Protect your Network against WannaCry in only two steps with Sangfor NGAF

17/05/2017 16:20:01
*|MC:SUBJECT|*
Protect your Network against WannaCry in only two steps with Sangfor NGAF
 
WannaCry Ransomware is still infecting business organizations all around the world. Sangfor NGAF users do not have to worry as Sangfor continues to provide you with the best protection available. With our newly added anti-WannaCry features, these can help you quickly identify potential risk from source infection hosts, as well as targeted infected hosts to prevent any losses.
1st STEP: SCAN THE INTERNAL NETWORK
1. Scan the internal network to discover hosts that are potentially at risk of WannanCry attacks.
1.1 First, make sure that the "Threat Intelligence Database" is updated to version 2017-5-14 (newest version available as of today).
1.2 Then go to the Threat Alerts sub-menu as shown on the right.
2. Click on “Settings” button, select the network object by network segment or IP group.
Prerequisite: the NGAF network scan should be reachable by IP.
3. Click on the “Protect” button for WannaCry Ransomware from Threat Alerts.
4. Click on the “Protect Now” button to scan the hosts that are potentially at risk.
5. Recommendations:
If a host that is potentially at risk is found, it is recommended to immediately update the host system patch. In order to update it, please kindly refer to following link:
https://technet.microsoft.com/us-en/library/security/ms17-010.aspx

If there are no hosts at risk found, then the network is safe from being infected by WannaCry!
2nd STEP: DISCOVER INFECTED HOSTS
1. First, make sure the “Vulnerability Database” is updated to 2017-5-15. (This version includes WannaCry Signature).
2. Then check the IPS logs:
3. Recommendations:
If the word "WannaCry" appears in the log entry under the “Name” column, then the host is most likely to have been infected with WannaCry. It is recommended that you guide the end-user to use an anti-virus software to try remove the virus.
CONCLUSION
By implementing these two steps with Sangfor NGAF, it can help you quickly identify potential threats in the internal network, thus providing enough reaction time to take proactive countermeasures.

It is always recommended that you frequently update Sangfor NGAF’s security database to reduce security risks and enjoy an up-to-date security protection !
I WANT MORE INFORMATION !

Our Social Networks

Global Service Center:

COPYRIGHT © 2000-2017 SANGFOR TECHNOLOGIES INC. ALL RIGHTS RESERVED.