Protect your Network against WannaCry in only two steps with Sangfor NGAF
View this email in your browser
WannaCry Ransomware is still infecting business organizations all around the world. Sangfor NGAF users do not have to worry as Sangfor continues to provide you with the best protection available. With our newly added anti-WannaCry features, these can help you quickly identify potential risk from source infection hosts, as well as targeted infected hosts to prevent any losses.
1st STEP: SCAN THE INTERNAL NETWORK
1.     Scan the internal network to discover hosts that are potentially at risk of WannanCry attacks.
1.1  First, make sure that the "Threat Intelligence Database" is updated to version 2017-5-14 (newest version available as of today).  
1.2    Then go to the Threat Alerts sub-menu as shown on the right.
2. Click on “Settings” button, select the network object by network segment or IP group.
Prerequisite: the NGAF network scan should be reachable by IP.
3.    Click on the  “Protect” button for WannaCry Ransomware from Threat Alerts.
4.    Click on the “Protect Now” button to scan the hosts that are potentially at risk.
5.    Recommendations:
If a host that is potentially at risk is found, it is recommended to immediately update the host system patch. In order to update it, please kindly refer to following link:
https://technet.microsoft.com/us-en/library/security/ms17-010.aspx

If there are no hosts at risk found, then the network is safe from being infected by WannaCry!
2nd STEP: DISCOVER INFECTED HOSTS
1. First, make sure the “Vulnerability Database” is updated to 2017-5-15. (This version includes WannaCry Signature).
2.  Then check the IPS logs: 
3. Recommendations:
If the word "WannaCry" appears in the log entry under the “Name” column, then the host is most likely to have been infected with WannaCry. It is recommended that you guide the end-user to use an anti-virus software to try remove the virus.
CONCLUSION
By implementing these two steps with Sangfor NGAF, it can help you quickly identify potential threats in the internal network, thus providing enough reaction time to take proactive countermeasures.

It is always recommended that you frequently update Sangfor NGAF’s security database to reduce security risks and enjoy an up-to-date security protection ! 
I WANT MORE INFORMATION !
Facebook
Facebook
Twitter
Twitter
Website
Website
LinkedIn
LinkedIn
YouTube
YouTube
Google Plus
Google Plus
Copyright © 2017 Sangfor Technologies, All rights reserved.


unsubscribe from this list    update subscription preferences