AVG Enhanced Firewall - FAQs

General

What is Enhanced Firewall?

Enhanced Firewall monitors all network traffic between your PC and the outside world to protect you from unauthorized communication and intrusions. This feature is designed to require minimal input from you. To ensure you are protected, all you need to do is keep Enhanced Firewall enabled.

How can I enable or disable Firewall?

To ensure your full security, Enhanced Firewall is enabled by default. We recommend you keep Enhanced Firewall enabled at all times, unless you need to temporarily disable it for troubleshooting purposes.

To disable Enhanced Firewall temporarily:

1. Open AVG AntiVirus and click the Web & Email tile on the main application screen.
2. Click Open above Enhanced Firewall.
3. Click the green (ON) slider, then select a time duration to specify how long Enhanced Firewall will remain disabled.
4. Click OK, stop to confirm.

The slider is red (OFF), and Enhanced Firewall is disabled for the selected time duration. To manually enable Firewall, follow steps 1-2 above, then click the red (OFF) slider so that it changes to green (ON).

What happens when I connect to a new network?

Each time you connect to a new network, Enhanced Firewall automatically recognizes whether the network is private or public, and applies the relevant settings below:

• Private networks (such as your home or work network) require a lower level of security, and are automatically marked as trusted. Each time you connect to a trusted network, Enhanced Firewall permits all communication within the network and applies a lower level of security to enable better connectivity.
• Public networks (such as in a cafe or airport) present a greater security risk, and are automatically marked as untrusted. Each time you connect to an untrusted network, Enhanced Firewall blocks all incoming communication and applies a higher level of security to ensure your privacy and safety.

If necessary, you can change whether a network is trusted or untrusted via Web & Email ▸ Enhanced Firewall ▸ Networks. For more information, refer to the following article:

• Getting Started ▸ Add trusted and untrusted networks

Is Enhanced Firewall available in AVG AntiVirus FREE?

Yes. From application version 21.10 and later, the core Enhanced Firewall functionality is available in all AVG AntiVirus products. However, the following premium Enhanced Firewall features are only available if you have a paid AVG Internet Security subscription:

• Leak Protection
• Port Scan Alerts
• ARP Spoofing Alerts

For more information about these features, refer to the Premium Features section.

Features

How can I use the Networks tab?

The Networks tab is available via Web & Email ▸ Enhanced Firewall ▸ Networks.

This section lists all of the networks that you have previously connected to. The following options are available for each network:

• Click Show settings and specify if the network is trusted or untrusted.
• Hover your cursor over the network panel, and click the Show network details icon to see technical information about the network.

For more information about the Networks tab, refer to the following article:

• Getting Started ▸ Add trusted and untrusted networks

How can I use the Apps tab?

The Apps tab is available via Web & Email ▸ Enhanced Firewall ▸ Apps.

This screen lists all of the apps on your PC that are currently using your internet connection. The following options are available for each app:

• Click Block next to an app to ensure that Enhanced Firewall always stops this app from connecting to the internet or to other networks.
• Hover your cursor over the app panel, and click ⋮ Show more (three dots) to choose from the following options:
  • Turn on Ask me Mode: ensure that Enhanced Firewall prompts you to manually allow or deny each connection attempt for this app.
  • Show app details: view basic information about this app.
  • Show app rules: open the advanced Application rules for this app.

For more information about the Apps tab, refer to the following article:

• Getting Started ▸ Manage apps

How can I use the Logs tab?

The Logs tab is available via Web & Email ▸ Enhanced Firewall ▸ Logs.

This screen lists your recent Enhanced Firewall activity. You can use the drop-down menu to specify which activity type you want to see. The following options are available:

• Blocked apps
• Blocked devices
• Applied rules

You can also specify a time period (for example, Past hour).

Premium Features

What is Leak Protection?

Leak Protection increases your security on public networks by preventing your PC from leaking potentially sensitive information to the network, including your login credentials, computer name, and email address.

We recommend enabling Leak Protection whenever you are connected to a public Wi-Fi network (such as in an airport or cafe). To enable this feature, go to Web & Email ▸ Enhanced Firewall ▸ Premium. Ensure that the slider under Leak Protection is green (ON).

What is Port Scan Alerts?

When Port Scan Alerts is enabled, Enhanced Firewall alerts you if hackers or malware attempt to scan your PC for open ports.

We recommend keeping Port Scan Alerts enabled at all times. To enable this feature, go to Web & Email ▸ Enhanced Firewall ▸ Premium. Ensure that the slider under Port Scan Alerts is green (ON).

What happens if Port Scan Alerts detects a threat?

If Port Scan Alerts detects a threat, AVG informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:

• Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settings ▸ Unblock.
• Stay connected but block the suspicious device: Remain connected to the network, but block the device that is being used to scan your ports. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via ☰ Menu ▸ Settings ▸ Basic protection ▸ Enhanced Firewall ▸ Blocked devices.
• Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.

What is ARP Spoofing Alerts?

When ARP Spoofing Alerts is enabled, Enhanced Firewall alerts you about ARP spoofing attacks.

ARP spoofing is when an attacker exploits the Address Resolution Protocol (ARP) to trick the devices on a network into communicating with an external device that is controlled by the attacker. This allows the attacker to intercept your network traffic, which includes private messages, payment details, and login credentials.

We recommend keeping ARP Spoofing Alerts enabled at all times. To enable this feature, go to Web & Email ▸ Enhanced Firewall ▸ Premium. Ensure that the slider under ARP Spoofing Alerts is green (ON).

What happens if ARP Spoofing Alerts detects a threat?

If ARP Spoofing Alerts detects a threat, AVG informs you that the network might not be safe. You can choose one of the actions below in the dialog that appears:

• Disconnect and block this network (recommended): Immediately disconnect from the current network and block any future connections to the network. The Blocked message is shown next to this network on the Networks screen. To unblock the network, select Show settings ▸ Unblock.
• Stay connected but block the suspicious device: Remain connected to the network, but block the external device that is intercepting your network traffic. This allows you to continue using the internet, but is not recommended because additional threats may be present on the network. You can manage blocked devices via ☰ Menu ▸ Settings ▸ Basic protection ▸ Enhanced Firewall ▸ Blocked devices.
• Ignore this potential threat — I trust this network: Take no action. We do not recommend selecting this option unless you are certain that the network is secure.

Advanced Settings

How can I specify the rules that Enhanced Firewall applies for new apps?

To specify the rules that Enhanced Firewall applies for new apps that do not yet have assigned app rules:

1. Open AVG AntiVirus and click the Web & Email tile on the main application screen.
2. Click Settings (the gear icon) in the top-right corner of the screen.
3. Click Basic protection ▸ Enhanced Firewall in the left panel.
4. Use the drop-down menu under How should Firewall treat new apps? to select one of the options below:
   • Smart Mode (the recommended and default option): Enhanced Firewall automatically creates and applies rules that are based on the trustworthiness of the app.
   • Block: Enhanced Firewall blocks all connection attempts by new apps.
   • Allow: Enhanced Firewall allows all connection attempts by new apps.
   • Ask: You are prompted to manually allow or deny connection attempts by new apps.

What are Application rules?

Enhanced Firewall creates Application rules each time an application or process starts for the first time. These rules determine how Enhanced Firewall behaves toward each application or process when it connects to the internet or to another network. Advanced users can set connection allowances for each individual app to determine how strictly Enhanced Firewall monitors any incoming or outgoing communication.

To configure your application rules:

1. Open AVG AntiVirus and click the Web & Email tile on the main application screen.
2. Click Settings (the gear icon) in the top-right corner of the screen.
3. Click Basic protection ▸ Enhanced Firewall in the left panel.
4. Select View Firewall rules.
5. Select the Application rules tab.

For more information about using the Application rules screen, refer to the following article:

• Setting up Enhanced Firewall Application rules in AVG AntiVirus

What are Network rules?

Network rules (previously known as Packet rules) control whether network traffic is allowed or blocked according to the information contained in network packets. This information may include network protocols, source or destination IP addresses, or local and remote ports. Advanced users can manage these rules or create new ones.

To configure your network rules:

1. Open AVG AntiVirus and click the Web & Email tile on the main application screen.
2. Click Settings (the gear icon) in the top-right corner of the screen.
3. Click Basic protection ▸ Enhanced Firewall in the left panel.
4. Select View Firewall rules.
5. Select the Network rules tab.

For more information about using the Network rules screen, refer to the following article:

• Setting up Enhanced Firewall Network rules in AVG AntiVirus

What are Basic rules?

Basic rules (previously known as System rules) are a range of Enhanced Firewall rules that control network traffic for the most common connection types related to specific system capabilities.

To configure your basic rules:

1. Open AVG AntiVirus and click the Web & Email tile on the main application screen.
2. Click Settings (the gear icon) in the top-right corner of the screen.
3. Click Basic protection ▸ Enhanced Firewall in the left panel.
4. Select View Firewall rules.
5. Select the Basic rules tab.

For more information about using the Basic rules screen, refer to the following article:

• Setting up Enhanced Firewall Basic rules in AVG AntiVirus