AVG Firewall filters IPv6 communication the same way, as standard IPv4 communication. In general, no adjustments need to be done to the Firewall in order to use IPv6.

Both application and system rules are valid for IPv4 and IPv6 traffic. While the application rules are bound to specific application and ports (e.g. Allow all traffic for Internet Explorer), system rules are defined as set of opened ports per protocol (e.g. Allow system TCP communication on port 80). Rules are therefore applied regardless of IP protocol version or format of IP address.

At the same time, it is also possible to define custom networks IPv6 in AVG Firewall, the same way they are defined for IPv4 protocol. These networks can be then used in an application/system rule definition, to restrict its validity only for some IP addresses. A custom IPv6 network in AVG Firewall can be created as follows:

• Open AVG -> menu Tools -> Firewall configuration.
• Go to Profiles -> your profile -> Defined networks.
• Click Add network -> Add IP -> tick Use IP version 6.
  
• The IP address fields will change to accomodate the IPv6 addresses.

More information about the IPv6 protocol can be found e.g. at http://en.wikipedia.org/wiki/IPv6.

The Gaming mode of AVG Firewall is designed for full-screen applications (game, presentation, movie) which need to communicate with Internet and the Firewall dialog with choice of available actions would affect the application (minimize it or corrupt its graphics).

Note: When the Gaming mode is enabled all scheduled tasks (scans, updates) are postponed till the application is closed.

To enable the Gaming mode please proceed as follows:

• Open the AVG program.
• Double-click on the Firewall component.
• Tick the option Enable gaming mode.
• Confirm changes by clicking on the Save changes button.

After saving the rule, all communication of all full-screen applications will be allowed.

It is also possible to enable the Gaming mode for each Firewall profile and change the Firewall action from Allow for all to Block:

• Open the AVG program.
• Choose the Firewall settings option from the Tools menu.
• Choose the desired profile name -> Disable Firewall notification when playing games options.

In case you also wish to disable balloon tray notifications and scheduled tasks when a full-screen application is running, please proceed as follows:

• Open the AVG program.
• Choose the Advance settings option from the Tools menu.
• Select the Appearance branch.
• Tick the Enable gaming mode when a full-screen application is executed option.
• Confirm changes by clicking on the OK button.

The result of this is the possibility to set up multiple different AVG Firewall configurations and use them in the networks you are connecting to, based on your security requirements.

2. What is the Area Detection?

Area Detection is an ability of AVG Firewall to distinguish to which network is the computer currently connected. The detection is independent on the used adapter, network configuration and network type. If you connect a laptop with installed AVG Firewall to one Wi-Fi network, you will receive an Area Detection dialogue where you can assign which profile you wish to use. Upon connection to another Wi-Fi network, the Area Detection dialogue will be displayed again, even if the network configuration is exactly the same and the only difference is in the Wi-Fi router/hotspot.

This function allows you to achieve custom configuration for every single network you are connecting to.

3. What is the Automatic Profile Switch?

By combining the Profiles with the Area Detection, we are able to automatically assign any profile to any network. Each profile contains its own configuration, each network is recognized as a new area.

Example:

When you connect your computer/laptop to company network, the Area Detection dialogue is displayed. You decide to use profile "Computer in domain", since the network is protected by gateway and other internal security measures. Then you decide to connect to the company network using Wi-Fi. Again, Area Detection is displayed and "Computer in domain" is the best choice.

Then you take your laptop and go to a coffee place with public Wi-Fi hotspot. New area is detected again, and you select profile "Computer on the move" to block all unwanted traffic (e.g. file sharing). This area is recognized, even though you are using the same Wi-Fi adapter, and the network configuration (IP, Gateway, etc.) is identical to that at work.

Finally, you connect at home using cable. Once again is the area detected, and you select profile "Standalone computer".

Once you connect to these networks for the second time, the desired profile will be selected automatically based on your previous choice.

Each of the profiles used in this example has different settings for applications (e.g. Skype, FTP Server, ICQ, Internet browser), system rules (file sharing, RDP, RPC, etc.) and all other options, so for every single network you connect to, required security level is always maintained.

In AVG Firewall, it is possible to set some networks (IP ranges) as Safe. At the same time, rules for applications or system services can be allowed only for Safe networks. The combination of the two allows you to configure your Firewall to protect your computer from unwanted network connections, while allowing all required communication from and to known sources.

Note:
The configuration of Safe networks can be combined with Automatic Profile Switch functionality.

Safe networks
configurable in the AVG program - menu Tools - Firewall settings - Profiles - your profile - Defined networks

To be able to set some network as Safe, it is necessary to create it first using the button "Add network". Once you create the network (in other words custom list of IP addresses), you can specify that this network will be safe, and the same behavior as with safe adapters is applied to it - "Allow for all" rules are applied to all networks including the safe ones, and "Allow for safe" is applied only to the safe network. The example is again similar to the one with Safe adapter:

• create some new network (e.g. 192.168.0.1 - 192.168.0.100) and mark it as Safe
  
• set Microsoft File Sharing and Printing as Allow for safe
• if the other computer is in the IP range specified when creating the network, it will be able to connect and browse your shared files
• connections from different IP addresses will be blocked

This way, you can allow sharing of your files or network resources (or allow any other communication) only to strictly specified list of IP addresses/computers.

"Allow for safe" rules are stored individually for each profile. This allows you to create fully customized sets of configuration for any network you are connecting to.

If you have the profile "Small home or office network" in your AVG, some rules which are typically required in this scenario (MS File Sharing and Printing, Replies to ICMP diagnostics) are already marked as Allow for safe. It is therefore only necessary to set some adapter or network as safe to gain full advantage of this profile.

There is also an option to use IP addresses whitelist/blacklist. When some IP address is entered into these two dialogs, all outgoing and incoming communication will be allowed (whitelist) or blocked (blacklist). IP addresses whitelist/blacklist can be found in the Firewall settings -> <used profile> -> Defined networks.

In case of any questions related to the safe networks/adapters, AVG Firewall or AVG in general, please feel free to contact AVG Customer Services.

The level of the security used in AVG Firewall is dependant upon your choice here. Because of this we recommend you to pay close attention to AVG Firewall Configuration Wizard. In the wizard you will be first asked what type of computer you are using. Selecting desktop computer will allow you to select one profile. Selecting the Laptop option will create all available options so that you can switch between them. For details about Profile Switch function please see FAQ 2116.

Available profiles:

• Standalone computer - marked as "Directly via modem" in Firewall Wizard
  Generates settings suitable for single computer usage. Please choose this option for the following situations:
  When you are using a home computer connected by either dial-up or always-on connection, via a modem and telephone line, cable connection, wireless connection (WiFi) etc.
  When you are connected to a small local corporate network without central administration.
  Rules that are more restrictive will be created, as it is assumed that these computers have no additional protection and therefore require the maximum protection.
  
• Computer in domain - marked as "Your computer is part of a domain" in Firewall Wizard
  Generates settings suitable for a computer connected within a local network. In this case it is assumed that there is some additional protection available (such as a corporate (software or hardware) firewall). Therefore, the rules created are less restrictive.
  
• Small home or office network - marked as "Directly via wired or wireless router"
  This profile corresponds with the Standalone computer profile but in addition also allows "Microsoft file sharing and printing" service and Network diagnostics (Replies on ICMP network diagnostics) for Safe networks. To fully use this profile, it is recommended to define your local network in your Firewall profile configuration and consider the Network safety as being "Safe".
  Open AVG -> menu "Tools" -> "Firewall settings" -> "Small home or office network" -> Select "Defined networks" -> "Add Network" -> "Add IP" -> "IP Address / Mask" and define your local network IP range (e.g. 192.168.0.0 / 255.255.0.0 is equal to IP range from 192.168.0.0 to 192.168.255.255) and switch "Network safety" to "Safe". You can name such a network as "My local Trusted zone".
  

Suggestions:

• choose the „Directly via modem“ option if your computer is not connected to the corporate network or if you are not sure which option is correct.
• contact your network administrator if your computer is connected to your corporate network but you do not know if there is some additional protection used in the network
• if you use a laptop for both home connection and connection to the corporate network, please choose the „Laptop“ option. After the laptop is connected to the corporate network, temporarily switch profiles in the AVG Firewall.

Remember that you can switch profile for AVG Firewall at any time you require. You can do this here:
Open the AVG program -> Click Firewall icon -> select required profile from drop down menu and press "Save changes".