Business Security

Avast Business Endpoint Protection: A closer look at our four AV shields

Greg Mosher, 22 November 2017

With each of our three endpoint protection solutions, you gain four shields of threat detection and security protection.

Last month, AV-Comparatives recognized our new Antivirus Pro Plus software as effective protection against malware and as an ideal fit for small and medium-sized businesses (SMBs). This high-level of threat detection is also standard in each of our new endpoint security products: Avast Business Antivirus, Antivirus Pro, and Antivirus Pro Plus.

We’re able to deliver powerful protection through product features like our Behavior Shield and Web, File and Email Shields. This four-shield defense works together to instantly detect and block malicious threats, sending the threat data right to our Threat Labs team for thorough analysis, which in turn strengthens our threat database.

Let’s take a closer look at these shields, how they work, and why this matters for businesses.

Four-shield protection: Behavior, Web, File and Email

Based on intrusion detection and prevention (IDP) technology from AVG, Behavior Shield is the most complex and sophisticated of our four-shield protection. Introduced earlier this year in our Avast consumer security product, Behavior Shield is now available in each of our Avast Business endpoint security products so every SMB can benefit from its threat monitoring and cybercrime protection.

Behavior Shield provides real-time monitoring of all the programs and applications that are currently running on PCs. It carefully observes the behavior of software and monitors what the software itself is trying to accomplish. If it notices something out of the ordinary—like a PDF trying to download something from the web—Behavior Shield blocks the action and reports the behavior to you and to our global threat infrastructure for analysis. We then use our extensive threat database and machine learning algorithms to positively identify and classify the malware.

WannaCry ransomware is no match for Behavior Shield

Behavior Shield is critical for stopping new, emerging threats. This was a key technology that our team used to stop the WannaCry ransomware attack in May. WannaCry infected 250,000 machines in less than 30 minutes and attacked more than 2 million computers in over 150 countries within 24 hours. (Avast blocked WannaCry ransomware more than 1 million times in 150 countries worldwide.)

Web, File and Email Shields

As more and more web services are moving to HTTPS-by-default or even HTTPS-exclusive, cyber criminals are increasingly targeting these encrypted web sites. Our web shield technology scans HTTPs web traffic for malware and can do this without risky man-in-the-middle (MTM) methods. It detects and decrypts TLS/SSL-protected traffic and adds compatibility for SPDY+HTTPS/HTTP 2.0 traffic. Put simply, our Web Shield can also check HTTPS web traffic without disrupting users’ browsing experience.

Like Web Shield, our File and Email Shields also protect essential, often vulnerable parts of PCs. Email Shield scans all emails received in your inbox to ensure they’re free of malware, while File Shield scans any files that are launched on a PC to ensure they’re free of any recognizable malware.

How do you know these shields are working?

These four shields come standard and work automatically in all of our new endpoint protection products. They don’t need to be activated or set up. If you’re an Avast Business channel partner or business customer, these four shields are working together automatically and unobtrusively to protect you from ransomware and the most malicious type of threats.

When a threat is detected, you will see an alert similar to this:

4 shields blog post.png

If you’re not an Avast Business user yet, and notice suspicious behavior on your PC, here are a few tips:

If you have IT support:

  • Contact your IT team immediately.
  • Be sure you have a backup or duplicate copy of any important documents and files. A USB flash drive is also useful for this (just ensure you know its origin to ensure it is safe).

If you do not have IT support:

  • Be sure you have a backup or duplicate copy of any important documents and files. A USB flash drive is also useful for this.
  • If you’re on a local network with other machines, disconnect from the network. To do this, either disconnect from Wi-Fi or unplug the network cable.
  • Using another device, download the trial version of Avast Business Antivirus and copy this to a USB flash drive. Then install and scan your machine with the Avast Antivirus from the thumb drive.

In the coming weeks, look for more detail on other features of our new products. Information about our four AV shields can be found here: Avast Business Antivirus, Antivirus Pro or Antivirus Pro Plus.