Host Ransomware Prevention

Prevent Ransomware Before File Encryption

Despite existing security solutions, small to midsize businesses (SMBs) and distributed enterprise organizations continue to fall victim to ransomware attacks which will have a disastrous impact on business operations and continuity. WatchGuard Host Ransomware Prevention (HRP), a module within the WatchGuard Host Sensor, leverages behavioral analytics to not only detect and remediate these sorts of attacks, but actually prevent them as well.

Key Features

Utilizes a behavioral analytics engine to see if a given action is related to ransomware attack

In Prevent mode, HRP automatically prevents a ransomware attack before encryption takes place

ThreatSync correlates the threat data to supply a comprehensive threat score for a ransomware attack

HRP is a component of Threat Detection and Response and included with WatchGuard Total Security Suite

APT Blocker, WebBlocker & HRP work together to detect and stop ransomware attacks

The Host Sensor leverages minimal CPU, allowing TDR to work alongside existing AV deployments

watchguard Host Ransomware Prevention

Behavioral Analytics for Endpoint Protection

Ransomware is one of the best threats facing SMBs and distributed enterprise organizations today. WatchGuard’s Host Ransomware Prevention Module within the WatchGuard Host Sensor leverages a behavioral analytics engine to watch a good array of characteristics to see if a given action is related to a ransomware attack.

Read More

Automated Remediation for Ransomware Prevention

Ransomware attacks take hold of a tool by either locking the user out entirely or encrypting files so that the device can't be used. The hacker will then post a ransom that must be purchased the user to receive the decryption key to regain access to their device. When HRP detects that a threat is actually ransomware, it can halt the attack before encryption takes place, effectively mitigating the threat completely.

Read More
watchguard Host Ransomware Prevention
watchguard ThreatSync

Threat Correlation and Prioritization

ThreatSync is WatchGuard’s new cloud-based correlation and threat scoring engine, improving security awareness and response across the network to the endpoint. ThreatSync collects event data from the WatchGuard Firebox, WatchGuard Host Sensor and cloud threat intelligence feeds, correlates this data to get a comprehensive threat score and rank supported severity. Visibility into the network and endpoint provides improved protection against ransomware attacks.

Read More

Email Alerts & Notifications

ThreatSync includes email alerts and notifications to let you know when HRP has detected and remediated ransomware from your network and endpoint. Notifications are configurable to ensure that you receive the alerts you want when you want them.

watchguard Host Ransomware Prevention
watchguard Total Security against Ransomware Attacks

Total Security against Ransomware Attacks

With WatchGuard’s Total Security Suite, organizations can win the fight against ransomware attacks. By leveraging multiple security services, including APT Blocker, WebBlocker and Host Ransomware Prevention, SMBs can enjoy protection against advanced malware attacks on the network and also the endpoint through one comprehensive solution.

Read More

How It Works

Host Ransomware Prevention may be a module within the WatchGuard Host Sensor that leverages behavioral analytics to detect and determine if an occasion is malicious. If the threat is malicious, HRP will automatically block the threat from working on the device ensuring that file encryption doesn't happen. HRP will then report back to ThreatSync that a ransomware attack has been mitigated allowing further investigation.

watchguard Host Ransomware Prevention