This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Firewall Advanced Packet Rules

This Article Applies to:

  • Avast Business On-Premise Console

 

Avast Firewall is another major component of Antivirus protection offered alongside Core Shields, and it is available for Windows workstations. Our Firewall monitors all network traffic between devices and the outside world to help protect you from unauthorized communication and intrusions.

Firewall's advanced packet rules are the final level of Firewall rule evaluation, meaning they are utilized only if the connection does not fit any system or application rules. These rules control whether network traffic is allowed or blocked based on the information contained in network packets. This information may include network protocols, source or destination IP addresses, or local and remote ports. Advanced users can manage these rules or create new ones.

The default packet rules are tied to the Firewall System Rules. When the system rules are enforced to allow/block a connection rather than let Firewall decide based on packet rules, they take precedence over the default packet rules.

We recommend you only modify these rules if you have advanced knowledge of firewall concepts, as Avast Firewall is already configured to provide the appropriate firewall protection in most cases.

 

To access advanced packet rules:

  1. Go to the Policies page
  2. Open the desired policy
  3. Select Windows Workstation, then navigate to the Active protection tab
  4. Click Customize next to Firewall
  1. Select the Rules tab, then Advanced packet rules

At the top of the Rules tab, you can allow local configuration of all Firewall rules by disabling the Control all rules via the web console option. However, we recommend keeping this option enabled, ensuring these rules are controlled via the On-Premise Console for maximum security across your network.

Adding Advanced Packet Rules

To add add an advanced packet rule:

  1. Click the Add new rule button at the bottom of the list
  2. Fill out the following:
    • Enabled: Ticking/unticking the checkbox will enable/disable the rule.
    • Rule name
    • Action: Indicates whether Firewall will Allow or Block the connection.
    • Protocol: Indicates the network protocol the rule applies to. One protocol may be selected, or All if the rule applies to all protocols.
      • If you select Internet Control Message Protocol (ICMP/ICMPv6), you will also need to specify the ICMP type.
    • Direction: Indicates whether the rule applies to incoming connections (In), outgoing connections (Out), or to connections in both directions (Both).
    • IP Address: Indicates the source or destination IP address the rule applies to. The rule may apply to a single IP address, multiple IP addresses (separated by commas), or an IP address range (starting with the lowest IP address and separated with a dash). If the field is blank, the rule applies to all IP addresses.
    • Local Port: Indicates a network port number on the local IP address of your PC's network interface. The rule may apply for a single port number, multiple ports (separated by commas), or a port range (starting with the lowest port number and separated with a dash). If the field is blank, the rule applies to all local ports.
    • Remote Port: Indicates a network port number on the remote IP address of the external server or device. The rule may apply for a single port number, multiple ports (separated by commas), or a port range (starting with the lowest port number and separated with a dash). If the field is blank, the rule applies to all remote ports.
      • An application may need to communicate with a specific remote port in order to function. For example, your internet browser usually needs port 443, as this is the default port used for HTTPS (secure HTTP). To verify the remote port that is required by a particular application, contact the application vendor or refer to the application's support pages.
    • ICMP type: Indicates the control message (represented by a code number) to which the rule applies. The rule may apply to a single code number, or multiple codes (separated by commas). The code numbers of control messages are listed in the technical specifications of the ICMP (RFC 792).
    • Profile: Indicates whether the rule applies to Private, Public, or All networks.
  3. Click the Update button

The new rule will then be added to the list. Clicking the rule will enable you to modify its details if needed. You can also delete the rule using the trash bin icon next to it.

Resetting to Default Settings

If needed, you can revert all advanced packet rules to their default values by clicking the Reset to default settings link at the bottom of the settings.

 

Other Articles In This Section:

Firewall Network Settings

Firewall System Rules

Firewall Application Rules

Related Articles:

Configuring Antivirus Exclusions

Logging Blocked Packets to Create Exclusions