This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Firewall Network Settings

This Article Applies to:

  • Avast Business Hub

 

Avast Firewall is another major component of Antivirus protection offered alongside Core Shields, and it is available for Windows workstations. Our Firewall monitors all network traffic between devices and the outside world to help protect you from unauthorized communication and intrusions.

The two profiles you can assign to defined and undefined networks are:

  • Private (Trusted): Provides a lower level of security (the device will be visible to other devices on that network)
  • Public (Not trusted): Provides a higher level of security (the device will be hidden from other devices on that network)

We recommend applying the Public profile to all networks that are not your private network, such as when you connect to the internet in a café or at an airport.

Network profiles are one of the rule-matching attributes, meaning rules for trusted profiles are not active when connected to a network classified as untrusted and vice versa. Rules can be set to apply to either one profile or both.

 

To access Firewall network settings:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Select the Settings tab, then Firewall
  4. Expand the Firewall Settings section
  5. Select the Networks tab

Configuring Network Settings

The following settings can be configured here:

  • Disable the network profiles management by this console: When enabled, this setting gives the end user control over choosing the network profiles. Note that this could be a security concern, particularly if the end user tends to travel and uses many public networks. Also note that enabling/disabling this option requires rebooting the devices under the policy you are modifying.
  • Undefined networks: Automatically applies the profile you set here as default to undefined networks. There is an additional possibility to overwrite the profile of every network which was already set by the user with the profile specified here.
  • Defined networks: Allows you to determine the default profile for each network you add to the list of defined networks (see section below).
  • Internet Connection Sharing mode: When enabled, this option allows a trusted user to connect to the internet through the end user's PC and/or connect to devices connected to the internet via the end user's PC. Note that this opens additional ports, which could be a security concern.

Adding Defined Networks

To manually define profiles of various networks, ensuring they are always configured as Public or Private:

  1. In the Defined networks section of Network settings, click the + Add network button
  2. Enter the network name and MAC address
  3. Choose the desired network profile
  4. Click Add network

The defined network will then be added to the list. You can edit/delete it anytime by clicking the pencil/trash bin icon in the Actions column.