Get this font in here!
This Article Applies to:
- Avast Business Hub
The main way to manage devices via the
All created policies will be visible on the Policies page of the Business Hub.
- Status: In use (applied to device(s)) or Unused (not applied to any devices)
- Policy name: Name of the policy and its description, if any. Clicking the name will open the policy's Detail drawer (see the Policy Settings section for more information).
Site/Customer/Company policy (multi-tenant/partner/single-tenant) or Global policy - site/customer (multi-tenant/partner only - see the Global vs. Site Policies section for more information)
- Assigned/Overrides: The number of devices assigned to the policy, and the number of devices that override the policy individually in the device detail. Clicking the count will open the Assignments tab of the policy (see the Assignments section for more information).
- Last Modified: Last modified date/time (tooltip displays the exact date/time)
Also, a star icon will be displayed next to the default policy.
At the top (company) level of the multi-tenant/partner Business Hub, aside from site policies, you will have the option to view and manage global policies, i.e. policies that apply to multiple sites (see the Global vs. Site Policies section below for more information). You can switch between the two policy types via the tabs at the top of the page.
The Site Policies tab will contain policies from all sites and display the same information for them as at the site level, plus the site/customer name so you could easily see which site each policy applies to.
The Global Policies tab will also display the policy status, name, type, and date/time of last modification, but instead of the Assigned/Overrides column, you will see the Assigned column, showing the number of sites each global policy applies to.
Global vs. Site Policies
As mentioned above, there are two policy types in the multi-tenant/partner Hub: global and site policies. A site policy, as the name suggests, applies only to its respective site, whereas a global policy can be assigned to multiple sites to allow real centralized control of settings.
When a global policy is applied to a site, it will be displayed at site level as Global policy - site.
From here, the admin (global or site) can further modify the policy as they require for that site, meaning they will have centralized control, with the possibility of local customization. Changes made here will not affect the global policy itself, as it is a local copy of the global policy.
The policy can also be converted to a site policy via the policy's Detail drawer (see the Overview Tab section).
Another major difference between global and site policies is the possibility to lock policy settings. In global policies, the global admin can lock each setting to ensure the local site copy cannot be modified. This is especially useful when some settings are mandatory (e.g. client UI protection that all customers must have). Site policies do not have this option.
Once a setting is locked by closing the padlock, it will become completely inaccessible in the site-level policy. This can only be changed by the global admin.
All settings of a policy can be accessed by clicking the policy's name, which will open its Detali drawer, split into four main tabs:
A single policy contains settings for Windows
Note, however, that some policy settings are not available for all operating systems - the OS icons displayed next to each section and setting will inform you which OS a setting can be applied to.
This tab provides some brief details about the policy: description (editable), type, time of creation and of last update, name of the user who created/updated it, and template type used for its creation (Avast recommended policy for workstations, Avast recommended policy for servers, or an existing policy).
For the local copy of a global policy (Global policy - site/Global policy - customer), you will also have the option to convert it to site policy.
Detailed settings for the Business Agent and each service available in the account are found here, divided into several tabs:
- Cloud Backup*
- USB Protection*
- Patch Management*
- Restart Options: Select when to restart endpoint devices between only when needed by the Antivirus or Patch Management service, automatically, when user logs off, or not at all. For more information on these options, see
Configuring Automatic Restarts.
- Proxy Settings: Set up HTTP or SOCKS v4 proxy when a network uses proxies for end devices (see
Configuring Proxy Settings for Devices).
- General Settings: Set up version switch (available for beta-enabled accounts only), UI protection, silent mode, reputation services, Avast tray icon, scanning of external drives, CyberCapture, and hardened mode (see
General Antivirus Settings). In this section, you can also modify privacy settings of endpoint users (see Configuring Privacy Settings in Business Hub).
- Antivirus Scans: Set the frequency of quick and full system Antivirus scans (see
Scheduling Antivirus Scans).
- Updates: Select either automatic or manual updates for your virus definitions and Antivirus program (see
Configuring Virus Definitions and Antivirus Updates).
- Troubleshooting: Enable or disable the anti-rootkit monitor, Avast self-defense module, limited program access for Guest accounts, hardware-assisted virtualization, delayed Avast startup, LSA protection, debug logging, or enter the details for your mail ports (see
Troubleshooting Features in Business Hub).
- Antivirus Protection: Enable, disable, and configure settings for the main protection components (follow the links under Configuring Components in
Component Overviewfor more information)
- Data Protection: Enable, disable, and configure settings for
Data Shredder, Exchange Shield, or SharePoint Shield.
- Identity Protection:
Enable or disable Browser Cleanup and Passwords, configure settings for Webcam Shield, or set up Password Protection.
- Networks: Select the firewall profiles for undefined network connections, and define networks (see
Firewall Network Settings).
- Firewall rules: Set the various
Firewall System Rules, Firewall Application Rules, and Firewall Advanced Packet Rules.
- Advanced: Enable or disable Leak Protection, Port Scan Alerts, and ARP Spoofing Alerts (see
Advanced Firewall Features).
- What to backup: Define folders and content to be backed up (All files or Only specified file types)
- Specify file types: In case of backing up only certain types of files, select them here
- Skip files based on file size: Exclude the files whose size exceeds a defined lower or upper limit from the backup
- Exceptions: Click on the provided link to the Exclusions Tab tab to define the folders and file types to be excluded from the backup
- Schedule: Define the frequency of backups
- Retention: Choose how long the backed up data will be stored before being deleted
For more information, see Configuring Cloud Backup.
The link in the VPN section will send you to the Devices page, where you can enable or disable VPN connections for each of your devices. For more information, see VPN.
- Access to removable storage devices: Allow or block access to connected devices with storage capabilities (see USB Protection).
- Patch Scans and Deployments: Set the frequency of scans for missing patches, and whether or not to deploy m issing patches immediately, on a specific schedule, or manually (see
Scanning Devices for Missing Patches).
- Other Settings: Select when to clear the local patch files on the end device (see
Configuring Cache Clearance).
This is the central area for exclusion configuration for all services where exclusions are possible.
- Antivirus exclusions: Specify paths to be excluded from either all scans and shields or specific shields only (see
Configuring Antivirus Exclusions).
- Patch Management exclusions: Specify vendors/products to be excluded from patch deployment (see
Configuring Patch Management Exclusions).
- Cloud Backup exclusions: Specify folders and file types to be excluded from backup (see Configuring Cloud Backup Exclusions).
- USB Protection exclusions: Specify removable devices to be excluded from USB Protection (see Configuring USB Protection Exclusions).
Other Articles In This Section: