Skip to main content

Avast Firewall - FAQs

General

What is Firewall?

Firewall monitors all network traffic between your PC and the outside world to protect you from unauthorized communication and intrusions. This feature is designed to require minimal input from you. To ensure you are protected, all you need to do is keep Firewall enabled.

How can I enable or disable Firewall?

To ensure your full security, Firewall is enabled by default. We recommend you keep Firewall enabled at all times, unless you need to temporarily disable it for troubleshooting purposes.

To disable Firewall temporarily:

  1. Open Avast Antivirus and go to ProtectionFirewall.
  2. Click the green (ON) slider, then select a time duration to specify how long Firewall will remain disabled.

The slider is red (OFF), and Firewall is disabled for the selected time duration. To manually enable Firewall, follow step 1 above, then click the red (OFF) slider so that it changes to green (ON).

What happens when I connect to a new network?

Each time you connect to a new network, Firewall automatically recognizes whether the network is private or public, and applies the relevant settings below:

  • Private networks (such as your home or work network) require a lower level of security, and are automatically marked as trusted. Each time you connect to a trusted network, Firewall permits all communication within the network and applies a lower level of security to enable better connectivity.
  • Public networks (such as in a cafe or airport) present a greater security risk, and are automatically marked as untrusted. Each time you connect to an untrusted network, Firewall blocks all incoming communication and applies a higher level of security to ensure your privacy and safety.

If necessary, you can change whether a network is trusted or untrusted via ProtectionFirewallNetworks. For more information, refer to the following article:

Is Firewall available in Avast Free Antivirus?

Yes. From application version 21.7 and later, the core Firewall functionality is available in all Avast antivirus products. However, the following premium Firewall features are only available if you have a paid Avast Premium Security subscription:

  • Leak Protection
  • Port Scan Alerts
  • ARP Spoofing Alerts

For more information about these features, refer to the Premium Features section.

Features

How can I use the Networks tab?

The Networks tab is available via ProtectionFirewallNetworks.

This section lists all of the networks that you have previously connected to. The following options are available for each network:

  • Click Show settings and specify if the network is trusted or untrusted.
  • Hover your cursor over the network panel, and click the Show network details icon to see technical information about the network.

For more information about the Networks tab, refer to the following article:

How can I use the Apps tab?

The Apps tab is available via ProtectionFirewallApps.

This screen lists all of the apps on your PC that are currently using your internet connection. The following options are available for each app:

  • Click Block next to an app to ensure that Firewall always stops this app from connecting to the internet or to other networks.
  • Hover your cursor over the app panel, and click Show more (three dots) to choose from the following options:
    • Turn on Ask me Mode: ensure that Firewall prompts you to manually allow or deny each connection attempt for this app.
    • Show app details: view basic information about this app.
    • Show app rules: open the advanced Application rules for this app.

For more information about the Apps tab, refer to the following article:

How can I use the Logs tab?

The Logs tab is available via ProtectionFirewallLogs.

This screen lists your recent Firewall activity. You can use the drop-down menu to specify which activity type you want to see. The following options are available:

  • Blocked apps
  • Blocked devices
  • Applied rules

You can also specify a time period (for example, Past hour).

When you are connected to a Trusted network, most apps and devices are allowed, because fewer Firewall restrictions are imposed. When you are connected to an Untrusted network, more apps and devices are blocked, because the protection level is higher. If an app or device is blocked while you are connected to a Trusted network, Firewall has detected and blocked a suspicious communication attempt. No actions are required from you.

Premium Features

What is Leak Protection?

Leak Protection increases your security on public networks by preventing your PC from leaking potentially sensitive information to the network, including your login credentials, computer name, and email address.

We recommend enabling Leak Protection whenever you are connected to a public Wi-Fi network (such as in an airport or cafe). To enable this feature, go to ProtectionFirewallPremium. Ensure that the slider under Leak Protection is green (ON).

What is Port Scan Alerts?

When Port Scan Alerts is enabled, Firewall alerts you if hackers or malware attempt to scan your PC for open ports.

We recommend keeping Port Scan Alerts enabled at all times. To enable this feature, go to ProtectionFirewallPremium. Ensure that the slider under Port Scan Alerts is green (ON).

Even when Port Scan Alerts is enabled, it is never active when you are connected to a trusted network. This is because many home security solutions need to scan for open ports for legitimate reasons. For example, Wi-Fi Inspector in Avast Antivirus scans the PCs on your network for open ports to keep you informed about potential vulnerabilities.

When Port Scan Alerts is enabled, it activates automatically only when you are connected to an untrusted network. This ensures your protection, while avoiding frequent and potentially intrusive false-positive alerts.

What happens if Port Scan Alerts detects a threat?

If Port Scan Alerts detects a threat, Avast informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:

  • Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settingsUnblock.
  • Stay connected but block the suspicious device: Remain connected to the network, but block the device that is being used to scan your ports. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via MenuSettingsProtectionFirewallBlocked devices.
  • Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.

What is ARP Spoofing Alerts?

When ARP Spoofing Alerts is enabled, Firewall alerts you about ARP spoofing attacks.

ARP spoofing is when an attacker exploits the Address Resolution Protocol (ARP) to trick the devices on a network into communicating with an external device that is controlled by the attacker. This allows the attacker to intercept your network traffic, which includes private messages, payment details, and login credentials.

We recommend keeping ARP Spoofing Alerts enabled at all times. To enable this feature, go to ProtectionFirewallPremium. Ensure that the slider under ARP Spoofing Alerts is green (ON).

Even when ARP Spoofing Alerts is enabled, it is never active when you are connected to a trusted network. This is because many home security solutions need to use ARP Spoofing for legitimate reasons.

When ARP Spoofing Alerts is enabled, it activates automatically only when you are connected to an untrusted network. This ensures your protection, while avoiding frequent and potentially intrusive false-positive alerts.

What happens if ARP Spoofing Alerts detects a threat?

If ARP Spoofing Alerts detects a threat, Avast informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:

  • Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settingsUnblock.
  • Stay connected but block the suspicious device: Remain connected to the network, but block the external device that is intercepting your network traffic. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via MenuSettingsProtectionFirewallBlocked devices.
  • Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.

Advanced Settings

How can I specify the rules that Firewall applies for new apps?

To specify the rules that Firewall applies for new apps that do not yet have assigned app rules:

  1. Open Avast Antivirus and go to ProtectionFirewall.
  2. Click Settings (the gear icon) in the top-right corner.
  3. Use the drop-down menu under How should Firewall treat new apps? to select one of the options below:
    • Smart Mode (the recommended and default option): Firewall automatically creates and applies rules that are based on the trustworthiness of the app.
    • Block: Firewall blocks all connection attempts by new apps.
    • Allow: Firewall allows all connection attempts by new apps.
    • Ask: You are prompted to manually allow or deny connection attempts by new apps.

What are Application rules?

Firewall creates Application rules each time an application or process starts for the first time. These rules determine how Firewall behaves toward each application or process when it connects to the internet or to another network. Advanced users can set connection allowances for each individual app to determine how strictly Firewall monitors any incoming or outgoing communication.

We recommend you only modify your application rules if absolutely necessary. In most cases, Firewall formulates optimal rules without your input.

To configure your application rules:

  1. Open Avast Antivirus and go to ProtectionFirewall.
  2. Click Settings (the gear icon) in the top-right corner.
  3. Select View Firewall rules.
  4. Select the Application rules tab.

For more information about using the Application rules screen, refer to the following article:

What are Network rules?

Network rules (previously known as Packet rules) control whether network traffic is allowed or blocked according to the information contained in network packets. This information may include network protocols, source or destination IP addresses, or local and remote ports. Advanced users can manage these rules or create new ones.

We recommend you only modify your network rules if absolutely necessary. In most cases, Firewall formulates optimal rules without your input.

To configure your network rules:

  1. Open Avast Antivirus and go to ProtectionFirewall.
  2. Click Settings (the gear icon) in the top-right corner.
  3. Select View Firewall rules.
  4. Select the Network rules tab.

For more information about using the Network rules screen, refer to the following article:

What are Basic rules?

Basic rules (previously known as System rules) are a range of Firewall rules that control network traffic for the most common connection types related to specific system capabilities.

We recommend you only modify your basic rules if absolutely necessary. In most cases, Firewall formulates optimal rules without your input.

To configure your basic rules:

  1. Open Avast Antivirus and go to ProtectionFirewall.
  2. Click Settings (the gear icon) in the top-right corner.
  3. Select View Firewall rules.
  4. Select the Basic rules tab.

For more information about using the Basic rules screen, refer to the following article:

What is Firewall?

Firewall monitors all network traffic between your PC and the outside world to protect you from unauthorized communication and intrusions. This feature is designed to require minimal input from you. To ensure you are protected, all you need to do is keep Firewall enabled and, when prompted, specify whether each network that you connect to is trusted or untrusted.

Is Firewall a free feature?

Yes. Firewall is available in both the free and paid versions of Avast One.

How can I enable or disable Firewall?

To ensure your full security, Firewall is enabled by default. We recommend you keep Firewall enabled at all times, unless you need to temporarily disable it for troubleshooting purposes.

To disable Firewall temporarily:

  1. Open Avast One and go to ExploreFirewall.
  2. Click Open Firewall.
  3. Click the green (ON) slider, then select a time duration to specify how long Firewall will remain disabled.
  4. Click OK, stop to confirm.

The slider changes to red (OFF), and Firewall is disabled for the selected time duration. To manually enable Firewall, follow steps 1-2 above, then click the red (OFF) slider so that it changes to green (ON).

What happens when I connect to a new network?

Each time you connect to a new network, Firewall prompts you to specify if you trust or don't trust the network. Select the relevant option:

  • Trust this network: The recommended option for a private network, such as your home or work network. When you select this option, the network is marked as a Trusted network. Each time you connect to a trusted network, Firewall permits all communication within the network and applies a lower level of security to enable better connectivity.
  • Don't trust this network: The recommended option for a public network, such as in an airport or cafe. When you select this option, the network is marked as an Untrusted network. Each time you connect to an untrusted network, Firewall blocks all incoming communication and applies a higher level of security to ensure your privacy and safety.
Don't trust this network is the default option if you do not manually select one.

You can change whether a network is trusted or untrusted at any time. For more information, refer to the following article:

How can I control which apps are allowed to connect to the internet?

To see a list of the apps that are currently using your internet connection:

  1. Open Avast One and go to ExploreFirewall.
  2. Click Open Firewall.
  3. Ensure the Apps tab is selected.
  4. Select the Active apps tab to view the applications that are currently using your internet connection.
  5. To see all applications that are installed on your PC, select the Inactive apps tab.

To stop an application from accessing your network, click Block next to an application in any of the apps lists. Firewall will always stop this app from connecting to the internet or to other networks.

For more information about managing applications using Firewall in Avast One, refer to the following article:

How can I review or monitor all Firewall activity?

The History tab displays a record of all Firewall activity. You can choose to view the information by Last hour, Last day, or Last month.

To access Firewall history, go to ExploreFirewallOpen Firewall and select the History tab.

What are advanced network security settings?

Advanced network security settings are automatically enabled to protect you and your device when connected to the internet. We recommend keeping these settings enabled at all times for maximum protection.

To disable a setting temporarily, select the Advanced network security tab and untick the box next to the relevant setting:

  • Hide potentially sensitive info from other devices on the network: Prevents other devices on the same network from seeing your potentially sensitive information including your computer name, device type, and email address.
  • Notify me if my PC is scanned for open ports: Avast One alerts you and blocks access when a device on an untrusted network tries to scan your PC for open ports. Scanning for open ports indicates there may be a hacker on the network.
  • Notify me about ARP spoofing attacks: Avast One alerts you and blocks Address Resolution Protocol (ARP) spoofing attacks that try to trick the devices on an untrusted network into communicating with an external device that is controlled by the attacker. This allows the attacker to intercept your network traffic, which includes private messages, payment details, and login credentials.
  • Avast Premium Security 21.x for Windows
  • Avast Free Antivirus 21.x for Windows
  • Avast One 21.x for Windows
  • Microsoft Windows 11 Home / Pro / Enterprise / Education
  • Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
  • Microsoft Windows 8.1 / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1 with Convenient Rollup Update, 32 / 64-bit


Updated on: 02/06/2022

Was this article helpful?

Need additional help?

Contact us

Device problems?

Our experts are here to help!

Call +44 80 8168 1097 for all your non-AVAST tech issues
For US residents only. Non-US residents, please click the banner to get your number.
Avast logo
Europe (English)
For home
For business
For partners
Company
1988-2023 Copyright Avast Software s.r.o.
Privacy policy Products policy Legal Report vulnerability Contact security Modern Slavery Statement Do not sell my info Subscription details