Enhanced Firewall is a component in AVG Internet Security that creates rules each time an application or process starts for the first time. These rules determine how Enhanced Firewall behaves each time an application or process connects to the internet or to another network.
Create a new application rule
AVG Internet Security creates default rules automatically for applications from known and trusted sources the first time you start the application. Application rules are organized into predefined groups, according to application vendor. To add an application to an existing group:
- Open the AVG Internet Security user interface and click the Hacker Attacks tile.
- Click Firewall options ▸ Application Rules.
- Click New application rule and select a group (vendor).
- Locate and select the executable file of the application you want to add, then click Open.
- Click the group name, then use the orange bars to indicate the level of access you want to allow.
To create a new group, click New Group, provide a name, then right-click the group to view more options.
Adjust access restrictions
You can set connection allowances for each application or process to determine how strictly Enhanced Firewall monitors incoming or outgoing communication.
Click a group (vendor) in the Application column, then use the orange bars in the Allowed connections column to set the authorization level for a specific application:

One bar (Friends out): outgoing connections with Friends networks only.
Two bars (Friends in/out): incoming and outgoing connections with Friends networks only.
Three bars (Internet out): all outgoing connections to the internet.
Four bars (Friends in and Internet out): incoming connections with Friends networks only, and all outgoing connections to the internet.
Five bars: (All connections): all incoming and outgoing connections to the internet.
- To Block all connections for an application, hover your cursor over the orange bars and click the red block symbol that appears.
Manage unauthorized connections
In addition to defining the types of connections you authorize for applications or processes, you can also specify how Enhanced Firewall behaves when it detects a non-authorized connection. To define Enhanced Firewall behavior for a non-authorized connection:
- Click a group (vendor) in the Application column to open the list of applications or processes in that group.
- Select an application or process to expand its individual communication settings.
- Use the drop-down menu to manage the application's behavior. The following behaviors are available:
- Default rule: Enhanced Firewall decides to allow or block connections based on the settings of the active Enhanced Firewall network profile (Private or Public).
- Auto-decide: Enhanced Firewall allows connections with verified applications, but blocks connections from unknown or suspicious applications.
- Block: Enhanced Firewall blocks all other connections.
- Ask: Enhanced Firewall asks you to decide if you want to allow or block a connection each time a new request is received. Selecting this option may result in frequent and potentially obtrusive alerts.
For more information about network profiles, refer to the following article:
Specify authorized ports
Tighten rule restrictions further by specifying the network ports each application uses for communication when an incoming or ongoing connection is allowed. To specify authorized ports:
- Click a group (vendor) in the Application column to open the list of applications or processes in that group.
- Select an application or process to expand its individual communication settings.
- Specify the Outbound ports and Inbound ports that you allow the application or process to communicate with. Specify ports in the following ways:
- Type specific port numbers into the text box. For multiple ports, separate each port number with a comma.
- Select All from the drop-down menu to authorize communication with all ports.
- Select a predefined port number from the drop-down menu.
- Optionally, configure packet rules from the main application rules screen by following steps 1-2 above, then clicking Packet rules. For more information about packet rules, refer to the following article:
- AVG Internet Security 20.x
- Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
- Microsoft Windows 8.1 / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1, 32 / 64-bit