If using the Windows Firewall it should be noted that the default behavior is to 'DROP' packets instead of 'REJECT'. This is intended to hide information from potential attackers. It is possible to change this behavior, however as this can effect security you may need to consult with your Windows, Networking &/or Security Administrators before making this change. See the link below for more info:
Note: This tip assumes the use of the default Socket Filter Agent (SFA) port: 8550. If a different port is configured then you should REJECT that port instead.
SFA port configuration option can be found here:
2.x: Policy > Manage Policies > Manage Filters > Socket Filter Config > Agent Port
3.x: Policies > Manage Policy Filters > Socket Filters (Tab) > Config > Agent Port