General
What is Firewall?
Firewall monitors the network traffic between your PC and the outside world to help protect you from unauthorized communication and intrusions. This feature is designed to require minimal input from you. To ensure you are protected, all you need to do is keep Firewall enabled.
How can I enable or disable Firewall?
To ensure your security, Firewall is enabled by default. We recommend you keep Firewall enabled at all times, unless you need to temporarily disable it for troubleshooting purposes.
To disable Firewall, refer to the instructions in the following article:
What happens when I connect to a new network?
Each time you connect to a new network, Firewall automatically recognizes whether the network is private or public, and applies the relevant settings below:
- Private networks (such as your home or work network) require a lower level of security, and are automatically marked as trusted. Each time you connect to a trusted network, Firewall permits all communication within the network and applies a lower level of security to enable better connectivity.
- Public networks (such as in a cafe or airport) present a greater security risk, and are automatically marked as untrusted. Each time you connect to an untrusted network, Firewall blocks all incoming communication and applies a higher level of security to ensure your privacy and safety.
If necessary, you can change whether a network is trusted or untrusted. For more information, refer to the following article:
Is Firewall available in Avast Free Antivirus?
Yes. From application version 21.7 and later, the core Firewall functionality is available in both Avast Free Antivirus and Avast Premium Security. However, the following premium Firewall features are only available if you have a paid Avast Premium Security subscription:
- Leak Protection
- Port Scan Alerts
- ARP Spoofing Alerts
For more information about the premium features, refer to the Premium Features section.
For information about using the free features included in both Avast Free Antivirus and Avast Premium security, refer to the following article:
Premium Features
What is Leak Protection?
Leak Protection increases your security on public networks by preventing your PC from leaking potentially sensitive information to the network, including your login credentials, computer name, and email address.
We recommend enabling Leak Protection whenever you are connected to a public Wi-Fi network (such as in an airport or cafe). To enable this feature, go to Protection ▸ Firewall ▸ Premium. Ensure that the slider under Leak Protection is green (ON).
What is Port Scan Alerts?
When Port Scan Alerts is enabled, Firewall alerts you if hackers or malware attempt to scan your PC for open ports.
We recommend keeping Port Scan Alerts enabled at all times. To enable this feature, go to Protection ▸ Firewall ▸ Premium. Ensure that the slider under Port Scan Alerts is green (ON).
When Port Scan Alerts is enabled, it activates automatically only when you are connected to an untrusted network. This ensures your protection, while avoiding frequent and potentially intrusive false-positive alerts.
What happens if Port Scan Alerts detects a threat?
If Port Scan Alerts detects a threat, Avast informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:
- Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settings ▸ Unblock.
- Stay connected but block the suspicious device: Remain connected to the network, but block the device that is being used to scan your ports. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via
☰
Menu ▸ Settings ▸ Protection ▸ Firewall ▸ Blocked devices. - Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.
What is ARP Spoofing Alerts?
When ARP Spoofing Alerts is enabled, Firewall alerts you about ARP spoofing attacks.
ARP spoofing is when an attacker exploits the Address Resolution Protocol (ARP) to trick the devices on a network into communicating with an external device that is controlled by the attacker. This allows the attacker to intercept your network traffic, which includes private messages, payment details, and login credentials.
We recommend keeping ARP Spoofing Alerts enabled at all times. To enable this feature, go to Protection ▸ Firewall ▸ Premium. Ensure that the slider under ARP Spoofing Alerts is green (ON).
When ARP Spoofing Alerts is enabled, it activates automatically only when you are connected to an untrusted network. This ensures your protection, while avoiding frequent and potentially intrusive false-positive alerts.
What happens if ARP Spoofing Alerts detects a threat?
If ARP Spoofing Alerts detects a threat, Avast informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:
- Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settings ▸ Unblock.
- Stay connected but block the suspicious device: Remain connected to the network, but block the external device that is intercepting your network traffic. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via
☰
Menu ▸ Settings ▸ Protection ▸ Firewall ▸ Blocked devices. - Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.
Advanced Settings
How can I specify the rules that Firewall applies for new apps?
To specify the rules that Firewall applies for new apps that do not yet have assigned app rules:
- Open Avast Antivirus and go to Protection ▸ Firewall.
- Click Settings (the gear icon) in the top-right corner.
- Use the drop-down menu under How should Firewall treat new apps? to select one of the options below:
- Smart Mode (the recommended and default option): Firewall automatically creates and applies rules that are based on the trustworthiness of the app.
- Block: Firewall blocks all connection attempts by new apps.
- Allow: Firewall allows all connection attempts by new apps.
- Ask: You are prompted to manually allow or deny connection attempts by new apps.
What are Application rules?
Firewall creates Application rules each time an application or process starts for the first time. These rules determine how Firewall behaves toward each application or process when it connects to the internet or to another network. Advanced users can set connection allowances for each individual app to determine how strictly Firewall monitors any incoming or outgoing communication.
To configure your application rules:
- Open Avast Antivirus and go to Protection ▸ Firewall.
- Click Settings (the gear icon) in the top-right corner.
- Select View Firewall rules.
- Select the Application rules tab.
For more information about using the Application rules screen, refer to the following article:
What are Network rules?
Network rules (previously known as Packet rules) control whether network traffic is allowed or blocked according to the information contained in network packets. This information may include network protocols, source or destination IP addresses, or local and remote ports. Advanced users can manage these rules or create new ones.
To configure your network rules:
- Open Avast Antivirus and go to Protection ▸ Firewall.
- Click Settings (the gear icon) in the top-right corner.
- Select View Firewall rules.
- Select the Network rules tab.
For more information about using the Network rules screen, refer to the following article:
What are Basic rules?
Basic rules (previously known as System rules) are a range of Firewall rules that control network traffic for the most common connection types related to specific system capabilities.
To configure your basic rules:
- Open Avast Antivirus and go to Protection ▸ Firewall.
- Click Settings (the gear icon) in the top-right corner.
- Select View Firewall rules.
- Select the Basic rules tab.
For more information about using the Basic rules screen, refer to the following article:
- Avast Premium Security 24.x for Windows
- Avast Free Antivirus 24.x for Windows
- Microsoft Windows 11 Home / Pro / Enterprise / Education
- Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
- Microsoft Windows 8.1 / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1 with Convenient Rollup Update, 32 / 64-bit
Updated on: 02/06/2022