After you deploy the vCenter Server Appliance, you can edit the firewall settings of the vCenter Server Appliance and can create firewall rules. You can edit the firewall settings by using the vSphere Web Client.
By using the firewall rules, you can allow or block the traffic between the vCenter Server Appliance and specific servers, hosts, or virtual machines. You cannot block specific ports, you block all of the traffic.
Prerequisites
Verify that the user who logs in to the vCenter Server instance in the vCenter Server Appliance is a member of the SystemConfiguration.Administrators group in vCenter Single Sign-On.