This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Real Site

This Article Applies to:

  • Avast Business Hub

 

Real Site (aka Secure DNS) is an Antivirus component designed to protect against Domain Name System hijacking. DNS hijacking (or DNS redirection) is a type of malicious attack that redirects you from the site you want to visit to one that may look just like it, but that can steal information such as usernames, passwords, and credit card details. This type of attack is especially dangerous when used with banking and shopping websites. In some cases, DNS hijacking may be recognized only after your sensitive data has been compromised.

Real Site is available for Windows and macOS workstations only.

How Real Site Works

Every time you enter the URL of a website into the address bar of your browser, the URL is translated to the IP address of the web server where the web page that you want to access is stored. Real Site provides an encrypted connection between your web browser and Avast's own DNS server with the aim of preventing DNS hijacking. In other words, Real Site is meant to ensure that the displayed website is the authentic one.

The component will connect to Avast backend to query the list of our DNS servers and select the best one based on the connection/load.

Firewall Requirements

  • UDP 443 - Encrypted communication
  • UDP 53 - Secure DNS services

If the firewall blocks these ports, Real Site tries to connect to them by TCP protocol.

Configuring Real Site Settings

In the Business Hub's policies, Real Site will be located under the Antivirus Protection section in Settings > Antivirus, and it will be disabled by default. Once the component is enabled, you can choose which level of protection will be applied to trusted and untrusted networks, and whether Real Site will support encrypted DNS in browsers.

The available protection levels are:

  • Maximum protection (default for untrusted networks): All DNS traffic, including encrypted DNS, will be re-routed via our secured DNS servers.
  • Smart routing (default for trusted networks): Unprotected DNS traffic will be re-routed via our secured DNS. This option provides best balance of security and performance.
  • Disabled: No traffic will be re-routed via our secured DNS.

As for the encrypted DNS support, we recommend keeping the default setting (enabled), as this extends Real Site's protection to browsers that use the DoH (DNS over HTTPS) protocol to encrypt DNS traffic.

Adding Real Site Exclusions (Windows Only)

For Windows devices, it's possible to exclude sites from Real Site checks. This will mean that the DNS resolution will not be verified through the secure connection to Avast servers, and will default to the device's DNS settings.

To add Real Site exclusions:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Select the Exclusions tab
  4. Expand the Antivirus exclusions section
  1. Within the All Scans and Shields tab, scroll down to URL Addresses
  2. Click + Add new exclusion
  1. In the dialog, enter the website(s) you want to exclude using the dns://domain.com/* format
  2. Once done, click Add new exclusion

Overriding Policy Settings

Via the Services tab of a device, you can override its policy configuration for Real Site by ticking the Manually customize settings inherited from policy checkbox under Antivirus and then toggling the component on/off.

To learn more about policy overrides, see Overriding Inherited Policy Settings.

Verifying Real Site Status

You can check Real Site's status on an end device by going to https://securedns.ff.avast.com/ from the device. If the component is active, the following message will be displayed:

If not, this will be displayed instead: