This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Web Shield

This Article Applies to:

  • Avast Business CloudCare

 

Web Shield helps protect your system from threats when you are browsing the web by actively scanning data that is transferred to prevent malware from being downloaded and run on your PC. Detected malicious connections/downloads will be blocked by Web Shield automatically.

You can enable and configure web, HTTPS, and script scanning for Web Shield.

We do not recommend installing this component on a server OS that is also running Microsoft Exchange. The Exchange and Anti-Spam components handle Exchange-level filtering and will conflict with this component.

For Windows configuration options, see below. For macOS configuration options, see macOS Web Shield Settings.

Main Settings Tab

Web scanning: Choose whether to receive warnings when downloading files with poor reputations and/or to scan traffic from well-known browser processes only.

HTTPS scanning: Choose whether to use intelligent stream scanning, not scan trusted sites, block malware URLs, use script scanning, enable QUIC/HTTP3, and/or block botnet attacks.

Script scanning: choose which browsers on the end devices will be scanned by Web Shield during use.

Web Scanning Tab

Configure which items should be scanned when they are downloaded from the web.

Scan type: choose to scan all files, or selected file types (specified extensions and/or specified MIME-types), and choose whether to unpack archives with valid digital signatures.

Actions Tab

Control what actions are taken by Avast when a virus, potentially unwanted program (PUP), unwanted tool, or suspicious file is detected.

Main Action/First action to try: Select the first action you want your Antivirus to take (for example, if it will first attempt to fix or quarantine the threat, or delete it immediately).

Notification Options: Choose whether to show notifications when Web Shield takes action against a detected threat.

Packers Tab

Configure which archive (packer) files Antivirus should try to unpack during the scanning process. Unpacked files can be better analyzed for malware by Web Shield. Unpacking a file is the same as extracting a file from an archive. Original archives, including the files contained within, remain intact when being processed by your Shield.

You can select All packers, or specific packer files from the extensive list by checking the boxes.

Sensitivity Tab

Here, you can adjust the sensitivity of the Antivirus scan for Web Shield:

  • Heuristics Sensitivity: Heuristics enable Antivirus to detect unknown malware by analyzing code for commands that may indicate malicious intent. The default setting is Normal. With higher sensitivity, Antivirus is more likely to detect malware, but also more likely to make false-positive detections that incorrectly identify files as malware.
    • Use code emulation: Choose whether to use code emulations to unpack and test suspected malware in an emulated environment, where the files cannot cause damage to devices.
  • Sensitivity: Enable Test whole files to check the whole content of a file instead of the parts typically affected by malicious code. There is usually no need to enable this option, and it will likely impact system performance.
  • PUP and suspicious files: Choose whether or not to scan for potentially unwanted programs (PUPs). You can select the option separately for pre and post 21.5 and 21.6 versions of the Antivirus respectively. For versions 21.6 and newer, you can also choose whether to scan for potentially unwanted tools.

Site Blocking Tab

Configure the list of URL addresses that are blocked by Web Shield. Site blocking works very similar to configuring exceptions, only the configured addresses are blocked instead of excluded from scanning.

Script Exclusions Tab

Configure the list of scripts that are not scanned by Web Shield, listed by URL.

Report File Tab

Customize the content of the shield's report file, such as which items are included, the file name, and file type. The report is saved in C:\ProgramData\Avast Software\Avast\report (Windows 7 and higher).

macOS Web Shield Settings

These options can be accessed from the Antivirus section by going to the Mac Settings tab and selecting Web Shield.

Enable IPv6: Choose whether IPv6 is utilized.

Scan secured connections: Choose whether to scan secure connections, and/or secure connections from browsers only.

PUP: Choose whether to report potentially unwanted programs.

Exclusion list: Create a list of URLs that are not scanned by Web Shield.

Adding Web Shield Exclusions

If needed, you can add exclusions to the Web Shield scans through the Antivirus Exclusions settings of a selected policy. This can speed up the scans and prevent false-positive detections.

For more information on standard and component-specific exclusions, see Configuring Antivirus Exclusions.

Exclusions for macOS devices are added through the Mac Settings tab (see above).

 

Other Articles In This Section:

File Shield

Mail Shield

Behavior Shield

Related Articles:

Managing Policies