MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!  &@@$.rsrc0&@@ (@hi 8Ph(@Xp0H`x  8 !P "h + . / 0 1 3 4 5( 6@ ZX [p \ ] ^ _ ` a b c0 H ` x        8 P h % & 4 5 D E T c( d@ sX tp      0H`x 8Ph(@Xp./>?@N0]H^`mx} 8Ph H W g m w   ( @ X p      " 2 0B HQ `q x        8< PK h[ j n q     ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x           ( 8 H X h x             (  8  H  X  h  x         01x12X(4X6d7l8l<4>G NQXV^telhrdw t" x*  db ȴhLLXB<HrPJr 0xpf  bDJ,  h( v D$%(h-<2L6|7rL،B (|8,tlfԳl@ؽnH0`hP|L N <b|L@P  0L0|D,ZHZt4H` P!4"0$8h%8&.h'(:D) ++,-.T//x0,1MUIڰ x&pʮT\$VL q MUIen-US!Firewall log files (*.log)*.logBrowselog[The value entered for the log file size is not valid. Enter a value between 1 and 32767 k.PAFile and Printer SharingNetBIOS Name ServiceNetBIOS Datagram ServiceNetBIOS Session Service SMB over TCPUPnP Framework!SSDP Component of UPnP FrameworkUPnP Framework over TCPRemote DesktopDomain Name Server (DNS)2Dynamic Host Configuration Protocol Server (DHCP)2Dynamic Host Configuration Protocol Client (DHCP)Incoming Connection VPN (PPTP)Incoming Connection VPN (L2TP)IP Security (IPsec - IKE) IP Security (IPsec - IKE/NAT-T)1Phase 1: Local address = %s, Remote address = %s1Phase 2: Local address = %s, Remote address = %s, Protocol = 0x%x, Protocol = Any, Local port = 0x%x, Local port = Any, Remote port = 0x%x, Remote port = AnyPAWindows FirewallWindows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.&Windows Firewall Authorization DriverWindows Firewall Authorization Driver is a kernel mode driver that provides deep inspection services on inbound and outbound network traffic.!Allow authenticated IPsec bypass[Allows specific computers to have unrestricted, but authenticated, access to the computer.YesNoEnabled DisabledPA Group Policy Local PolicyGroup and Local PolicyDomainPrivateAll interfacesOffOnDon't allow exceptions All subnetsLocal subnet onlyCustom subnetsAddRemoveModify'Allow outgoing destination unreachablePAAllow outgoing source quenchAllow redirectAllow incoming echo requestAllow incoming router requestAllow outgoing time exceeded!Allow outgoing parameter problem!Allow incoming timestamp requestAllow incoming mask requestAllow outgoing packet too big1The rule was parsed successfully from the store.The rule is from a later version of the service. Some fields were not understood and have been ignored. This may cause the rule to be less restrictive than on the version where it was created. To mitigate any risk from this fallback behavior, ensure that the original rule is as specific as possible. To avoid this fallback behavior, create version-specific GPO's, or apply a Platform condition to the rule.The rule is from a newer schema version than the service, and the unknown fields could not be ignored. The whole rule was ignored.?The name contains invalid characters, or is an invalid length.FThe description contains invalid characters, or is an invalid length.FThe application contains invalid characters, or is an invalid length.BThe service contains invalid characters, or is an invalid length.PAZThe authorized remote machines list contains invalid characters, or is an invalid length.WThe authorized remote users list contains invalid characters, or is an invalid length.hThe group (sometimes called the embedded context) contains invalid characters, or is an invalid length.*The service was unable to parse the rule.EAn invalid port range was specified, or 0 was used as a port number.ZSome of the keywords specified on the remote address are only valid on the local address.7Number of interfaces and interface buffer don't match.The interface type is invalid.The action is invalid.The direction is invalid.IThe protocol-specific options do not match the protocol that was chosen.dThe rule was parsed successfully, but there was an unknown semantic error when processing the rule.An error occurred.Enable Windows FirewallDisable Stealth ModeWindows Firewall Shielded ModePA'Disable Unicast Responses to MulticastLog Dropped PacketsLog Successful ConnectionsLog Ignored RulesMaximum Log File SizeLog File PathDisable Inbound Notifications6Allow User preferred merge of Authorized Applications2Allow User preferred merge of Globally open portsAllow Local Policy MergeAllow Local IPsec Policy MergeDisabled InterfacesDefault Outbound ActionDefault Inbound ActionCurrent ProfileDisable Stateful FTPIgnored Disable Stateful PPTPIPsec SA Idle timeIPsec preshared key encoding IPsec ExemptIPsec CRL Check<All>AllowBlockBThe rule ID contains invalid characters, or is an invalid length.NThe phase 1 auth set ID contains invalid characters, or is an invalid length.SThe quick mode crypto set ID contains invalid characters, or is an invalid length.RThe main mode crypto set ID contains invalid characters, or is an invalid length.,The application name could not be resolved.The Rule ID was not specified..Mismatch in number of ports and ports buffer.%One of the port keywords is invalid.=Mismatch in number of V4 address subnets and subnets buffer.=Mismatch in number of V6 address subnets and subnets buffer.;Mismatch in number of V4 address ranges and ranges buffer.;Mismatch in number of V6 address ranges and ranges buffer.SThe address range is invalid. The end address is less than the beginning address.,One or more of the subnet masks is invalid.0One or more of the address prefixes is invalid.1One or more of the address keywords are invalid.ZSome of the keywords specified on the local address are only valid on the remote address.,Mismatch in number of ICMP and ICMP buffer.Invalid ICMP code specified.Allow-Bypass action specified, but the rule does not meet allow-bypass criteria (inbound, authenticate/encrypt flags set, remote machine auth list specified) The protocol number is invalid.Invalid flags specified.TAutogenerate flag is set but Authenticate / Authenticate-encrypt flags are not set.2Autogenerate flag is set but the action is block.PA6Autogenerate flag is set along with Dynamic RPC flag.RThe Authentication and Authentication & Encryption flags cannot be used together.PAuthorization lists can only be used if authentication is required on the rule.MNumber of valid OS Platforms and the list of valid OS Platforms don't match +The phase 1 auth set ID must be specified.0The quick mode crypto set ID must be specified.The Set ID was not specified.The IPsec phase is invalid. No suites specified in the set.,One of the phase 1 auth methods is invalid.,One of the phase 2 auth methods is invalid.4Anonymous cannot be the only authentication method.$Invalid auth suite flags specified._Machine certificates can only be used in phase 2 auth if they are machine health certificates._Machine Preshared Key was selected as an authentication type, but no key string was specified.bThe certificate authority name is required, and must be formatted as an X.509 distinguished name.RBoth machine and user auth cannot be proposed within the same authentication set./The main mode crypto set ID must be specified.*The phase 1 crypto set flags are invalid.0The main mode lifetime, in minutes, is invalid.1The main mode lifetime, in sessions, is invalid.9One of the main mode key exchange algorithms is invalid.7One of the main mode encryption algorithms is invalid.1One of the main mode hash algorithms is invalid.:One of the quick mode key exchange algorithms is invalid.6One of the quick mode encapsulation types is invalid.8One of the quick mode encryption algorithms is invalid.2One of the quick mode hash algorithms is invalid.1The quick mode lifetime, in minutes, is invalid.3The quick mode lifetime, in kilobytes, is invalid.@Remote user authorization can only be applied to inbound rules.NAn unspecified, multicast, broadcast, or loopback IPv6 address was specified.PAGIf the action is Do Not Secure, the auth and crypto sets must be null.-Either Encryption or Hash must be specified.WBlock action was specified in conjunction with require security or require encryption..The phase 1 authentication set was not found..The phase 2 authentication set was not found.0The quick mode cryptographic set was not found.A conflict was detected between the phase 1 and phase 2 authentication sets. When preshared keys are used in phase 1, there cannot be a phase 2 authentication set.]A local address cannot be used in conjunction with an interface or interface type condition. Program Name InterfacesLocal AddressesRemote Addresses Local Port Remote PortEndPoint 1 AddressesEndPoint 2 AddressesEndpoint 1 PortEndpoint 2 PortNot ConfiguredThe profile type is invalid.PublicNAn unspecified, multicast, broadcast, or loopback IPv4 address was specified.qMachine health certificates and regular certificates cannot both be proposed within the same authentication set.None;Endpoint 'any' cannot be specified for a tunnel-mode rule.IPsec Through NATPolicy Version6The target schema version specified is not supported.KThe same authentication method cannot be used more than once within a set.This error value is not used.8The target schema version does not support port ranges.XThe Authentication (Dynamic Encryption) flag cannot be used when direction is Outbound.tWhen the Authentication (Dynamic Encryption) flag is set, the Authentication & Encryption flag must be set as well.PThe target schema version does not support Authentication (Dynamic Encryption).HThe target schema version does not support outbound Allow-Bypass rules.rAllow-Bypass action specified, but the rule does not meet allow-bypass criteria (authenticate/encrypt flags set) Defer to user' setting can only be used in a firewall rule where program path and TCP/UDP protocol are specified with no additional conditions.\Port ranges are only allowed in connection security rules when the action is Do Not Secure.MThe target schema version does not support the platform operator specified. 5The DTM flag requires at least one dynamic endpoint.CA dynamic tunnel-mode exemption rule cannot have tunnel endpoints.CThe target schema version does not support tunnel-mode exemptions.fAuthentication mode,"Require inbound and clear outbound" can only be set when using IPsec tunneling. @Bypass Tunnel If Secure may not be set on Transport-Mode rules.*One of the platform operators is invalid.'%s unregistered from Windows Firewall.a%s unregistered from Windows Firewall. Windows Firewall is now controlling the filtering for %s.FirewallRuleCategoryPAConSecRuleCategoryStealthRuleCategoryBootTimeRuleCategory, NAuthentication (No Encapsulation) cannot be specified on a tunnel-mode rule. \Authentication (No Encapsulation) cannot be specified on a rule that uses a preshared key. AThe target schema version does not support certificate criteria.<Certificate criteria version does not match schema version.gThe certificate criteria are invalid. A thumbprint hash must be specified when FollowRenewal is used.GThe certificate criteria are invalid. The thumbprint hash is invalid.MThe certificate criteria are invalid. One or more of the EKU's are invalid.AThe certificate criteria are invalid. The name type is invalid.FThe certificate criteria are invalid. The subject name is not valid.LThe certificate criteria are invalid. The criteria type flags are invalid.The certificate criteria are invalid. You need to specify at least one set of validation criteria and one set of selection criteria for each set of certificate proposal with the same signing method.XThe local user authorization list contains invalid characters, or is an invalid length.RThe authorized local user list may not be used in conjunction with a service SID.KThe target schema version does not support the authorized local user list.4Disable Stealth Mode IPsec Secured Packet ExemptionjThe Kerberos proxy name must be a fully qualified domain name (FQDN). For example: kerbproxy.contoso.com 0IPsec Policy Agent service hardening - LDAP/TCPGAllow IPsec Policy Agent outbound LDAP/TCP traffic to Active Directory0IPsec Policy Agent service hardening - LDAP/UDPGAllow IPsec Policy Agent outbound LDAP/UDP traffic to Active DirectoryUIPsec Policy Agent service hardening - Block any other traffic to IPsec Policy AgentWIPsec Policy Agent service hardening - Block any other traffic from IPsec Policy Agent=MpsSvc service hardening - Block any other traffic to MpsSvc?MpsSvc service hardening - Block any other traffic from MpsSvc+Inbound service restriction rule for %1!s!+Block all inbound traffic to service %1!s!,Outbound service restriction rule for %1!s!.Block all outbound traffic from service %1!s!PA9IPsec Policy Agent service hardening - Remote ManagementGAllow IPsec Policy Agent inbound RPC/TCP traffic for Remote Management"The remote endpoints are invalid.%The remote endpoint FQDN is invalid.&The choice of key modules is invalid.)The forward path SA lifetime is invalid.JThe target schema version does not support custom key module preferences.WThe target schema version does not support transport rule machine authorization lists.TThe target schema version does not support transport rule user authorization lists.DTransport machine authorization SDDL specified on tunnel-mode rule.PAATransport user authorization SDDL specified on tunnel-mode rule.iThe Apply Global Authorization flag cannot be used when a per-rule authorization list is also specified..The transport rule machine SDDL is not valid.+The transport rule user SDDL is not valid.This error value is not used.NThe phase 2 auth set ID contains invalid characters, or is an invalid length.>The target schema version does not support dynamic endpoints.When specifying tunnel endpoints in both IPv4 and IPv6, a tunnel endpoint may not be dynamic for one address family and explicit for the other. (A dynamic tunnel endpoint is one set to "Any".)The edge traversal flags are inconsistent. Defer To App must be set without Edge Traversal, but Defer To User must be set with Edge Traversal.NThe target schema version does not support Authentication (No Encapsulation).eWhen the Authentication (No Encapsulation) flag is set, the Authentication flag must be set as well.HThe target schema version does not support tunnel authentication modes.HThe target schema version does not support tunnel authentication modes.AThe target schema version does not support the IP_HTTPS keyword.?The target schema version does not support the IP_TLS keyword.CThe target schema version does not support dynamic edge traversal.PA%The local user owner SID is invalid.GThe target schema version does not support the local user owner field.=The target schema version does not support profile crossing.VThe target schema version does not support one or more of the address keywords given.(The application package SID is invalid.EThe target schema version does not support application package SIDs.VLogical endpoints (trust tuples) cannot be combined with specific addresses or ports.AOne or more of the logical endpoints (trust tuples) are invalid.MThe target schema version does not support logical endpoints (trust tuples).KThe target schema version does not support the Key Manager Dictation flag.NThe target schema version does not support the Key Manager Notification flag.\The target schema version does not support one or more of the authentication methods given.XThe target schema version does not support the requested certificate signing algorithm.HThe target schema version does not support targeting Intermediate CA's.When specifying multiple certificate authentication proposals, all the certificate proposals with the same signing method must must be grouped together within the set.CThe target schema version does not support kerberos proxy servers.JThe main mode crypto set ID should be the global main mode crypto set ID.^The target schema version does not support one of the main mode encryption algorithms chosen.XThe target schema version does not support one of the main mode hash algorithms chosen.`The target schema version does not support one of the main mode key exchange algorithms chosen._The target schema version does not support one of the quick mode encryption algorithms chosen.YThe target schema version does not support one of the quick mode hash algorithms chosen.aThe target schema version does not support one of the quick mode key exchange algorithms chosen.?The encryption and hash algorithms specified are incompatible.JMalformed query: Mismatch in the number of ORed terms and the terms arrayQMalformed query: Mismatch in the number of ANDed conditions and conditions array-Malformed query: Invalid confition match key.Malformed query: Invalid condition match type-Malformed query: Invalid condition data type7Malformed query: Invalid key and data type combinationIMalformed query: Protocol condition present without a protocol conditionFMalformed query: Profile Key unavailable for this object type queriedPAEMalformed query: Status Key unavailable for this object type queriedGMalformed query: FilterID Key unavailable for this object type queriedJMalformed query: Application Key unavailable for this object type queriedGMalformed query: Protocol Key unavailable for this object type queriedIMalformed query: Local Port Key unavailable for this object type queriedJMalformed query: Remote Port Key unavailable for this object type queriedKMalformed query: Service Name Key unavailable for this object type queriedHAuthentication (No Encapsulation) may not be used on tunnel-mode rules.XAuthentication (No Encapsulation) may not be used on rules that contain preshared keys.;A runtime error occurred while trying to enforce the rule./The main mode cryptographic set was not found.?The target schema version does not support local only mapping.|The key module in the rule is incompatible with the authentication methods specified in the associated authentication sets.mpssvcMicrosoft Corporation$Microsoft Windows Firewall Provider Windows Firewall Static SessionPA!Windows Firewall Dynamic SessionBoot Time Filter4This filter is in effect before the service starts.Logging Filter/This filter implements logging, if configured. Port Scanning Prevention Filter$This filter prevents port scanning.Loopback Permit Filter&This filter permits loopback traffic.Secondary Connections Filter=This filter permits secondary connections for FTP protocols. Deep Protocol Inspection Filter:This filter implements deep inspection for FTP protocols.FTP Inspection Filter'This filter enables inspection of FTP.Microsoft Corporation*Microsoft Windows Firewall IPsec ProviderState Management FilterMIndicates different options to WFP to allow customization of state creation."State Management Provider Context"Contains State Management OptionsPAUPnP Framework (TCP-In).Inbound rule for UPnP Framework traffic [TCP]UPnP Framework (TCP-Out)/Outbound rule for UPnP Framework traffic [TCP]UPnP Framework (UDP-In).Inbound rule for UPnP Framework traffic [UDP]UPnP Framework (UDP-Out)/Outbound rule for UPnP Framework traffic [UDP](Windows Firewall with Advanced SecurityQConfigure policies that provide enhanced network security for Windows computers.PACore Networking-Core Networking - Packet Too Big (ICMPv6-In).Core Networking - Packet Too Big (ICMPv6-Out)Packet Too Big error messages are sent from any node that a packet traverses which is unable to forward the packet because the packet is too large for the next link.PA3Core Networking - Router Solicitation (ICMPv6-Out)2Core Networking - Router Solicitation (ICMPv6-In)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration.3Core Networking - Router Advertisement (ICMPv6-In)4Core Networking - Router Advertisement (ICMPv6-Out)cRouter Advertisement messages are sent by routers to other nodes for stateless auto-configuration.>Core Networking - Neighbor Discovery Solicitation (ICMPv6-In)?Core Networking - Neighbor Discovery Solicitation (ICMPv6-Out)tNeighbor Discovery Solicitations are sent by nodes to discover the link-layer address of another on-link IPv6 node.?Core Networking - Neighbor Discovery Advertisement (ICMPv6-In)@Core Networking - Neighbor Discovery Advertisement (ICMPv6-Out)Neighbor Discovery Advertisement messages are sent by nodes to notify other nodes of link-layer address changes or in response to a Neighbor Discovery Solicitation request.FCore Networking - Inverse Neighbor Discovery Solicitation (ICMPv6-In)GCore Networking - Inverse Neighbor Discovery Solicitation (ICMPv6-Out)Inverse Neighbor Discovery Solicitations are sent by nodes to discover the IP address of another IPv6 node given its link-layer address.GCore Networking - Inverse Neighbor Discovery Advertisement (ICMPv6-In)HCore Networking - Inverse Neighbor Discovery Advertisement (ICMPv6-Out)Inverse Neighbor Discovery Solicitations are sent by nodes to notify other nodes of IP address changes or in response to an Inverse Neighbor Discovery Solicitation request.<Core Networking - Certificate Path Solicitation (ICMPv6-In)=Core Networking - Certificate Path Solicitation (ICMPv6-Out)ySEND - Secure Neighbor Discovery - Certificate Path Solicitation is a secure version of Neighbor Discovery Solicitation.=Core Networking - Certificate Path Advertisement (ICMPv6-In)>Core Networking - Certificate Path Advertisement (ICMPv6-Out)PA{SEND - Secure Neighbor Discovery - Certificate Path Advertisement is a secure version of Neighbor Discovery Advertisement.7Core Networking - Multicast Listener Query (ICMPv6-In)8Core Networking - Multicast Listener Query (ICMPv6-Out){An IPv6 multicast-capable router uses the Multicast Listener Query message to query a link for multicast group membership.8Core Networking - Multicast Listener Report (ICMPv6-In)9Core Networking - Multicast Listener Report (ICMPv6-Out)The Multicast Listener Report message is used by a listening node to either immediately report its interest in receiving multicast traffic at a specific multicast address or in response to a Multicast Listener Query.;Core Networking - Multicast Listener Report v2 (ICMPv6-In)<Core Networking - Multicast Listener Report v2 (ICMPv6-Out)Multicast Listener Report v2 message is used by a listening node to either immediately report its interest in receiving multicast traffic at a specific multicast address or in response to a Multicast Listener Query.6Core Networking - Multicast Listener Done (ICMPv6-In)7Core Networking - Multicast Listener Done (ICMPv6-Out)PAMulticast Listener Done messages inform local routers that there are no longer any members remaining for a specific multicast address on the subnet.=Core Networking - Multicast Router Advertisement (ICMPv6-In)>Core Networking - Multicast Router Advertisement (ICMPv6-Out)rMulticast Router Advertisement messages are sent by routers to advertise that IP multicast forwarding is enabled.<Core Networking - Multicast Router Solicitation (ICMPv6-In)=Core Networking - Multicast Router Solicitation (ICMPv6-Out)sMulticast Router Solicitation messages are sent in order to discover routers with IP multicast forwarding enabled.;Core Networking - Multicast Router Termination (ICMPv6-In)PA<Core Networking - Multicast Router Termination (ICMPv6-Out)sMulticast Router Termination messages are sent when a router stops IP multicast routing functions on an interface.6Core Networking - Destination Unreachable (ICMPv6-In)7Core Networking - Destination Unreachable (ICMPv6-Out)Destination Unreachable error messages are sent from any node that a packet traverses which is unable to forward the packet for any reason except congestion.,Core Networking - Time Exceeded (ICMPv6-In)-Core Networking - Time Exceeded (ICMPv6-Out)Time Exceeded error messages are generated from any node that a packet traverses if the Hop Limit value is decremented to zero at any point on the path.0Core Networking - Parameter Problem (ICMPv6-In)1Core Networking - Parameter Problem (ICMPv6-Out)aParameter Problem error messages are sent by nodes as a result of incorrectly generated packets.KCore Networking - Destination Unreachable Fragmentation Needed (ICMPv4-In)LCore Networking - Destination Unreachable Fragmentation Needed (ICMPv4-Out)Destination Unreachable Fragmentation Needed error messages are sent from any node that a packet traverses which is unable to forward the packet because fragmentation was needed and the don t fragment bit was set.PA@Core Networking - Dynamic Host Configuration Protocol (DHCP-In)ACore Networking - Dynamic Host Configuration Protocol (DHCP-Out)\Allows DHCP (Dynamic Host Configuration Protocol) messages for stateful auto-configuration.JCore Networking - Dynamic Host Configuration Protocol for IPv6(DHCPV6-In)KCore Networking - Dynamic Host Configuration Protocol for IPv6(DHCPV6-Out)pAllows DHCPV6 (Dynamic Host Configuration Protocol for IPv6) messages for stateful and stateless configuration."Core Networking - Teredo (UDP-In)#Core Networking - Teredo (UDP-Out)PAInbound UDP rule to allow Teredo edge traversal, a technology that provides address assignment and automatic tunneling for unicast IPv6 traffic when an IPv6/IPv4 host is located behind an IPv4 network address translator.Outbound UDP rule to allow Teredo edge traversal, a technology that provides address assignment and automatic tunneling for unicast IPv6 traffic when an IPv6/IPv4 host is located behind an IPv4 network address translator.PA!Core Networking - IPv6 (IPv6-In)"Core Networking - IPv6 (IPv6-Out)Inbound rule required to permit IPv6 traffic for ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) and 6to4 tunneling services.Outbound rule required to permit IPv6 traffic for ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) and 6to4 tunneling services.?Core Networking - Internet Group Management Protocol (IGMP-In)@Core Networking - Internet Group Management Protocol (IGMP-Out)ZIGMP messages are sent and received by nodes to create, join and depart multicast groups.PA(Core Networking - Group Policy (NP-Out)GOutbound rule to allow SMB traffic for Group Policy updates. [TCP 445])Core Networking - Group Policy (TCP-Out)JOutbound rule to allow remote RPC traffic for Group Policy updates. [TCP] Core Networking - DNS (UDP-Out)Outbound rule to allow DNS requests. DNS responses based on requests that matched this rule will be permitted regardless of source address. This behavior is classified as loose source mapping. [LSM] [UDP 53]+Core Networking - Group Policy (LSASS-Out)LOutbound rule to allow remote LSASS traffic for Group Policy updates [TCP].#Core Networking - IPHTTPS (TCP-In)$Core Networking - IPHTTPS (TCP-Out)rInbound TCP rule to allow IPHTTPS tunneling technology to provide connectivity across HTTP proxies and firewalls.sOutbound TCP rule to allow IPHTTPS tunneling technology to provide connectivity across HTTP proxies and firewalls.1Networking - Destination Unreachable (ICMPv4-In)2Networking - Destination Unreachable (ICMPv4-Out)Destination Unreachable error messages are sent from any node that a packet traverses which is unable to forward the packet for any reason except congestion.'Networking - Source Quench (ICMPv4-In)(Networking - Source Quench (ICMPv4-Out)Source Quench messages are sent from any node that a packet traverses which discards the datagram because they are arriving too fast or there are buffering issues."Networking - Redirect (ICMPv4-In)#Networking - Redirect (ICMPv4-Out)Redirect messages are sent to indicate that the node which the packet was sent to is no longer the best gateway to reach the network in question.PA'Networking - Time Exceeded (ICMPv4-In)(Networking - Time Exceeded (ICMPv4-Out)Time Exceeded error messages are generated from any node which a packet traverses if the Hop Limit value is decremented to zero at any point on the path.+Networking - Timestamp Request (ICMPv4-In),Networking - Timestamp Request (ICMPv4-Out)iTimestamp Request messages are sent by nodes who wish to obtain the current timestamp from another node.+Networking - Parameter Problem (ICMPv4-In),Networking - Parameter Problem (ICMPv4-Out)aParameter Problem error messages are sent by nodes as a result of incorrectly generated packets.PA"Networking - Redirect (ICMPv6-In)#Networking - Redirect (ICMPv6-Out)PARedirect messages are sent to indicate that the node which the packet was sent to is no longer the best gateway to reach the network in question.-Networking - Router Solicitation (ICMPv6-In)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration.PA4Networking - Generic Routing Encapsulation (GRE-In)5Networking - Generic Routing Encapsulation (GRE-Out)Generic Routing Encapsulation is used for encapsulation of an arbitrary network layer protocol over another arbitrary network layer protocol.6Networking - PGM Reliable Transport Protocol (PGM-In)7Networking - PGM Reliable Transport Protocol (PGM-Out)Pragmatic General Multicast is a reliable multicast transport protocol used for applications that require ordered or unordered, duplicate-free, multicast data delivery from multiple sources to multiple receivers.(Networking - Packet Too Big (ICMPv4-In))Networking - Packet Too Big (ICMPv4-Out)Packet Too Big error messages are sent from any node that a packet traverses which is unable to forward the packet because the packet is too large for the next link.-Networking - Router Solicitation (ICMPv4-In).Networking - Router Solicitation (ICMPv4-Out)hRouter Solicitation messages are sent by nodes seeking routers to provide stateless auto-configuration..Networking - Address Mask Request (ICMPv4-In)/Networking - Address Mask Request (ICMPv4-Out)oAddress Mask Request messages are sent by nodes who wish to obtain the subnet mask for their assigned address.&Networking - Echo Request (ICMPv4-In)'Networking - Echo Request (ICMPv4-Out)&Networking - Echo Request (ICMPv6-In)'Networking - Echo Request (ICMPv6-Out)PA@Echo Request messages are sent as ping requests to other nodes.Key Management Service Key Management Service (TCP-In)mInbound rule for the Key Management Service to allow for machine counting and license compliance. [TCP 1688]BITS PeercachingBITS Peercaching (WSD-In)PAdInbound rule for BITS Peercaching to discover neighbors who may have content via WSDAPI. [UDP 3702]BITS Peercaching (WSD-Out)eOutbound rule for BITS Peercaching to discover neighbors who may have content via WSDAPI. [UDP 3702]BITS Peercaching (Content-In)DInbound rule for BITS Peercaching content transfer port. [TCP 2178]BITS Peercaching (Content-Out)EOutbound rule for BITS Peercaching content transfer port. [TCP 2178]BITS Peercaching (RPC)PARInbound rule for the Peercaching authorization exchange port via dynamic RPC/TCP.BITS Peercaching (RPC-EPMAP)[Inbound rule for the RPCSS service in order to allow RPC/TCP traffic for BITS Peercaching.File and Printer Sharing)File and Printer Sharing (NB-Session-In)bInbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]*File and Printer Sharing (NB-Session-Out)cOutbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]"File and Printer Sharing (SMB-In)PA~Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]#File and Printer Sharing (SMB-Out)Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]&File and Printer Sharing (NB-Name-In)VInbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]'File and Printer Sharing (NB-Name-Out)WOutbound rule for File and Printer Sharing to allow NetBIOS Name Resolution. [UDP 137]*File and Printer Sharing (NB-Datagram-In)jInbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]+File and Printer Sharing (NB-Datagram-Out)kOutbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]1File and Printer Sharing (Spooler Service - RPC)iInbound rule for File and Printer Sharing to allow the Print Spooler Service to communicate via TCP/RPC.7File and Printer Sharing (Spooler Service - RPC-EPMAP)UInbound rule for the RPCSS service to allow RPC/TCP traffic for the Spooler Service.4File and Printer Sharing (Echo Request - ICMPv4-In)5File and Printer Sharing (Echo Request - ICMPv4-Out)4File and Printer Sharing (Echo Request - ICMPv6-In)5File and Printer Sharing (Echo Request - ICMPv6-Out)@Echo Request messages are sent as ping requests to other nodes.(File and Printer Sharing (LLMNR-UDP-In)dInbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355])File and Printer Sharing (LLMNR-UDP-Out)eOutbound rule for File and Printer Sharing to allow Link Local Multicast Name Resolution. [UDP 5355](File and Printer Sharing over SMBDirect3File and Printer Sharing over SMBDirect (iWARP-In)SInbound rule for File and Printer Sharing over SMBDirect to allow iWARP [TCP 5445]Remote DesktopRemote Desktop (TCP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389];RemoteApp and Desktop Connection Management - WMI (TCP-In)OInbound rule for WMI management of RemoteApp and Desktop Connection Management<RemoteApp and Desktop Connection Management - WMI (DCOM-In)wInbound rule to allow DCOM traffic for remote WMI management of RemoteApp and Desktop Connection Management. [TCP 135]<RemoteApp and Desktop Connection Management - WMI (TCP-Out)QOutbound rule for WMI management of RemoteApp and Desktop Connection ManagementARemoteApp and Desktop Connection Management - WMI (Async-TCP-In)\Inbound rule for asynchronous WMI management of RemoteApp and Desktop Connection Management2RemoteApp and Desktop Connection Management (RPC)mInbound rule to allow RemoteApp and Desktop Connection Management to be remotely managed via RPC/TCP traffic/Remote Desktop Web Access - WMI (Async-TCP-In)PAJInbound rule for asynchronous WMI management of Remote Desktop Web Access*Remote Desktop Web Access - WMI (DCOM-In)ZInbound rule to allow DCOM traffic for remote WMI management of Remote Desktop Web Access)Remote Desktop Web Access - WMI (TCP-In)=Inbound rule for WMI management of Remote Desktop Web Access*Remote Desktop Web Access - WMI (TCP-Out)?Outbound rule for WMI management of Remote Desktop Web Access$Remote Desktop - User Mode (TCP-In)$Remote Desktop - User Mode (UDP-In)MInbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]!Remote Desktop - Shadow (TCP-In)oInbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)iSCSI ServiceiSCSI Service (TCP-In)aInbound rule for the iSCSI Service to allow communications with an iSCSI server or device. [TCP]iSCSI Service (TCP-Out)bOutbound rule for the iSCSI Service to allow communications with an iSCSI server or device. [TCP]Remote Event Log Management"Remote Event Log Management (RPC)QInbound rule for the local Event Log service to be remotely managed via RPC/TCP.$Remote Event Log Management (NP-In)VInbound rule for the local Event Log service to be remotely managed over Named Pipes.PA(Remote Event Log Management (RPC-EPMAP)]Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Event Log Service.PARemote Service Management Remote Service Management (RPC)WInbound rule for the local Service Control Manager to be remotely managed via RPC/TCP."Remote Service Management (NP-In)\Inbound rule for the local Service Control Manager to be remotely managed over Named Pipes.&Remote Service Management (RPC-EPMAP)cInbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.Remote AdministrationRemote Administration (RPC)BInbound rule for all services to be remotely managed via RPC/TCP.Remote Administration (NP-In)GInbound rule for all services to be remotely managed over Named Pipes."Remote Administration (RPC-EPMAP)XInbound rule for the RPCSS service to allow RPC/TCP traffic for all the local services.PA#Windows Firewall Remote Management)Windows Firewall Remote Management (RPC)JInbound rule for the Windows Firewall to be remotely managed via RPC/TCP./Windows Firewall Remote Management (RPC-EPMAP)VInbound rule for the RPCSS service to allow RPC/TCP traffic for the Windows Firewall.PA*Windows Remote Management (Compatibility)$Windows Remote Management (HTTP-In)IInbound rule for Windows Remote Management via WS-Management. [TCP 5985]Windows Remote ManagementPAWireless Portable Devices$Wireless Portable Devices (TCP-Out)aOutbound rule for Wireless Portable Devices to allow use of the Usermode Driver Framework. [TCP]$Wireless Portable Devices (SSDP-In)mInbound rule for Wireless Portable Devices to allow use of the Simple Service Discovery Protocol. [UDP 1900]%Wireless Portable Devices (SSDP-Out)PAnOutbound rule for Wireless Portable Devices to allow use of the Simple Service Discovery Protocol. [UDP 1900]$Wireless Portable Devices (UPnP-In)_Inbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP 2869]%Wireless Portable Devices (UPnP-Out)[Outbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP])Wireless Portable Devices (UPnPHost-Out)[Outbound rule for Wireless Portable Devices to allow use of Universal Plug and Play. [TCP]PAMedia Center Extenders'Media Center Extenders - SSDP (UDP-In)jInbound rule for Media Center Extenders to allow use of the Simple Service Discovery Protocol. [UDP 1900](Media Center Extenders - SSDP (UDP-Out)kOutbound rule for Media Center Extenders to allow use of the Simple Service Discovery Protocol. [UDP 1900]'Media Center Extenders - RTSP (TCP-In)[Inbound rule for Media Center Extenders to allow RTSP AV Control. [TCP 554, TCP 8554-8558](Media Center Extenders - RTSP (TCP-Out)PAVOutbound rule for Media Center Extenders to allow WMDRM-ND and RTSP AV Control. [TCP](Media Center Extenders - qWave (UDP-In)wInbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177])Media Center Extenders - qWave (UDP-Out)xOutbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177](Media Center Extenders - qWave (TCP-In)wInbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177])Media Center Extenders - qWave (TCP-Out)xOutbound rule for Media Center Extenders to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]1Media Center Extenders - HTTP Streaming (TCP-In)SInbound rule for Media Center Extenders to allow HTTP Media Streaming. [TCP 10244]&Media Center Extenders - XSP (TCP-In)OInbound rule for Media Center Extenders to allow terminal sessions. [TCP 3390]PA4Media Center Extenders - WMDRM-ND/RTP/RTCP (UDP-In)Inbound rule for Media Center Extenders to allow WMDRM-ND and RTP/RTCP AV Streaming. [UDP 7777-7781, UDP 5004-5005, UDP 50004-50013]5Media Center Extenders - WMDRM-ND/RTP/RTCP (UDP-Out)\Outbound rule for Media Center Extenders to allow WMDRM-ND and RTP/RTCP AV Streaming. [UDP]+Media Center Extenders - Service (TCP-Out)pOutbound rule for Media Center Extenders to allow extender devices to locate and connect to the computer. [TCP]7Media Center Extenders - Device Provisioning (TCP-Out)YOutbound rule for Media Center Extenders to allow traffic for Device Provisioning. [TCP]2Media Center Extenders - Media Streaming (TCP-In)^Inbound rule for Media Center Extenders to allow UPnP traffic for Media Streaming. [TCP 2869]PA3Media Center Extenders - Media Streaming (TCP-Out)ZOutbound rule for Media Center Extenders to allow UPnP traffic for Media Streaming. [TCP]5Media Center Extenders - Device Validation (TCP-Out)WOutbound rule for Media Center Extenders to allow traffic for Device Validation. [TCP]3Media Center Extenders - Media Streaming (UDP-Out)sOutbound rule for Media Center Extenders to allow Media Streaming devices to respond to an SSDP search. [UDP 1900](Media Center Extenders - UPnP (TCP-Out)eOutbound rule for Media Center Extenders to allow UPnP devices to transmit device information. [TCP]Windows Media PlayerWindows Media Player (UDP-In)JInbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]Windows Media Player (UDP-Out)KOutbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]Windows Media Player (TCP-Out)POutbound rule for Windows Media Player to allow TCP/HTTP Media Streaming. [TCP]DWindows Media Player - Internet Group Management Protocol (IGMP-In)>Inbound rule for Windows Media Player to allow IGMP messages.EWindows Media Player - Internet Group Management Protocol (IGMP-Out)?Outbound rule for Windows Media Player to allow IGMP messages."Windows Media Player x86 (UDP-In)#Windows Media Player x86 (UDP-Out)#Windows Media Player x86 (TCP-Out)-Windows Media Player Network Sharing Service<Windows Media Player Network Sharing Service (qWave-UDP-In)Inbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]=Windows Media Player Network Sharing Service (qWave-UDP-Out)Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]<Windows Media Player Network Sharing Service (qWave-TCP-In)PAInbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]=Windows Media Player Network Sharing Service (qWave-TCP-Out)Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]7Windows Media Player Network Sharing Service (SSDP-In)Inbound rule for the Windows Media Player Network Sharing Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]8Windows Media Player Network Sharing Service (SSDP-Out)Outbound rule for the Windows Media Player Network Sharing Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]7Windows Media Player Network Sharing Service (UPnP-In)PAvInbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP 2869]8Windows Media Player Network Sharing Service (UPnP-Out)rOutbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP]AWindows Media Player Network Sharing Service (HTTP-Streaming-In)mInbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10243]BWindows Media Player Network Sharing Service (HTTP-Streaming-Out)nOutbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10243]@Windows Media Player Network Sharing Service (Streaming-UDP-In)JInbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]AWindows Media Player Network Sharing Service (Streaming-UDP-Out)KOutbound rule for Windows Media Player to allow UDP Media Streaming. [UDP]AWindows Media Player Network Sharing Service (Streaming-TCP-Out)POutbound rule for Windows Media Player to allow TCP/HTTP Media Streaming. [TCP]6Windows Media Player Network Sharing Service (UDP-In)bInbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [UDP]7Windows Media Player Network Sharing Service (UDP-Out)cOutbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [UDP]6Windows Media Player Network Sharing Service (TCP-In)bInbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [TCP]7Windows Media Player Network Sharing Service (TCP-Out)cOutbound rule for the Windows Media Player Network Sharing Service to allow sharing traffic. [TCP]<Windows Media Player Network Sharing Service (UPnPHost-Out)rOutbound rule for the Windows Media Player Network Sharing Service to allow use of Universal Plug and Play. [TCP]DWindows Media Player Network Sharing Service x86 (Streaming-UDP-In)EWindows Media Player Network Sharing Service x86 (Streaming-UDP-Out)EWindows Media Player Network Sharing Service x86 (Streaming-TCP-Out)PA8Windows Media Player Network Sharing Service (Internet)AWindows Media Player Network Sharing Service (HTTP-Streaming-In)mInbound rule for the Windows Media Player Network Sharing Service to allow HTTP Media Streaming. [TCP 10245]FWindows Media Player Network Sharing Service service hardening - RTSPTAllow incoming RTSP connections to the Windows Media Player Network Sharing ServicefWindows Media Player Network Sharing Service service hardening - Block any other incoming TCP trafficConnect to a Network Projector(Connect to a Network Projector (WSD-In)[Inbound rule for Connect to a Network Projector to discover devices via WSDAPI. [UDP 3702])Connect to a Network Projector (WSD-Out)PA\Outbound rule for Connect to a Network Projector to discover devices via WSDAPI. [UDP 3702](Connect to a Network Projector (TCP-In)bInbound rule for Connect to a Network Projector to communicate with devices on the network. [TCP])Connect to a Network Projector (TCP-Out)cOutbound rule for Connect to a Network Projector to communicate with devices on the network. [TCP]/Connect to a Network Projector (WSD Events-In)]Inbound rule for Connect to a Network Projector to allow WSDAPI Events Discovery. [TCP 5357]0Connect to a Network Projector (WSD Events-Out)^Outbound rule for Connect to a Network Projector to allow WSDAPI Events Discovery. [TCP 5358]5Connect to a Network Projector (WSD EventsSecure-In)ZInbound rule for Connect to a Network Projector to allow Secure WSDAPI Events. [TCP 5358]6Connect to a Network Projector (WSD EventsSecure-Out)PA[Outbound rule for Connect to a Network Projector to allow Secure WSDAPI Events. [TCP 5358]PA.Windows Peer to Peer Collaboration Foundation7Windows Peer to Peer Collaboration Foundation (TCP-In)iInbound rule for the Windows Peer to Peer Collaboration Foundation for Peer to Peer Communication. [TCP]8Windows Peer to Peer Collaboration Foundation (TCP-Out)jOutbound rule for the Windows Peer to Peer Collaboration Foundation for Peer to Peer Communication. [TCP]7Windows Peer to Peer Collaboration Foundation (WSD-In)nInbound rule for the Windows Peer to Peer Collaboration Foundation to discover devices via WSDAPI. [UDP 3702]8Windows Peer to Peer Collaboration Foundation (WSD-Out)PAoOutbound rule for the Windows Peer to Peer Collaboration Foundation to discover devices via WSDAPI. [UDP 3702]8Windows Peer to Peer Collaboration Foundation (PNRP-In)mInbound rule for the Windows Peer to Peer Collaboration Foundation to allow Peer Name Resolution. [UDP 3540]9Windows Peer to Peer Collaboration Foundation (PNRP-Out)nOutbound rule for the Windows Peer to Peer Collaboration Foundation to allow Peer Name Resolution. [UDP 3540]8Windows Peer to Peer Collaboration Foundation (SSDP-In)Inbound rule for the Windows Peer to Peer Collaboration Foundation to allow use of the Simple Service Discovery Protocol. [UDP 1900]9Windows Peer to Peer Collaboration Foundation (SSDP-Out)PAOutbound rule for the Windows Peer to Peer Collaboration Foundation to allow use of the Simple Service Discovery Protocol. [UDP 1900]Windows Meeting Space Windows Meeting Space (DFSR-In)hInbound rule for Windows Meeting Space to allow Distributed File System Replication traffic. [TCP 5722]!Windows Meeting Space (DFSR-Out)iOutbound rule for Windows Meeting Space to allow Distributed File System Replication traffic. [TCP 5722]Windows Meeting Space (TCP-In)MInbound rule for Windows Meeting Space to allow collaboration traffic. [TCP] Windows Meeting Space (TCP-Out)NOutbound rule for Windows Meeting Space to allow collaboration traffic. [TCP]Windows Meeting Space (UDP-In)PAMInbound rule for Windows Meeting Space to allow collaboration traffic. [UDP] Windows Meeting Space (UDP-Out)NOutbound rule for Windows Meeting Space to allow collaboration traffic. [UDP]Windows Meeting Space (P2P-In)TInbound rule for Windows Meeting Space to allow Peer Networking traffic. [TCP 3587] Windows Meeting Space (P2P-Out)UOutbound rule for Windows Meeting Space to allow Peer Networking traffic. [TCP 3587]PANetwork DiscoveryNetwork Discovery (SSDP-In)eInbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]Network Discovery (SSDP-Out)fOutbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]Network Discovery (UPnP-In)WInbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP 2869]Network Discovery (UPnP-Out)SOutbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]Network Discovery (NB-Name-In)OInbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137] Network Discovery (NB-Name-Out)POutbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]#Network Discovery (NB-Datagram-In)cInbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]$Network Discovery (NB-Datagram-Out)PAdOutbound rule for Network Discovery to allow NetBIOS Datagram transmission and reception. [UDP 138]Network Discovery (WSD-In)ZInbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]Network Discovery (WSD-Out)[Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702]!Network Discovery (LLMNR-UDP-In)]Inbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]"Network Discovery (LLMNR-UDP-Out)^Outbound rule for Network Discovery to allow Link Local Multicast Name Resolution. [UDP 5355]Network Discovery (Pub-WSD-In)ZInbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702] Network Discovery (Pub WSD-Out)[Outbound rule for Network Discovery to discover devices via Function Discovery. [UDP 3702](Network Discovery (WSD EventsSecure-In)dInbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358])Network Discovery (WSD EventsSecure-Out)PAeOutbound rule for Network Discovery to allow Secure WSDAPI Events via Function Discovery. [TCP 5358]"Network Discovery (WSD Events-In)]Inbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]#Network Discovery (WSD Events-Out)^Outbound rule for Network Discovery to allow WSDAPI Events via Function Discovery. [TCP 5357]!Network Discovery (UPnPHost-Out)SOutbound rule for Network Discovery to allow use of Universal Plug and Play. [TCP]Network Discovery (WSD-In)dInbound rule for Network Discovery to discover devices via Device Association Framework. [UDP 3702]Remote AssistanceRemote Assistance (TCP-In)2Inbound rule for Remote Assistance traffic. [TCP]Remote Assistance (TCP-Out)PA3Outbound rule for Remote Assistance traffic. [TCP]%Remote Assistance (RA Server TCP-In)IInbound rule for Remote Assistance to allow offers for assistance. [TCP]&Remote Assistance (RA Server TCP-Out)JOutbound rule for Remote Assistance to allow offers for assistance. [TCP] Remote Assistance (SSDP UDP-In)eInbound rule for Remote Assistance to allow use of the Simple Service Discovery Protocol. [UDP 1900]!Remote Assistance (SSDP UDP-Out)PAfOutbound rule for Remote Assistance to allow use of the Simple Service Discovery Protocol. [UDP 1900] Remote Assistance (SSDP TCP-In)WInbound rule for Remote Assistance to allow use of Universal Plug and Play. [TCP 2869]!Remote Assistance (SSDP TCP-Out)SOutbound rule for Remote Assistance to allow use of Universal Plug and Play. [TCP]Remote Assistance (DCOM-In)VInbound rule for Remote Assistance to allow offers for assistance via DCOM. [TCP 135]Remote Assistance (PNRP-Out)YOutbound rule for Remote Assistance to allow use of Peer Name Resolution Protocol. [UDP]Remote Assistance (PNRP-In)PAZInbound rule for Remote Assistance to allow use Peer Name Resolution Protocol. [UDP 3540]"Remote Scheduled Tasks Management(Remote Scheduled Tasks Management (RPC)PInbound rule for the Task Scheduler service to be remotely managed via RPC/TCP..Remote Scheduled Tasks Management (RPC-EPMAP)\Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Task Scheduler service.$Distributed Transaction Coordinator-Distributed Transaction Coordinator (TCP-In)PAQInbound rule to allow traffic for the Distributed Transaction Coordinator. [TCP].Distributed Transaction Coordinator (TCP-Out)ROutbound rule to allow traffic for the Distributed Transaction Coordinator. [TCP]*Distributed Transaction Coordinator (RPC)Inbound rule for the Kernel Transaction Resource Manager for Distributed Transaction Coordinator service to be remotely managed via RPC/TCP.0Distributed Transaction Coordinator (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Kernel Transaction Resource Manager for Distributed Transaction Coordinator service.PARouting and Remote Access$Routing and Remote Access (L2TP-In)KInbound rule for RRAS to allow Layer 2 Tunnel Protocol traffic. [UDP 1701]%Routing and Remote Access (L2TP-Out)LOutbound rule for RRAS to allow Layer 2 Tunnel Protocol traffic. [UDP 1701]%Routing and Remote Access (PPTP-Out)SOutbound rule for RRAS to allow Point-to-Point Tunnel Protocol traffic. [TCP 1723]$Routing and Remote Access (PPTP-In)RInbound rule for RRAS to allow Point-to-Point Tunnel Protocol traffic. [TCP 1723]#Routing and Remote Access (GRE-In)OInbound rule for RRAS to allow Generic Routing Encapsulation Protocol traffic.$Routing and Remote Access (GRE-Out)OOutbound rule for RRAS to allow Generic Routing Encapsulation Protocol TrafficPA9Windows Collaboration Computer Name Registration ServiceCWindows Collaboration Computer Name Registration Service (PNRP-In)xInbound rule for the Windows Collaboration Computer Name Registration Service to allow Peer Name Resolution. [UDP 3540]DWindows Collaboration Computer Name Registration Service (PNRP-Out)yOutbound rule for the Windows Collaboration Computer Name Registration Service to allow Peer Name Resolution. [UDP 3540]CWindows Collaboration Computer Name Registration Service (SSDP-In)Inbound rule for the Windows Collaboration Computer Name Registration Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]DWindows Collaboration Computer Name Registration Service (SSDP-Out)Outbound rule for the Windows Collaboration Computer Name Registration Service to allow use of the Simple Service Discovery Protocol. [UDP 1900]PA)Windows Management Instrumentation (WMI)-Windows Management Instrumentation (DCOM-In)\Inbound rule to allow DCOM traffic for remote Windows Management Instrumentation. [TCP 135],Windows Management Instrumentation (WMI-In)WInbound rule to allow WMI traffic for remote Windows Management Instrumentation. [TCP]PA.Windows Management Instrumentation (ASync-In)dInbound rule to allow Asynchronous WMI traffic for remote Windows Management Instrumentation. [TCP]-Windows Management Instrumentation (WMI-Out)XOutbound rule to allow WMI traffic for remote Windows Management Instrumentation. [TCP]PARemote Volume Management6Remote Volume Management - Virtual Disk Service (RPC)iInbound rule for the Remote Volume Management - Virtual Disk Service to be remotely managed via RPC/TCP.=Remote Volume Management - Virtual Disk Service Loader (RPC)pInbound rule for the Remote Volume Management - Virtual Disk Service Loader to be remotely managed via RPC/TCP.%Remote Volume Management (RPC-EPMAP)ZInbound rule for the RPCSS service to allow RPC/TCP traffic for Remote Volume Management.Performance Logs and Alerts%Performance Logs and Alerts (TCP-In)?Inbound rule for Performance Logs and Alerts traffic. [TCP-In]&Performance Logs and Alerts (DCOM-In)XInbound rule for Performance Logs and Alerts to allow remote DCOM activation. [TCP-135]jThe firewall rules that are part of Core Networking are required for reliable IPv4 and IPv6 connectivity.9Windows Remote Management - Compatibility Mode (HTTP-In)ZCompatibility mode inbound rule for Windows Remote Management via WS-Management. [TCP 80]PAPlay To functionality-Play To streaming server (HTTP-Streaming-In)OInbound rule for the Play To server to allow streaming using HTTP. [TCP 10246]-Play To streaming server (RTCP-Streaming-In)QInbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]-Play To streaming server (RTP-Streaming-Out)ROutbound rule for the Play To server to allow streaming using RTSP and RTP. [UDP]-Play To streaming server (RTSP-Streaming-In)eInbound rule for the Play To server to allow streaming using RTSP and RTP. [TCP 23554, 23555, 23556]%Play To functionality (qWave-UDP-In)zInbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]&Play To functionality (qWave-UDP-Out){Outbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [UDP 2177]%Play To functionality (qWave-TCP-In)zInbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]&Play To functionality (qWave-TCP-Out){Outbound rule for the Play To functionality to allow use of the Quality Windows Audio Video Experience Service. [TCP 2177]PA2Play To streaming server hardening rules for RTSP@Allow incoming RTSP connections to the Play To streaming server@Play To streaming server hardening - Block incoming TCP traffic@Play To streaming server hardening - Block outgoing TCP traffic Play To SSDP Discovery (UDP-In)>Inbound rule to allow discovery of Play To devices using SSDPPlay To UPnP Events (TCP-In)AInbound rule to allow receiving UPnP Events from Play To devicesProximity Sharing,Proximity sharing over TCP (TCP sharing-In),Inbound rule for Proximity sharing over TCP-Proximity sharing over TCP (TCP sharing-Out)-Outbound rule for Proximity sharing over TCP"TPM Virtual Smart Card Management,TPM Virtual Smart Card Management (DCOM-In)^Inbound rule for remote TPM Virtual Smart Card Management to allow DCOM activation. [TCP 135]+TPM Virtual Smart Card Management (TCP-In)IInbound rule for remote TPM Virtual Smart Card Management traffic. [TCP],TPM Virtual Smart Card Management (TCP-Out)JOutbound rule for remote TPM Virtual Smart Card Management traffic. [TCP]Remote Shutdown*Inbound Rule for Remote Shutdown (TCP-In):Inbound rule for the Remote Shutdown via dynamic RPC/TCP.-Inbound Rule for Remote Shutdown (RPC-EP-In)<Inbound rule for the RPCSS service to allow RPC/TCP trafficPARemote Event MonitorRemote Event Monitor (RPC)6Inbound rule for remote event monitoring via RPC/TCP.!Remote Event Monitor (RPC-EPMAP)YInbound rule for the RPCSS service to allow RPC/TCP traffic for remote event monitoring.Wi-Fi Direct Network Discovery$Wi-Fi Direct Network Discovery (In)?Inbound rule to discover WSD devices on Wi-Fi Direct networks.%Wi-Fi Direct Network Discovery (Out)@Outbound rule to discover WSD devices on Wi-Fi Direct networks.Wi-Fi Direct Spooler Use (In);Inbound rule to use WSD printers on Wi-Fi Direct networks.Wi-Fi Direct Spooler Use (Out)<Outbound rule to use WSD printers on Wi-Fi Direct networks.#Wi-Fi Direct Scan Service Use (In);Inbound rule to use WSD scanners on Wi-Fi Direct networks.$Wi-Fi Direct Scan Service Use (Out)<Outbound rule to use WSD scanners on Wi-Fi Direct networks.PA]This feature is used for machine counting and license compliance in enterprise environments.PAThis feature allows Background Intelligent Transfer Service (BITS) clients that are in the same subnet to locate and share files that are stored in the BITS cache. (Uses WSDAPI and RPC)~This feature is used for sharing local files and printers with other users on the network. (Uses NetBIOS, LLMNR, SMB and RPC)aThis feature is used for sharing local files over RDMA using the SMBDirect protocol. (Uses RDMA)PAEThis feature is used for accessing the desktop from a remote system.PAIThis feature is used for connecting to iSCSI target servers and devices.PAeThis feature allows remote viewing and management of the local event log. (Uses Named Pipes and RPC)PATThis feature allows remote management of local services. (Uses Named Pipes and RPC)cThe feature allows remotely manageable services to receive RPC traffic. (Uses Named Pipes and RPC)PAPThis feature allows remote management of the local Windows Firewall. (Uses RPC)This feature allows remote management of the system via WS-Management, a web services-based protocol for remote management of operating systems and devices.PAThis feature allows remote management of the system via WS-Management, a web services-based protocol for remote management of operating systems and devices.PAThis feature allows the transfer of media from your network enabled camera or media device to your computer using the Media Transfer Protocol (MTP). (Uses UPnP and SSDP)~This feature allows Media Center Extenders to communicate with a computer running Windows Media Center. (Uses SSDP and qWave)?This feature allows users to receive streaming media over UDP.PAVThis feature enables users to share media over a network. (Uses UPnP, SSDP and qWave)DThis feature allows users to share out home media over the Internet|This feature enables users to connect to projectors over wired or wireless networks to project presentations. (Uses WSDAPI)hThis feature is required to enable various peer-to-peer programs and technologies. (Uses SSDP and PNRP)This feature is used for collaborating over a network to share documents, programs or your desktop with other people. (Uses DFSR and P2P)This feature allows this computer to discover other devices and be discovered by other devices on the network. (Uses Function Discovery Host and Publication Services, UPnP, SSDP, NetBIOS and LLMNR)This feature allows users of this computer to request remote assistance from other users on the network. (Uses UPnP, SSDP, PNRP and Teredo)WThis feature allows remote management of the local task scheduling service. (Uses RPC)PAThis feature coordinates transactions that update transaction-protected resources, such as databases, message queues and file systems.PA@This feature is used to allow incoming VPN and RAS connections.This feature allows other computers to find and communicate with your computer using the Peer Name Resolution Protocol. (Uses SSDP and PNRP)PAThis feature allows remote management of Windows by exposing a set of manageable components in a set of classes defined by the Common Information Model (CIM) of the distributed management task force. (Uses DCOM)VThis feature provides remote software and hardware disk volume management. (Uses RPC)]This feature allows remote management of the Performance Logs and Alerts service. (Uses RPC)PAdThis feature enables streaming of music, video and pictures to DLNA Digital Media Renderer devices.eThis feature enables sharing of content between two PCs with proximity devices when tapped together.PAUThis feature allows remote management of TPM virtual smart card devices. (Uses DCOM)PA:This feature allows remote shutdown/restart of a computer8This feature allows remote event monitoring. (Uses RPC)JThis feature allows this computer to discover printers connected via WFD.4VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft CorporationRFileDescriptionWindows Firewall APIr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)@InternalNameFirewallAPI.DLL.LegalCopyright Microsoft Corporation. All rights reserved.POriginalFilenameFirewallAPI.DLL.MUIj%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD