Allows administrators to use the Windows Firewall component in Control Panel to define a local program exceptions list. Windows Firewall uses two program exceptions lists; the other is defined by the "Windows Firewall: Define inbound program exceptions" policy setting.If you enable this policy setting the Windows Firewall component in Control Panel allows administrators to define a local program exceptions list.If you disable this policy setting the Windows Firewall component in Control Panel does not allow administrators to define a local program exceptions list. However local administrators will still be allowed to create firewall rules in the Windows Firewall with Advanced Security snap-in. If you wish to prevent all locally created rules from applying use the Group Policy Object Editor snap-in and configure Computer Configuration\Windows Settings\Security Settings\Windows Firewall with Advanced Security to specify that local firewall rules should not apply.
Network\Network Connections\Windows Firewall\Domain Profile
Machine
At least Windows XP Professional with SP2
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications!AllowUserPrefMerge
windowsfirewall.admx