You want to know how to "stealth" a port so that it is invisible from the outside.
When you "stealth" an IP port, you not only close that port, but the port also does not respond to any probes or scans from the outside. This makes that port essentially invisible. In Symantec Desktop Firewall (SDF) or Symantec Client Firewall (SCF), you cannot directly configure a port for "stealth", rather than "blocked." There is no button to click or setting that you can change.
By default, SDF and SCF silently block (stealth) unused IP ports. Ports that are being used (listened on) are either open or closed by a specific rule. Those that are closed cannot be stealthed without making adjustments. Those adjustments depend on the rule and the service listening on a port. In most cases, removing the rule suffices. In other situations, such as those involving protocols, stealthing the port is more involved. Two examples are ports 113 and 139.
Port 113 (auth) is the port used for identification and authorization. This service is frequently required by news, IRC (Internet relay chat), or mail servers. The rule in SDF/SCF is to allow inbound packets on this port. You can modify the rule to block inbound packets, but the only way to stealth the port is to remove the rule. In this way, port 113 becomes an unused port, silently blocked (stealthed) by SDF/SCF.