Allows administrators to use the Windows Firewall component in Control Panel to define a local port exceptions list. Windows Firewall uses two port exceptions lists; the other is defined by the "Windows Firewall: Define inbound port exceptions" policy setting.If you enable this policy setting the Windows Firewall component in Control Panel allows administrators to define a local port exceptions list.If you disable this policy setting the Windows Firewall component in Control Panel does not allow administrators to define a local port exceptions list. However local administrators will still be allowed to create firewall rules in the Windows Firewall with Advanced Security snap-in. If you wish to prevent all locally created rules from applying use the Group Policy Object Editor snap-in and configure Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security to specify that local firewall rules should not apply.
Network\Network Connections\Windows Firewall\Standard Profile
Machine
At least Windows XP Professional with SP2
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts!AllowUserPrefMerge
windowsfirewall.admx