Firewall - Settings
Manage these settings from: ☰ Menu ▸ Settings ▸ Components ▸ Firewall ▸ Customize
The Firewall Policies screen enables advanced users to manage their Firewall rules for blocking unauthorized access while permitting authorized communication.
By default, Firewall is configured to provide optimal protection when switched on. We therefore strongly recommend you only make configuration changes if you have an advanced understanding of firewall principles. After making any changes, click OK to save Firewall settings.
Note: Firewall is available in Avast Ultimate, Avast Premier and Avast Internet Security only.
Specify Default Rules
Indicate how you want Firewall to behave when it encounters programs that are being run for the first time and therefore do not have predefined application rules:
- Auto-decide (default): authorizes Avast to select the most appropriate setting for each program according to how it behaves.
- Allow: enables all programs without predefined application rules to access the network.
- Block: prohibits all programs without predefined application rules from accessing the network.
- Ask: prompts you to decide whether to allow or block access to the network every time Firewall encounters a program without predefined application rules. This selection may result in frequent and potentially annoying requests for your input.
To apply different settings according to the network profile (Private or Public), tick Use separate setting for each firewall mode.
Set Policy Preferences
Manage your Firewall policy preferences:
- Show notifications about newly created "allow" rules: sends an alert message each time a new rule related to authorizing communication is created by the auto-decide feature. Ticking this option may result in frequent and potentially annoying alerts.
- Show notifications about newly created "block" rules: sends an alert message each time a new rule related to prohibiting communication is created by the auto-decide feature. This option is ticked by default.
- Internet Connection Sharing mode: allows a trusted user to connect to the internet through your PC, or to troubleshoot problems with devices, such as your printer, connected to the internet via your PC. Ticking this option opens certain ports which are usually closed, decreasing the level of security. always untick this option when the user no longer needs access to your internet connection or you finish troubleshooting.
- Allow all connections with Friends when in Private mode: allows all networks listed as Friends when you are connected to a Private mode network.
Create Packet Rules
In addition to Application rules which control traffic according to individual rules for programs or services, advanced users can also manage Packet rules to control network traffic based on connection type.
- System rules: click to configure packet rules to control network traffic for the most common connection types related to specific system capabilites, such as VPN protocols, in a simplified view. Read more...
- Packet rules: click to further define packet rules by specifying whether network traffic is allowed or blocked according to the information contained in network packets. Read more...
Other Firewall settings
Use the tabs on the left-side of the window to manage different aspects of Firewall behavior.
Network profiles
The Network profiles screen displays a list of the networks you are either connected to or have previously connected to from your PC. These networks are listed according to how recently your PC accessed them. You can manage your Firewall preferences for profile switching and the settings specific to each network.
Specify how you want Firewall to behave each time you change from one network to another if the profile is different:
- Enable automatic profile switching: authorizes Avast to automatically change the Firewall profile when you connect to a known network with a different profile to the previously connected network. This option is ticked by default.
- Show notifications about automatic profile switching: alerts you each time your Firewall profile changes (for example, when you change from a Private network to a Public network or vice versa). Ticking this option may result in potentially annoying alerts.
Click a row of network details to manage the following settings:
- Name: modify the name of the network.
- Profile: change the network settings according to whether the network is Private or Public. We recommend you apply the Public profile to all networks that are not your private network, such as when you connect to the internet in a cafe or at an airport.
If applicable, the MAC address is also visible, however, this field cannot be edited. A MAC address refers to the hardware address of a router.
Friends
Use the Friends settings screen to list any networks outside of your current network that is considered as trusted by Firewall. These networks, referred to as 'Friends', are exempt from default Firewall restrictions that affect unknown networks.
Friends exemptions only apply while you are connected to Private networks. When Firewall is set to the Public profile, default restrictions apply to all networks including those that you see as Friends.
Note: Trusted networks are identified as Friends automatically and cannot be manually configured.
Advanced
Advanced Firewall settings are available for users who need to make settings changes in Firewall for exceptional use cases.
Specify your Firewall Logs settings:
- Maximum number of records: modify how many rows of activity Firewall can log. Reducing this number saves disk space but means your Firewall Logs contains less history.
- Log all blocked packets: enables Firewall to log every blocked packet. If you do not tick this option, Firewall only logs connections. Typically, you only need to log all packets when troubleshooting security breaches.
Determine how you want Firewall to manage port scan attempts:
- Enable automatic port scan detection: authorizes Firewall to detect port scan attempts. This option is ticked by default.
Port scanning is a technique hackers commonly use to identify vulnerable or unsecure devices on a network. If Firewall detects a port scan, the offending IP address is blacklisted and all communication with that IP address is blocked until you reboot your PC. - IP block timeout: specify how far back you want Firewall to search your recent network traffic history for suspicious network packets. The default period is 1800000 milliseconds (thirty minutes). Increasing this value can lead to false positive detections.
Indicate your raw socket preference:
- Enable raw sockets: enables communication with applications that use raw sockets instead of specific communication protocols. This option is ticked by default. Unticking this option slightly increases the security of your PC but creates significant connectivity issues with any applications that use raw sockets.