Do I Need Firewall With Free Avast For Mac
Avast Firewall comes built into its various packages, and although it’s much better than the native firewall available with Windows, it can still sometimes run into issues. You might find that there is an apostrophe sign looming over your Avast icon on the toolbar, and on opening Avast you find Avast Firewall is turned off.
Macs may be a far less tempting target for malware and viruses, but they’re not immune from attack. Even if you don’t care about adware or being used as a means to infect users on other platforms, it’s still possible to fall victim to ransomware, password theft, or stolen iPhone backups.
Accordingly, good antivirus software will protect your Mac on all of these fronts. It’ll catch malware that’s still spreading or in circulation; block ransomware; protect older systems with out-of-date software from security vulnerabilities; prevent your Mac from acting as a carrier for malware aimed at other operating systems; and keep infected files off of any virtual machines you’re running.
Antivirus for Mac cheat sheet
Our quick-hit recommendations:
- Best paid antivirus for Mac:Sophos Home Premium for Mac[sophos.com]
- Best free antivirus for Mac:Avast Free Mac Security[avast.com]
Many antivirus suites provide a decent level of protection, but a few rise above all others by providing the very best in performance. Our top contenders dominate by posting perfect (or virtually near perfect) scores from security research labs, passing our own malware detection tests with flying colors, offering well-designed interfaces, and even throwing in extra features like a firewall or password manager.
Do I Need A Firewall With Free Avast
Updated 08/15/19: Added our review of Avira Free Antivirus, a worthy free option that’s easy to use and effective.
Looking for Windows antivirus recommendations? You can read about the best antivirus suites for PC on our sister site, PCWorld.
Best overall antivirus software
on Sophos
Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price.
Sophos Home Premium has it all: Effective malware protection, ransomware monitoring, protection against potentially-unwanted-apps, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing (up to 10 Macs and PCs) also make it easy to shield friends and family from threats, no matter where they live. (Full details available in our review.)
Best free antivirus software
Though Sophos does offer a good free version of its software, Avast Free Mac Security edges it out as the best free antivirus software for macOS. In security lab tests, Avast detected 99.9 percent of macOS malware, and 100 percent of Windows malware. However, if you want more advanced protection (like ransomware detection), you’ll need to upgrade to paid software.
What to look for in antivirus software
By our reckoning, antivirus software should be able to neutralize a threat before it can begin wreaking havoc. That means preventing the download, installation, or execution of malicious software.
Since you can encounter threats by visiting compromised or malicious websites, receiving virus-laden attachments, or accessing USB drives with malware, good AV software should scan on a continuous basis unless you configure it otherwise. And ideally, files identified as malicious should be quarantined into a special storage area managed by the AV software, with the option to automatically delete files known to be malware or repair normal documents that also carry devious payloads.
Great AV suites also will monitor the filesystem for certain kinds of changes. Ransomware — which is malware that will rapidly encrypt user files like documents and mailboxes and then delete the originals — has become a huge moneymaker on other platforms. As a prime opportunity for attackers, it’s the greatest danger Mac users likely face as a category.
Detecting this pattern and halting it before any files are unavailable should be possible without an anti-malware system knowing the specific innards of a ransomware virus. Sophos, our top pick, includes this feature in the Home Premium version of its 2018 update. Other vendors, like Avast and Trend Micro Antivirus, offer an alternative feature that allows you to whitelist programs allowed to manipulate files in specific directories. So if this particular type of attack becomes rapidly popular, you’ll be protected.
Good antivirus software should also use minimal computational resources. That’s especially the case these days — AV monitoring hasn’t become much more complicated than when it first became available, and faster, multi-core CPUs can easily handle the demands of running AV software in the background without disturbing your active work.
Beyond these primary features, an easy-to-navigate interface and extra features are worth factoring into your decision. Some AV software are full-fledged suites that offer additional options like backup service for essential files, a password manager, parental controls, anti-tracking and privacy modes or options, a more advanced firewall, and the blocking of Potentially Unwanted Applications (PUAs).
How we test
Each software package is evaluated creating a clean installation of macOS Mojave, cloning it for each AV product, and then booting separately into each one to install a different package. This was to ensure that previous app installations didn’t interfere with new ones — sometimes AV software treats other AV software as an infection.
In addition to visiting malicious websites, downloading known malicious software, and even running said malware, we also reference the most recent reports from two labs that regularly cover macOS malware: AV Comparatives and AV-TEST. These laboratories test AV software against sets of known malware as well as products that are grouped as potentially unwanted applications (like adware).
The latter doesn’t damage or expose your computer or its files but may consume power and CPU cycles. Because the testing effectively looks at a combination of virus databases and behavior, they remain good gauges even after many months. When an antivirus software package lacks a rating from a known security research lab, we do more extensive testing with real malware.
Finally, while we gave props for a lot of different features and behaviors, we marked products down if they lacked any or all of the following:
- A nearly perfect score on macOS malware detection
- Ransomware monitoring
- Native browser plug-in or system-level Web proxy
- A high score on Windows malware detection
Privacy concerns
Using an anti-virus product, especially any that includes tools to also improve your online privacy, may lull you into believing you’re safe from personal and private information leaking out. That’s not quite the case. While there’s no reason to panic, you should consider a few reasonable issues.
First, an antivirus product may upload the complete text of files flagged to the cloud, where it can be analyzed by separate tools hosted there. This practice is normal and sensible: Some malware can detect when a running process may examine it, and will then engage in subterfuge. Antivirus software makers also can access their massive databases to examine files with characteristics that trigger their algorithms — certain elements that match known malware. As a result, security researchers discover new viruses, worms, Trojans horses, and the like.
However, helping the greater good means you’ll have to be comfortable with trusting a third-party with your file contents. Where appropriate, we noted privacy policy issues in individual reviews.
Second, this software may also rely partly or entirely on cloud-based checks of URLs, malware, and the like. Accordingly, an AV package might upload every URL you visit, metadata about files, signatures of files, information about your computer’s hardware, a list of running or installed applications, and more. Companies vary on their disclosure of such policies, and may not let you opt out of this kind of sharing. We note issues in each review as available.
Third, anti-virus software makers also get a sense of what behavior is happening on your computer that’s being monitored or blocked, and may use that information for their own purposes. In some cases, you can opt out of this information gathering.
Best Firewall For Mac
All of our antivirus for Mac reviews
If you have specific requirements or just wish to see other options, below is a list of all the antivirus software we’ve reviewed. We’ll keep evaluating new and refreshed software on a regular basis, so be sure to come back to see what else we’ve put through the ringer.
Firewall is a component of Avast Premium Security and Avast Omni, which creates rules each time an application or process starts for the first time. These rules determine how Firewall behaves toward each application or process when it connects to the internet or to another network. Although advanced users can manage these rules or create new ones, we recommend you only modify your Application Rules if absolutely necessary. In most cases, Firewall formulates optimal rules without your input.
Create a new application rule
Default rules are created automatically for applications from known and trusted sources the first time you start the application after Avast Premium Security or Avast Omni is installed. Application Rules are organized into groups, predefined according to application vendor. To add an application to an existing group:
- Open the Avast user interface and go to Protection ▸ Firewall.
- Click Application settings at the bottom of the screen.
- Click New application rule and select a group (vendor).
- Locate and select the executable file of the application you want to add.
- Click the group name, then use the orange bars to indicate the level of access you want to allow.
To create a new group, click New Group and provide a name for the group.
Adjust access restrictions
You can set connection allowances for each application or process to determine how strictly Firewall monitors incoming or outgoing communication.
Click a group (or vendor name) in the Application column, then use the orange bars in the Allowed connections column to set the authorization level for a specific application:
- One bar (Friends out): outgoing connections with Friends networks only.
- Two bars (Friends in/out): incoming and outgoing connections with Friends networks only.
- Three bars (Internet out): all outgoing connections to the internet.
- Four bars (Friends in and Internet out): incoming connections with Friends networks only, and all outgoing connections to the internet.
- Five bars: (All connections): all incoming and outgoing connections to the internet.
- To Block all connections for an application, hover your cursor over the orange bars and click the red block symbol that appears.
The networks referred to as ‘Friends’, are any networks outside of your current network that are considered trusted by Firewall. These networks are automatically identified and exempt from default Firewall restrictions when your current Network profile is set to Private. When Firewall is set to the Public profile, the default higher level of security is applied to all networks, including the ‘Friends’ networks.
Set actions for unauthorized connections
In addition to defining the types of connections you authorize for applications or processes, you can also specify how Firewall behaves when it detects a non-authorized connection. To define Firewall behavior for a non-authorized connection:
- Click a group (or vendor name) in the Application column to open the list of applications or processes in that group.
- Select an application or process to expand its individual communication settings.
- Use the drop-down menu to manage the program’s behavior. The following behaviors are available:
- Default rule: Firewall decides to allow or block connections based on the settings of the active Firewall Network profile (Private or Public).
- Auto-decide: Firewall allows connections with verified applications, but blocks connections from unknown or suspicious applications.
- Block: Firewall blocks all other connections.
- Ask: Firewall asks you to decide if you want to allow or block a connection each time a new request is received. Selecting this option may result in frequent and potentially obtrusive alerts.
Network profiles control the settings that determine how strictly Firewall protects your PC. Each time you access a known network, Avast remembers and applies the applicable Firewall profile (as previously set by you). Each time you connect to a new network, Avast prompts you to select the appropriate profile. The default profile setting when no profile is selected is Public. The network profiles are:
- Private: a lower level of security suitable for when your PC is connected to a trusted network such as your home or work network. This profile enables better connectivity, and permits all communication within the network.
- Public: a higher level of security suitable for when your PC is connected to a public network such as in a cafe or airport. Because public networks present greater security risks, no incoming communication is permitted when this profile is set.
Specify authorized ports
Tighten rule restrictions even further by specifying the network ports each application uses for communication when an incoming or ongoing connection is allowed. To specify authorized ports:
- Click a group (or vendor name) in the Application column to open the list of applications or processes in that group.
- Select an application or process to expand its individual communication settings.
- Specify the Outbound ports and Inbound ports that you allow the application or process to communicate with. Specify ports in the following ways:
- Type specific port numbers into the text box. For multiple ports, separate each port number with a comma.
- Select All from the drop-down menu to authorize communication with all ports.
- Select a predefined port number from the drop-down menu.
- Optionally, configure Packet rules from the Application rules screen by following steps 1–2 above, then clicking Packet rules. While Firewall uses Application Rules to control traffic according to individual rules for programs or services, Packet rules can also be configured to control network traffic using specified connection parameters. Packet rules enable you to view and manage Firewall rules according to the information contained in network packets, such as network protocols, source or destination IP addresses, or local and remote ports.
Different application or process types require different ports. For example, for internet browsers, port 443 is the default port used for HTTPS (secure HTTP), and port 80 is the most commonly used port for HTTP (unsecured), therefore the Application rules port entry is 443,80
. For information about the correct network port to specify for an application, contact the application vendor or refer to the application's documentation or support pages.
- Avast Premium Security 19.x
- Avast Omni 1.x
- Avast Premier 19.x
- Avast Internet Security 19.x
- Microsoft Windows 10 Home / Pro / Enterprise / Education — 32 / 64-bit
- Microsoft Windows 8.1 / Pro / Enterprise — 32 / 64-bit
- Microsoft Windows 8 / Pro / Enterprise — 32 / 64-bit
- Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate — Service Pack 1, 32 / 64-bit