Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

CTE Administration

Ransomware Protection

search

Please Note:

Ransomware Protection

Note

The Ransomware protection (RWP) feature is applicable to CTE for Windows clients.

A Ransomware is a type of malicious software that is designed to block access to computer system until a sum of money is paid. CTE for Windows Agent supports detection of Ransomware and protection of CTE clients from Ransomware.

The CTE Agent determines whether a process shows Ransomware-like behavior or not. If the process shows such behavior, then an action preconfigured in the profile linked with the client is taken. Depeneding on the configuration, the action could be to just alert the system or deny further file access by that process.

Licensing

Ransomware protection is supported with RWP-enabled CTE for Windows clients. A CTE for Ransomware license must be activated on the CipherTrust Manager to register an RWP-enabled CTE client. Refer to CTE Licensing Model for details.

Protection Modes

Based on the enabled capabilities, CTE clients can support the following protection modes:

  • Only filesystem protection (CTE)

  • Only Ransomware protection (RWP)

  • Both filesystem and Ransomware protection (RWP CTE)

CTE provides two options to protect CTE clients from Ransomware. You can either monitor (Permit) or block (Deny) access to the volume on the CTE clients.

Use Ransomware Protection GuardPoints to monitor or block Ransomware access attempts to a protected volume on the CTE clients. A Ransomware Protection GuardPoint does not require any protection policies.

Steps

To protect a client from Ransomware:

  1. Ensure that the CTE Ransomware Protection license is activated and available on the CipherTrust Manager. Refer to CTE Licensing Model for details.

  2. Install the CTE for Windows Agent with the Ransomware Protection capability enabled. The Ransomware protection support uses the same registration process as CTE clients. Refer to Configuring CTE with CipherTrust Manager for information on installing and configuring CTE Agents.

  3. Configure the Ransomware Protection settings in the linked client profile. Refer to Setting Ransomware Protection Configuration for details.

  4. Create a Ransomware Protection GuardPoint on the client volume to be protected. Refer to the Creating Ransomware GuardPoints for details.