how you guys have managed to configure window firewall in your DCs? i mean not the configuration, but i mean in how many phases you configured it. for example first you query all the ports it uses by using 'Get-NetTCPConnection' and list all the ports and then you allow the ones that are listetning or established? what abuot the ports that you have not found out yet? i mean in an environment where there are so many apps and programs, how do you proceed in configuring firewalls where there could be many hidden ports which are used by apps?