This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Firewall System Rules

This Article Applies to:

  • Avast Business CloudCare

IMPORTANT: The CloudCare console does not support opening multiple tabs in the same browser session. Please use multiple browsers or incognito mode instead.

 

Avast Firewall is another major component of Antivirus protection offered alongside Core Shields, and it is available for Windows workstations. Our Firewall monitors all network traffic between devices and the outside world to help protect you from unauthorized communication and intrusions.

Firewall's system rules control network traffic for the most common connection types. These take precedence over both application and advanced packet rules. The system rules have been expanded to allow the users to configure each rule separately for private and public networks, providing thus more control over the behavior of the Firewall.

We recommend you only modify these rules if absolutely necessary. In most cases, Firewall formulates optimal rules without any user input.

Configuring System Rules

To access Firewall system rules:

  1. Go to the Policies page (at partner level for master policies or customer level for customer policies)
  2. Select the desired policy from the left-hand pane
  3. Under Endpoint Protection, expand the Firewall and Antivirus Add-ons section
  4. Go to the Firewall tab, then select System Rules

At the top of the settings, you can choose to override client configuration of all Firewall rules and general settings. We recommend enabling this option, ensuring these rules and settings are controlled via the console for maximum security across your network.

The following rules can be configured in this section for both private and public networks:

  • Printer & File Sharing: Authorizes other devices in the network to access shared folders and printers.
  • Remote desktop connections : Authorizes other devices in the network to remotely access and control devices when the Remote Desktop service is enabled.
  • Incoming ping and trace requests (ICPM): Authorizes incoming Internet Control Message Protocol messages. ICMP is typically used by system tools, such as ping or tracert commands, for diagnostic or control purposes when troubleshooting connectivity issues.
  • Outgoing ping and trace requests (ICPM): Authorizes outgoing Internet Control Message Protocol (ICMP) messages.
  • IGMP traffic: Authorizes multicast communication using the Internet Group Management Protocol, which is required by some media streaming services for more efficient use of resources during activities such as video streaming and gaming.
  • Multicast traffic: Authorizes applications and services for media streaming when distributing content to groups of multiple recipients in a single transmission, which is necessary for activities such as video-conferencing.
  • DNS: Authorizes communication with Domain Name Servers which enables devices to recognize the IP addresses of the websites you visit.
  • DHCP: Authorizes communication using the Dynamic Host Configuration Protocol to automatically provide devices with IP addresses and other related configuration information such as the subnet mask and default gateway.
  • VPN connections: Authorizes Virtual Private Networks connections that use PPTP (Point-to-Point Tunneling Protocol)
  • VPN connections via L2TP-IPSec: Authorizes Virtual Private Networks connections that use L2TP-IPSec (Layer 2 Tunneling Protocol over Internet Protocol Security)

 

You can choose if a connection is allowed or blocked, or you can leave it as not configured and let Firewall decide based on packet rules. If you select the last option, ensure the Firewall Advanced Packet Rules for that connection are configured.

At the bottom of the settings, you also have the option to revert system rules to Avast default settings anytime if needed.