This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Real Site

This Article Applies to:

  • Avast Business On-Premise Console

 

Real Site (aka Secure DNS) is an Antivirus component designed to protect against Domain Name System hijacking. DNS hijacking (or DNS redirection) is a type of malicious attack that redirects you from the site you want to visit to one that may look just like it, but that can steal information such as usernames, passwords, and credit card details. This type of attack is especially dangerous when used with banking and shopping websites. In some cases, DNS hijacking may be recognized only after your sensitive data has been compromised.

Real Site is available for Windows workstations only.

How Real Site Works

Every time you enter the URL of a website into the address bar of your browser, the URL is translated to the IP address of the web server where the web page that you want to access is stored. Real Site provides an encrypted connection between your web browser and Avast's own DNS server to prevent hijacking. In other words, Real Site is meant to ensure that the displayed website is the authentic one.

The component will connect to Avast backend to query the list of our DNS servers and select the best one based on the connection/load.

Firewall Requirements

  • UDP 443 - Encrypted communication
  • UDP 53 - Secure DNS services

If the firewall blocks these ports, Real Site tries to connect to them by TCP protocol.

Enabling/Disabling or Uninstalling Real Site

To enable/disable Real Site:

  1. Go to the Policies page
  2. Open the desired policy
  3. Select Windows Workstation
  4. Go to the Active Protection tab
  5. Click the toggle next to Real Site to enable/disable the component

If, however, you want to uninstall Real Site, click the three dots next to it to open the actions menu, then select Uninstall this component.

Configuring Real Site Settings (Local Client Only)

There are no additional configuration options for Real Site in the On-Premise Console. On the endpoint, however, you can choose whether Real Site will support encrypted DNS in browsers and/or in system (see Real Site). We recommend keeping both options enabled, as this extends Real Site's protection to browsers and operating systems that use the DoH (DNS over HTTPS) protocol to encrypt DNS traffic.

Adding Real Site Exclusions

It is possible to exclude sites from Real Site checks. This will mean that the DNS resolution will not be verified through the secure connection to Avast servers, and will default to the device's DNS settings.

To add Real Site exclusions:

  1. Go to the Policies page
  2. Open the desired policy
  3. Select Windows Workstation
  4. Go to the Antivirus settings tab
  5. In the Exclusions section, go to the URL addresses tab
  6. Enter the website you want to exclude using the dns://domain.com/* format
  7. Click Add next to your entry

Overriding Policy Settings

Via the Components tab of a device, you can override its policy configuration for Real Site by setting the Customize component installation settings toggle to ON and then installing/uninstalling the component.

To learn more about policy overrides, see Overriding Inherited Policy Settings.

Verifying Real Site Status

You can check Real Site's status on an end device by going to https://securedns.ff.avast.com/ from the device. If the component is active, the following message will be displayed:

If not, this will be displayed instead:

 

Other Articles In This Section:

Webcam Shield

Data Shredder

Exchange and Sharepoint Server Protection

Sandbox

Components Without Customization Options in On-Premise Console

Related Articles:

Managing Policies

Configuring Antivirus Exclusions

Exchange Server Recommendations