Videos

Here you will find all videos related to Sangfor & our Products that will help you better understand our Solutions in an interactive way.

SANGFOR NGFW Anti-Malware

27/09/2015

Published on Apr 17, 2014
SANGFOR NGFW (Next-Generation Firewall) Anti Malware

This demo shows SANGFOR NGFW's anti-malware capability of identifying and preventing the damages caused by endpoint affection of malware.

To clearly demonstrate the intrusion, now we enable the anti-malware on SANGFOR NGFW so that we can monitor the process by the logs.

Now assume someone ran the malware by accident.

As you can see, the malware has created a new exe process, but we will have no idea what it is
secretly doing with the endpoint purely from this process.

However, since the SANGFOR NGFW anti-malware has been enabled, admins are able to go to its dashboard to check what exactly it is doing.

Go to the anti-malware module log, we can see the affected endpoint has already been located.

The detailed threats information indicates that, endpoint is trying to initially connect to an unknown external server 146.255.192.10, which could be a botnet Command & Control server.

However, since the network and endpoint has been secured from SANGFOR NGFW, it can't do anything currently.

To check what it's exactly going to do without SANGFOR NGFW's protection, we disable the anti-malware module so that it can proceed on its activities.

Now we can see the affected endpoint immediately starts downloading an .exe file, which could be a Trojan that can cause serious damages to the network and systems.

Our Social Networks

Global Service Center:

COPYRIGHT © 2000-2017 SANGFOR TECHNOLOGIES INC. ALL RIGHTS RESERVED.