Sandbox is available for Workstations only, not Servers.
Sandbox lets you run applications in a safe virtual environment, isolated from the rest of your device's system. This feature is useful when you want to run suspicious or untrusted applications without risk.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- In the Tools section, move the slider to enable Sandbox.
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Configuring the Location of Sandbox Storage
Sandbox is available for Workstations only, not Servers.
Sandbox storage is a file space completely isolated from the rest of your system and other Sandboxes.
When you run an application in Sandbox, all necessary files are always copied to Sandbox storage where they can be modified as needed without affecting the original files. Any new files created during virtualization are also saved to Sandbox storage.
By default, Sandbox storage is created in the same drive as the original file. If there is insufficient space on the pre-selected drive or you encounter disk performance issues, you may need to select a different drive or browse for another location.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Sandbox Storage tab.
- Select a drive by doing one of the following:
- Click the The same drive as the modified file check box.
- Click the drive check box, then select a drive from the drop box.
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Configuring Sandbox Web Browser Options
Sandbox is available for Workstations only, not Servers.
Enabling the Save trusted downloaded files setting saves files downloaded while browsing the web inside the virtualized window onto your device. This only applies to download processes which are identified as safe. If you clear this box, downloaded files are deleted when you close the Sandboxed browser.
Enabling exclusions options excludes your personalized data in web browsers from being deleted when you close Sandbox. Enable each box according to your preferences, or enable All settings and components to exclude all listed components plus browser extensions and add-ons.
In the Maintenance section, you can manage storage settings.
Enabling Cache web browser files (sandbox will not be automatically deleted) saves only the virtualized files for web browsers, improving the browser's performance in Sandbox.
Enabling Automatically cleanup Sandbox storage lets you specify how often cached contents are deleted.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Web Browsers tab.
- To save trusted downloaded files outside the Sandbox location, click the Save trusted downloaded files outside the sandbox check box.
- To choose settings and components that will not be virtualized when the web browser runs in the Sandbox, check any of the following check box:
- All settings and components (extensions, add-ons, etc.)
- Bookmarks
- History
- Cookies
- To save virtualized web browser files, click the Cache web browser files (sandbox will not be automatically deleted) check box.
- To clean up Sandbox storage on a recurring basis, with the Cache web browser files (sandbox will not be automatically deleted) check box enabled, click the Automatically cleanup sandbox storage check box, then do one of the following:
- Click the Once every check box and type the number of days between cleanups.
- Click the Once every check box and select a day of the week.
- Click the Every first check box and select a day of the week.
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Setting Which Applications Are Virtualized in Sandbox
Sandbox is available for Workstations only, not Servers.
Virtualizing processes is useful when you run questionable applications in Sandbox regularly. You can configure Sandbox to always virtualize a specific application or several applications contained within a folder.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Virtualized Processes tab.
- To automatically virtualize an application, type the path to the application, then click Add.
- To automatically virtualize any application in a folder, type the path to the folder, then click Add.
- Repeat steps 7-8 until all applications and folders are added.
- Click Apply Changes.
To stop virtualizing a process in Sandbox
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Virtualized Processes tab.
- Next to the process you want to stop virtualizing, click .
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Specifying Locations that Can't be Accessed by Virtualized Applications
Sandbox is available for Workstations only, not Servers.
Harmful applications running in Sandbox can attempt to capture sensitive data copied to the virtualized environment. To prevent malware from accessing this data, a list of common system locations is blocked by default. Click the Allowed check box next to any file or program that you want to access during virtualization.
You can also add your own locations to block or allow. Type the folder location manually into the text box or click Browse, click the relevant folder, then click OK.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Privacy tab.
- In the Private Pre-set Locations click one of the following check boxes for each location:
- Blocked
- Allowed
- For user-defined locations, type a file path, click either the Blocked or Allowed check box, then click the Add button.
- Repeat step 8 until all locations are defined.
- Click Apply Changes.
To Remove a Block from a Location so it can be Accessed by Virtualized Applications
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Privacy tab.
- Next to the process you want to stop virtualizing, click .
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Specifying Locations that Won't Be Virtualized
Sandbox is available for Workstations only, not Servers.
All files acquired during a Sandbox session are deleted when you close the sandboxed application. If you want to keep certain files, you can save them to a specified folder. We recommend using caution when saving files from sandboxed applications to excluded locations. If the application running in Sandbox is malicious, saving a file to a location on a device could be harmful.
Consider the options you have set up for your Sandbox when you add exclusion locations. For example, if you set your options to delete the contents of folders on exit, you might want to exclude the folder where you save files you download from the Internet.
Folder locations can include wildcard characters ? and *. The asterisk replaces zero or more characters, and the question mark replaces a single character. For example:
- To exclude a folder and its sub-folders, add * to the end of the folder name, for instance C:\example* .
- To exclude all folders labeled in a certain way on any of your hard drives, include ?:\ in front of the path, for instance ?:\example*.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Exclusions tab.
- Type a file path.
- Click Add.
- Repeat steps 7-8 until you have added all the paths you want to exclude.
- Click Apply Changes.
To Remove an Exclusion from a Virtualized Location
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Exclusions tab.
- Next to the exclusion you want to remove, click .
- Click Apply Changes.
Configuring Avast Business Antivirus Policies: Allowing Virtualized Applications to Access the Internet
Sandbox is available for Workstations only, not Servers.
You can control which applications can access the Internet when they are running in the Sandbox or are automatically virtualized by CyberCapture.
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Internet Access tab.
- To give all applications the same access, click one of the following check boxes:
- Allow all virtualized applications to access the internet
- Block internet access for all virtualized applications
- To customize which applications can access the Internet, check the Allow certain virtualized applications to access the internet check box, then do either of the following:
- If you want to let all web browsers access the Internet, check the Web browsers check box.
- To let another application access the Internet, type its file path, then click Add. Repeat this step until you've identified all the applications you want to access the Internet.
- Repeat step 8 until you have added all the paths you want to exclude.
- Click Apply Changes.
To Remove Permission For a Virtualized Application to Access the Internet
- Click Service Delivery > Policies > Avast Antivirus.
- Click the name of a policy.
- Click the Workstation Settings tab.
- Click the Active Protection tab.
- Click the Customize link in the Sandbox section.
- Click the Internet Access tab.
- Next to the application you want to prevent from accessing the Internet, click .
- Click Apply Changes.