I'm running the trial Internet Security on a test system. It is very nice, but the firewall is extremely weak from the standpoint of creating custom rules.
I insist, for example, in creating a rule for each of my browsers that permit outbounds for 53 UPD and 80 & 443 TCP only, block unsolicited inbounds and ask for anything else.
The AIS firewall default rule can be set for Allow, Block, Ask or Auto-decide GLOBALLY only.
I intially set it for ask and ran my browsers (Chrome, Opera, IE). The choices are very limited, not even allowing the granularity of UDP and TCP. And try as I might, there was no way I could run the browser without eventually getting tired of clicking on "allow" for AIS alerts. Just one "allow" with "remember" selected overwrites ones rule with an allow
all connections in
and out. After about three hours, I conclude this firewall is not for the seasoned pro who wants to carefully fine-tune an application firewall rule.
As such, in using this suite, I would set the firewall default rule to Ask (or Auto-decide for some one else's computer) and run the browser(s) in avast!'s new virtualization sandbox feature. But even with a sandbox, I am nonetheless uncomfortable with a firewall that won't let me build a rule the way I want it. Avast needs to let power users under the hood.
Otherwise, this is a slick and very well developed security suite with seemingly every bell and whistle one could want in an anti-everything application and highly tunable in every aspect, but oddly except for the firewall.
UPDATE
Believe it or not, there are two open threads over at the avast! forum regarding whether or not the "Windows" firewall should be enabled for AIS5. Apparently, at some point in time, beta users were instructed to keep it active and now there's no consensus if that carries over to the official release. Or which version of "Windows" is affected as just about everyone thinks everyone else knows which "Windows" they are running.
In the meantime, a firewall rule I created to block all in/out connections has disappeared from the Application Rules pane. Although the app is still blocked and logged as such, if I wanted to edit or delete it, it's
nowhere to be found. My post about the issue remains unanswered, but given the time line that's expected. For now...
UPDATE
It is apparent from the postings in the avast! forum that their firewall is dependent on the the "Windows" firewall. There is nothing there nailing it down to which Windows; it's all over the place. And there are those of the opinion there are no differences between XP, Vista and Win7 firewalls, 32 or 64 bit. Wow.
My inquiry about the lost block rules needed to be bumped from page four and it finally got a response that I may have found a bug. Also noted is there are some GUI update and logging issues (things not showing up).
No one responded to my questions about fine tuning persistent rules. I conclude you can make any rules at all as long as they're avast! rules.
At this point in time, the firewall is seriously elementary, probably as a result of being an overlay - not worth the extra $$$. Stick with their stellar Free or Pro versions in conjunction with the Windows firewall. A third party firewall should be "basic" like Sunbelt given the levels of protection offered by avast! AV.
Clearly, avast! needs a separate board for their firewall users. The multitude of issues posted up are lost in the 100's generated by users of Free and Pro.
