This site is only for Avast Business products. For articles on AVG Business products, see AVG Business Help.

Firewall System Rules

This Article Applies to:

  • Avast Business CloudCare

System Rules are basic rules for common network applications and functions. These take precedence over Application and Advanced Packet rules. We recommend you ensure these rules are controlled by your Console for maximum security across your network.

You can choose different rules for Private (trusted) and Public (untrusted) networks.

For most of these rules, you can choose if they are Allowed, Blocked, or Not configured. If you select the last option, be sure there are application or packet rules configured for the type of traffic you can expect in Firewall Application Rules and Firewall Advanced Packet Rules.

Most network environments enable Allow Windows File and Printer Sharing and/or Allow remote desktop connections to this computer. Your network may require slightly different configuration.

System Rule Descriptions

  • Printer & File Sharing: authorizes other devices in the network to access shared folders and printers on devices
  • Remote desktop connections: authorizes other devices in the network to remotely access and control devices when the Remote Desktop service is enabled
  • Incoming ping and trace requests (ICMP): authorizes incoming Internet Control Message Protocol messages. ICMP is typically used by system tools, such as ping or tracert commands, for diagnostic or control purposes when troubleshooting connectivity issues
  • Outgoing ping and trace requests (ICMP): authorizes outgoing Internet Control Message Protocol messages
  • IGMP traffic: authorizes multicast communication using the Internet Group Management Protocol, which is required by some media streaming services for more efficient use of resources during activities such as video streaming and gaming
  • Multicast traffic: authorizes applications and services for media streaming when distributing content to groups of multiple recipients in a single transmission, which is necessary for activities such as video-conferencing
  • DNS: authorizes communication with Domain Name Servers which enables devices to recognize the IP addresses of the websites you visit
  • DHCP: authorizes communication using the Dynamic Host Configuration Protocol to automatically provide devices with IP addresses and other related configuration information such as the subnet mask and default gateway
  • VPN connections (via PPTP): authorizes connections to Virtual Private Networks based on the Point-To-Point Tunneling Protocol. This protocol is known to present numerous security risks
  • VPN connections via L2TP-IPSec: authorizes connections to Virtual Private Networks based on a more secure combination of the Layer 2 Tunneling Protocol and Internet Protocol Security