Windows Firewall is a single program with one set of rules, but there are two distinct interfaces you can use to manage and monitor it. The Windows Firewall control panel applet provides a simplified interface that enables administrators to avoid the details of rules and port numbers. If you just want to turn the firewall on or off (typically for testing or troubleshooting purposes) or work with the firewall settings for a specific Windows role or feature, you can do so by using just the control panel. For full access to firewall rules and more sophisticated functions, you must use the Windows Firewall With Advanced Security console.
In many cases, administrators never have to work directly with Windows Firewall. Many of the roles and features included in Windows Server 2012 R2 automatically open the appropriate firewall ports when you install them. In other situations, the system warns you of firewall issues.

For example, the first time you open File Explorer and try to access the network, a warning appears, informing you that Network Discovery and File Sharing are turned off, preventing you from browsing the network.
Network Discovery is just a set of firewall rules that regulate the ports Windows uses for network browsing, specifically ports 137, 138, 1900, 2869, 3702, 5355, 5357, and 5358. By default, Windows Server 2012 R2 disables the inbound rules associated with these ports, so the ports are closed, blocking all traffic through them. When you click the warning banner and choose Turn On Network Discovery And File Sharing from the shortcut menu, you are in effect activating these firewall rules, thereby opening the ports associated with them.
In addition to the menu commands accessible through the warning banner, you can control the Network Discovery and File Sharing rules in other ways. The Network and Sharing Center control panel, through its Advanced Sharing Settings page, provides options that you can use to turn Network Discovery, File Sharing, and other basic networking functions on and off.
The Windows Firewall control panel has an Allow An App Or Feature Through Windows Firewall link, which opens the Allowed Apps dialog box. The Network Discovery check box in this dialog box enables you to control the same set of rules as the Network Discovery control panel in the Network And Sharing Center.
Finally, you can access the individual Network Discovery rules directly by using the Windows Firewall With Advanced Security console. When you select the Inbound Rules node and scroll down in the list, you can see nine Network Discovery rules.
As you can see by examining the rules in the console, Network Discovery is a complex Windows function that would be difficult to control if you had to determine by trial and error which ports it uses. This is why Windows Firewall includes a large collection of rules that regulate the ports that the applications and services included with the operating system need to operate.

This article is a part of 70-410 Installing and Configuring Windows Server 2012 Prep course, more articles in this course are :

article

Configuring services

Most Windows Server roles and many of the features include services, which are programs that run continuously in the background, ...
Read More
article

Delegating server administration

As networks grow, so does the number of administrative tasks there are to perform on a regular basis, and so ...
Read More
article

Using Windows PowerShell Desired State Configuration (DSC)

Desired State Configuration (DSC) is the next phase in the development of Windows Power-Shell, a process that began over a ...
Read More
article

Planning server storage

A Windows server can conceivably perform its tasks using the same type of storage as a workstation; that is, one ...
Read More
article

Windows disk settings

Windows Disk Settings Overview When you install Windows Server 2012 R2 on a computer, the setup program automatically performs all ...
Read More
article

Working with disks

Windows Server 2012 R2 includes tools that enable you to manage disks graphically or from the command prompt. All Windows ...
Read More
article

Creating folder shares

Sharing folders makes them accessible to network users. After you have configured the disks on a file server, you must ...
Read More
article

Assigning permissions

Using Windows Server 2012 R2, you can control access to a file server to provide network users the access they ...
Read More
article

Configuring Volume Shadow Copies

Volume Shadow Copies is a Windows Server 2012 R2 feature that enables you to maintain previous versions of files on ...
Read More
article

Configuring NTFS quotas

Managing disk space is a constant concern for server administrators, and one way to prevent users from monopolizing storage is ...
Read More

70-410 Installing and Configuring Windows Server 2012 Prep course includes following practice tests:

No posts found.