This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Advanced Firewall Features

This Article Applies to:

  • Avast Business Hub

Avast Firewall is another major component of Antivirus protection offered alongside Core Shields, and it is available for Windows workstations. Our Firewall monitors all network traffic between devices and the outside world to help protect you from unauthorized communication and intrusions.

The following advanced features are available for Avast Firewall:

  • Leak Protection: Protects the device from leaking potentially sensitive data by enabling packet rules to block certain types of communication.
  • Port Scan Alerts: Warns about hacker and/or malware attempts to scan the device for open ports.
  • ARP Spoofing Alerts: Warns about attempted Address Resolution Protocol spoofing attacks (when an attacker exploits the ARP to trick a device into communicating with an external device controlled by the attacker).

To manage these features from the console:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Select the Settings tab, then Firewall
  4. Expand the Firewall Settings section
  5. Select the Advanced tab
  6. Use the toggles next to the features to enable/disable them

When Port Scan and ARP Spoofing alerts are enabled, the detection dialogs will offer the following options to the user:

  • Disconnect and block this network(recommended): Immediately disconnects from the current network and blocks any future connections to it. The Blocked message is displayed next to this network on the Network screen in Firewall settings.
  • Stay connected but block the suspicious device: Remains connected to the network while blocking the external device conducting ARP spoofing. This allows continued internet usage but is not recommended due to potential additional threats on the network. Blocked devices can be managed in the Firewall settings.
  • Ignore this potential threat — I trust this network: Takes no immediate action. It is not recommended unless the user is certain about the network's security.

Note that the Firewall advanced features are only activated in public (untrusted) networks.