OMCI + Windows XP Pro Firewall Issues

We currently have 150 new Dell workstations which we plan to manage using IT assistent v6.5 on the server side and OMCI 7.0.1 on the client side. There is nothing wrong with this set-up it works as planned.

We would however also like to enable the Windows XP firewall on all clients to be slightly more protected against certain viruses and worms. Ofcourse when we enable the firewall it stops working. We would like to know the port numbers which will be used by CIM to connect the clinets and the server.

Network sniffing and some logging points to a high number of ports, some off which are in the < 1024 range so easilly identifiable. it seems that at least part of the instrumentation uses random port numbers over 1024 and some ports are related to older management protocols like SNMP. Is SNMP still needed if we use CIM for client management or is that just a protocol we can drop all together? (I'd like to do that with regards to security issues.)

Which brings me to my big questions.

1. Is it possible to restrict the ports used to a certain range (Both on client and server side)

2. Is it possible to drop all ather protocols like SNMP again on server and client side?

3. If OMCI etc. uses a set range of ports which are they? (Don't think they do though.... :-( )

4. anyone have any different idea's to approach this problem?

thanx in advance :-D