCP 554]^InBound Rule for the Microsoft Media Foundation's Capture SVC to open TCP port to enable RTSP8Microsoft Media Foundation Network Source OUT [TCP ALL]_OutBound Rule for the Microsoft Media Foundation's Capture SVC to open TCP port to enable RTSP=Microsoft Media Foundation Network Source IN [UDP 5004-5009]^InBound Rule for the Microsoft Media Foundation's Capture SVC to open UDP port to enable RTSP>Microsoft Media Foundation Network Source OUT [UDP 5004-5009]_OutBound Rule for the Microsoft Media Foundation's Capture SVC to open UDP port to enable RTSPAzure Stack HCIAzure Stack HCI (TCP-In)@Inbound rule to allow traffic to Azure Stack HCI service. [TCP]Azure Stack HCI (TCP-Out)COutbound rule to allow traffic from Azure Stack HCI service. [TCP]+Azure Stack HCI IMDS Attestation (HTTP-In)TInbound rule to allow traffic to Azure Stack HCI IMDS Attestation Service. [TCP 80]PA*This feature provides NFS client support.Storage ReplicaStorage Replica (SMB-In)NInbound rule to allow Server Message Block traffic via Named Pipes. [TCP 445]&Storage Replica Management (WINRM-In)QInbound rule for Storage Replica Remote Management via WS-Management. [TCP 5985]%Storage Replica Management (DCOM-In)TInbound rule to allow DCOM traffic for Storage Replica Remote Management. [TCP 135]$Storage Replica Management (WMI-In)OInbound rule to allow WMI traffic for Storage Replica Remote Management. [TCP]%Storage Replica Management (WMI-Out)POutbound rule to allow WMI traffic for Storage Replica Remote Management. [TCP]*Storage Replica Management (WMI-ASync-In)UInbound rule to allow async WMI traffic for Storage Replica Remote Management. [TCP]0Visual Studio Remote Debugger (Msvsmon-In-8116)IAllow inbound TCP traffic on port 8116 for Visual Studio Remote DebuggerIAllow inbound TCP traffic on port 8117 for Visual Studio Remote Debugger1Visual Studio Remote Debugger (Msvsmon-Out-8116)JAllow outbound TCP traffic on port 8116 for Visual Studio Remote DebuggerJAllow outbound TCP traffic on port 8117 for Visual Studio Remote Debugger	DevTools4Visual Studio Remote Debugger (Msvsmon-Wow-In-8116)0Visual Studio Remote Debugger (Msvsmon-In-8117)4Visual Studio Remote Debugger (Msvsmon-Wow-In-8117)1Visual Studio Remote Debugger (Msvsmon-Out-8117)XdeSvc Connection ManagerPAEmulator Service ConnectionsXdeSvc Discovery ManagerEmulator Service DiscoveryXdeSvc Windows Device Portal (Http-In)?Allow inbound TCP traffic on port 80 for Windows Device Portal!Windows Device Portal (Https-In)@Allow inbound TCP traffic on port 443 for Windows Device PortalWindows Device PortalIAllow inbound TCP traffic on dynamic HTTP port for Windows Device PortalJAllow inbound TCP traffic on dynamic HTTPS port for Windows Device Portal'Windows Device Portal (Http-In-Domain)(Windows Device Portal (Https-In-Domain)(Windows Device Portal (Http-In-Private))Windows Device Portal (Https-In-Private)4Allow inbound TCP traffic for Windows Device Portal:Visual Studio Remote Debugger Universal (Msvsmon-In-8116)>Visual Studio Remote Debugger Universal (Msvsmon-Wow-In-8116):Visual Studio Remote Debugger Universal (Msvsmon-In-8117)>Visual Studio Remote Debugger Universal (Msvsmon-Wow-In-8117)PIX Profiler (PIX-In-4200)PIX Profiler (PIX-Wow-In-4200)PIX Profiler (PIX-In-4201)PIX Profiler (PIX-Wow-In-4201)8Allow inbound TCP traffic on port 4200 for PIX Profiler8Allow inbound TCP traffic on port 4201 for PIX ProfilerPAScopeProxy TCPSystem InsightsSystem Insights (TCP-In)@Inbound rule to allow traffic to System Insights service. [TCP]Hyper-V Management Clients+Hyper-V Management Clients - WMI (DCOM-In)\Inbound rule for the Hyper-V management clients to allow WMI management via DCOM. [TCP 135]*Hyper-V Management Clients - WMI (TCP-In)SInbound rule for the Hyper-V management clients to allow remote WMI traffic. [TCP]+Hyper-V Management Clients - WMI (TCP-Out)TOutbound rule for the Hyper-V management clients to allow remote WMI traffic. [TCP],Hyper-V Management Clients - WMI (Async-In)YInbound rule for the Hyper-V management clients to allow asynchronous WMI traffic. [TCP]�This feature performs TCP/IP configuration for DHCP clients, including dynamic assignments of IP addresses, specification of the WINS and DNS servers,and connection-specific DNS names.;This feature performs dhcp server configuration (Uses RPC)PApThis feature allows Simple Network Management Protocol (SNMP) traffic to be sent and received by this computer.OThis feature allows SNMP Trap service traffic to be received by this computer.PANetwork Policy Server>Network Policy Server (Legacy RADIUS Authentication - UDP-In)bInbound rule to allow Network Policy Server to receive RADIUS Authentication requests. [UDP 1645]:Network Policy Server (Legacy RADIUS Accounting - UDP-In)^Inbound rule to allow Network Policy Server to receive RADIUS Accounting requests. [UDP 1646]7Network Policy Server (RADIUS Authentication - UDP-In)bInbound rule to allow Network Policy Server to receive RADIUS Authentication requests. [UDP 1812]3Network Policy Server (RADIUS Accounting - UDP-In)^Inbound rule to allow Network Policy Server to receive RADIUS Accounting requests. [UDP 1813] Network Policy Server (DCOM-In)LInbound rule to allow DCOM traffic for the Network Policy Server. [TCP 135]Network Policy Server (RPC)OInbound rule for the Network Policy Server to be remotely managed via RPC/TCP.PACloud IdentityCloud Identity (TCP-Out)�Outbound rule to allow the Microsoft cloud identity NT Service (cloudidsvc) to make network requests required for its functionality [TCP].Rules for remote management of Remote Access.;This feature relays DHCP message between client and server<This feature relays DHCPv6 message between client to serverPA@This feature translates NetBIOS computer names to IP addresses.kThis feature allows the Windows Internet Naming Service to be remotely managed. (Uses RPC and Named Pipes)PAZThis feature allows your device to receive recommended troubleshooting for known problemsSsh Server
Sirep Server�This feature allows File Server Resource Manager to be managed remotely using the File Server Resource Manager snap-in or the command line tools.XThis feature enabled the streaming of a Network source from the Camera Capture pipeline.This group contains rules for Azure Stack HCI�4VS_VERSION_INFO��

|O

|O?StringFileInfo�040904B0LCompanyNameMicrosoft CorporationdFileDescriptionWindows Defender Firewall APIn'FileVersion10.0.20348.3328 (WinBuild.160101.0800)@InternalNameFirewallAPI.DLL�.LegalCopyright� Microsoft Corporation. All rights reserved.POriginalFilenameFirewallAPI.DLL.MUIj%ProductNameMicrosoft� Windows� Operating SystemDProductVersion10.0.20348.3328DVarFileInfo$Translation	�PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD