This site is only for Avast Business products. For articles on AVG Business products, see AVG Business Help.

Firewall Requirements

This Article Applies to:

  • Business Hub
  • Avast Business Cloud Console
  • Avast Business On-Premise Console
  • Avast Business Antivirus

For overall functionality, and to enable the Antivirus clients and/or the Management Consoles to authenticate/update, you must allow certain ports and URL addresses through your Firewall or Proxy Server.


Avast web services are hosted in many countries around the world. Therefore, we do not recommend geoblocking in your firewall settings.

If geoblocking is necessary, we recommend you set URL Allow rules to supercede geoblocking, so Avast traffic can still be allowed.

Ports (TCP & UDP)

  • 53 – Secure DNS services (only if using Real Site component)
  • 80 – Internet vulnerability checks and feature updates
  • 443 – Encrypted communication
  • 8080, 8090 – Communication between console and clients within local network (only for On-Premise Console)
  • 4158 – Mirror, for local updates within local network
  • 7074 – Remote Deployment within local network


  • *
  • *
  • (Hub only, for Remote Control)
  • * (Hub only, for Cloud Backup)
  • * (Hub only, for Cloud Backup)