This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Firewall Advanced Packet Rules

This Article Applies to:

  • Avast Business CloudCare

IMPORTANT: The CloudCare console does not support opening multiple tabs in the same browser session. Please use multiple browsers or incognito mode instead.

 

Avast Firewall is another major component of Antivirus protection offered alongside Core Shields, and it is available for Windows workstations. Our Firewall monitors all network traffic between devices and the outside world to help protect you from unauthorized communication and intrusions.

Firewall's advanced packet rules are the final level of Firewall rule evaluation, meaning they are utilized only if the connection does not fit any system or application rules. These rules control whether network traffic is allowed or blocked based on the information contained in network packets. This information may include network protocols, source or destination IP addresses, or local and remote ports. Advanced users can manage these rules or create new ones.

The default packet rules are tied to the Firewall System Rules. When the system rules are enforced to allow/block a connection rather than let Firewall decide based on packet rules, they take precedence over the default packet rules.

We recommend you only modify these rules if you have advanced knowledge of firewall concepts, as Avast Firewall is already configured to provide the appropriate firewall protection in most cases.

Configuring Advanced Packet Rules

To access advanced packet rules:

  1. Go to the Policies page (at partner level for master policies or customer level for customer policies)
  2. Select the desired policy from the left-hand pane
  3. Under Endpoint Protection, expand the Firewall and Antivirus Add-ons section
  4. Go to the Firewall tab, then select Packet Rules

At the top of the settings, you can choose to override client configuration of all Firewall rules and general settings. We recommend enabling this option, ensuring these rules and settings are controlled via the console for maximum security across your network.

At the bottom of the settings, you also have the option to revert application rules to Avast default settings anytime if needed.

Adding Advanced Packet Rules

To add an advanced packed rule:

  1. Click the Add packet rule button at above the list
  2. Fill out the following:
    • Rule name
    • Action: Indicates whether Firewall will Allow or Block the connection
    • Protocol: Indicates the network protocol the rule applies to. One protocol may be selected, or All if the rule applies to all protocols.
    • Direction: Indicates whether the rule applies to incoming connections (In), outgoing connections (Out), or to connections in both directions (Both).
    • Address: Indicates the source or destination IP address the rule applies to. The rule may apply to a single IP address, multiple IP addresses (separated by commas), or an IP address range (starting with the lowest IP address and separated with a dash). If the field is blank, the rule applies to all IP addresses.
    • Local port: Indicates a network port number on the local IP address of your PC's network interface. The rule may apply for a single port number, multiple ports (separated by commas), or a port range (starting with the lowest port number and separated with a dash). If the field is blank, the rule applies to all local ports.
    • Remote port: Indicates a network port number on the remote IP address of the external server or device. The rule may apply for a single port number, multiple ports (separated by commas), or a port range (starting with the lowest port number and separated with a dash). If the field is blank, the rule applies to all remote ports.
      • An application may need to communicate with a specific remote port in order to function. For example, your internet browser usually needs port 443, as this is the default port used for HTTPS (secure HTTP). To verify the remote port that is required by a particular application, contact the application vendor or refer to the application's support pages.
    • ICMP type: If the selected protocol is Internet Control Message Protocol (ICMP/ICMPv6), you will need to specify the ICMP type, which indicates the control message (represented by a code number) to which the rule applies. The rule may apply to a single code number, or multiple codes (separated by commas). The code numbers of control messages are listed in the technical specifications of the ICMP (RFC 792).
    • Profile: Indicates whether the rule applies to Private, Public, or All networks
  3. Click Add

The new rule will then be added to the list. You can modify/delete it if needed by clicking the pencil/delete icon in the Actions column, or you can enable/disable it using the checkbox in the Enable column.