You really need to talk to your VPS provider and ask them about firewalls.
Is firewall installed by default and if so, is it set to block by default and you have to open ports, or is it set open (or not installed), in which case you'd have to block ports.
Don't ask me about firewall SW; it's been years since I messed with it, and it was a completely different distro.
Note that just because a port is not blocked, as long as no server SW is listening on that port, it won't be used.
In other words, in practical terms, it's not an issue - in strict security terms you should block any ports from incoming calls, unless you are using them.
Cmd to chk for ports being used ( run this cmd as root)
Do NOT try to change the default port nums that server SW eg SSH, SMTP etc use.
Also, FYI, any port num < 1024 can only be used by root owned processes. This is not a problem, as any SW that needs that will also need to be installed by root user anyway.
HTH
PS Ask them about those 'missing' cmds as well.