Avast Business

Avast Endpoint and Network Security Solutions

An easy-to-use cloud or on-premise platform accessible from anywhere with any device to quickly deploy Avast Business Antivirus products to multiple endpoints, provide continuous monitoring, and get the insight needed to deliver superior protection with in-depth reports, easy maintenance and real-time notifications,


  • AntiVirus
  • Central Dashboard
  • Cloud Platform
  • On-Premise Platform
  • Reporting
  • Policy Management
  • Real-Time Monitoring & Alerting
  • Patch Management
  • Remote Deployment
  • Tasks


  • Avast enterprise-grade endpoint and network security
  • Centrally manage the security of devices in the network
  • Activate devices, add devices to groups, configure antivirus settings
  • Set-up security tasks for managed endpoints; scans, messages, updates
  • Reports include blocked threats, task lists and protected devices
  • Receive instant email notifications on security threats or network issues
  • Centrally manage services of network


£5.15 to £28.13 per licence per year

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

3 8 6 5 8 7 5 4 3 6 1 9 6 6 1


Avast Business

Tom Davis

07948 234 091


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Antivirus and patch services are available as standalone products
Cloud deployment model Public cloud
Service constraints Scheduled maintenance is communicated by email and published on status page to customers
System requirements
  • Windows 7 (Service Pack 1) & Above
  • Windows Server 2008 R2 & Above

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Email response ~24hrs, but no SLA
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Accessable through Avast Management console
Web chat accessibility testing Auto response
Onsite support Yes, at extra cost
Support levels Online chat & telephone support is provided 24x5
Online chat & telephone support is included within the cost of the products
Onsite Pre-Sales support is free and can be requested by account manager
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online training is available but can also be provided through live screen share or onsite
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data will be deleted on requested, according to GDPR regulations
End-of-contract process Access to the platform is free. Products purchased on the platform include support.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The portal is available through browser, but user benefits from larger screen
Service interface No
Customisation available No


Independence of resources Fail over & contingency planning guaranteed under SLA


Service usage metrics Yes
Metrics types Active devices
Antivirus Status
Patch Update
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Account holder data can be exported upon request
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks Encrypted 256 AES
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Encrypted 256 AES

Availability and resilience

Availability and resilience
Guaranteed availability Availability of Cloud platform is 99.99% but is not an SLA
Outages are communicated to customer via status page & customers can subscribe to alerts.
Hosted version are not applicable
Customers can requested full refund within first 28 days.
Approach to resilience This information is available on request
Outage reporting Public dashboard & email alerts once subscribed

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels Blocking email address
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications *Tomas Novotny or Roman*

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards PCI DSS Compliant
Information security policies and processes Information Security Policy
Security Incident Handling Procedure
Physical Security Procedure
Information Classification & Handling Procedure
Infrastructure Security Baseline
Password Management Instruction
All managed by the Security Team, reporting to C-Level

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Asset register (CMDB) in place
Change Management Procedure defined
Major changes are assessed for potential security impact
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Threats assessed through antivirus, AI & EDR
Patches deployed every 2 weeks
Emergency Patching procedure defined
Threats identified from CyberCapture component
Qualys Guard used for enterprise vulnerability management
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Next Generation Threat Protection solution (intrusion detection and prevention system in place).
SIEM solution
Follow security incident handling procedure based on incident classification - High / Critical
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Yes, pre-defined process in place
Incidents reported using internal platforms
Regular reports created and reviewed

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5.15 to £28.13 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full product
30 day trial license

Service documents

Return to top ↑