Get this font in here!
This Article Applies to:
- Avast Business Hub
Behavior Shield is an additional layer of Antivirus active protection. It monitors all processes the devics in real time for suspicious behavior that may indicate the presence of malicious code. Behavior Shield works by detecting and blocking suspicious files based on their similarity to other known threats, even if the files are not yet added to the virus definitions database.
Behavior Shield is available for Windows workstations only.
Configuring Behavior Shield Settings
To define which action the shield should perform upon detecting a suspicious program:
- Open the Policies page
- Click the desired policy to open its Detail drawer
- Select the Settings tab, then Antivirus
- Expand the Behavior Shield section (under Antivirus Protection)
- Choose between:
- Always ask: Behavior Shield asks what you want to do with a detected threat before any action is taken
- Automatically move detected threats to Quarantine: Threats that behave similarly to known threats listed on the Avast virus definitions database are moved to Quarantine
- Automatically move known threats to Quarantine (enabled by default): Threats that are listed on the Avast virus definitions database are moved to Quarantine, unknown threats will be asked
Adding Behavior Shield Exclusions
If needed, you can add exclusions to the
For more information on standard and component-specific exclusions, see
The managed endpoints are designed to be controlled from the policies, therefore the important shields are inaccessible from the UI to be disabled individually. Core Shields can only be disabled together.
The local Antivirus is simplified with its controls in the UI. The user can only control all shield settings from these toggles at once, rather than individual settings for each shield.
We have the advanced controls in our managed policies to be able to configure each shield individually, which overwrites the local client settings, leading to these options being empty. The same can be performed from the Geek Area.
They are still configured correctly, they simply are not visible in the local client UI.
Enable the password protection of the UI (locally in unmanaged, from the policies in managed) in order to prevent the local user disabling shields.
Add the application as an exclusion either in the global or Behavior Shield specific exclusions. Verify if there are any potentially conflicting applications (e.g. another antivirus) running on the system and remove it if found.
Other Articles In This Section: