Firewall rules to set for automatic updating

Hello everyone,

First of all sorry if this subject has been treated in another post, but my research was unsuccessful.

So, I’m planning to use avast! 4 server edition on a production server ( Windows 2003 64 bits ), and I downloaded the trial version to see if everything is working well.

Everything seems to be OK but the automatic updates : I’ve a physical firewall blocking everything, and I’ve to send to my network administrator the rules to be added to get this working.

I’ve been able to guess some of the rules needed ( for example destination : download24.avast.com (67.15.196.21) on port 80 or destination : rs06.avast.com (67.15.0.83) on port 80 …) but it’s still not working, since it seems there are many different IP @ ( as discussed in this post : http://forum.avast.com/index.php?topic=11977.0 )

Is it possible to get a list of needed rule to get automatic update working ?
I can’t open all traffic on port 80 to all destination, due to strenght security rules.

Thanks In advance for your support.

The updating servers are listed in the file \Setup\servers.def
Note, however, that this file may change during updates (both program and virus database) as new servers are employed.

Oh, I can see 72 servers ! :o and not in the same IP @ range…

Did Avast tries all the servers in the order they are listed in servers.def, or can I edit this file to get Avast querying only 10 servers for example ( although I understood that it could change )

You can’t edit the file or limit avast to use just few of them. Updater selects the servers randomly and has means to skip non-replying servers. This lets us spread the load.

Solutions:
a) List all 80 servers on your firewall and from time to time inspect updater’s log if it does fail on some of them and then add the newer missing servers
b) Install mirror on some server which has full internet access and instruct your avast’s to update from the mirror