Advanced Firewall Features (AVG Business Cloud Console)
The following advanced features are available for the Firewall component of AVG Business Antivirus:
- Leak Protection: Protects the device from leaking potentially sensitive data by enabling packet rules to block certain types of communication.
- Port Scan Alerts: Warns about hacker and/or malware attempts to scan the device for open ports.
- ARP Spoofing Alerts: Warns about attempted Address Resolution Protocol spoofing attacks (when an attacker exploits the ARP to trick a device into communicating with an external device controlled by the attacker).
To manage these features from the console:
- Open the Policies page
- Click the desired policy to open its Detail drawer
- Select the Settings tab, then Firewall
- Expand the Firewall Settings section
- Select the Advanced tab
- Use the toggles next to the features to enable/disable them
When Port Scan and ARP Spoofing alerts are enabled, the detection dialogs will offer the following options to the user:
- Disconnect and block this network(recommended): Immediately disconnects from the current network and blocks any future connections to it. The Blocked message is displayed next to this network on the Network screen in Firewall settings.
- Stay connected but block the suspicious device: Remains connected to the network while blocking the external device conducting ARP spoofing. This allows continued internet usage but is not recommended due to potential additional threats on the network. Blocked devices can be managed in the Firewall settings.
- Ignore this potential threat — I trust this network: Takes no immediate action. It is not recommended unless the user is certain about the network's security.
Note that the Firewall advanced features are only activated in public (untrusted) networks.