Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
452
Views
0
Helpful
1
Replies

File access behavior protection

hoffa2000
Level 3
Level 3

‎02-10-2016 03:11 AM - edited ‎03-10-2019 12:35 AM

Hi all

I'm tossing around an idea, or requirement rather, I have and need some input. It's concerning all these ransomware that are causing me much headache. Some get caught by different layers in my defence but those that get through manage to do damage and cost us man hours to recover. What about all these encryptions that are going on in parallel, executed on the infected user PC and carried out on our file servers? I mean when a user, instead of having one or three files open at the same time, start accessing and writing thousands...there should be a clear market for a behavior analisys/protection feature there. Right?

Might not be a Cisco thing but you never know. 

Regards

Fredrik

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎02-11-2016 12:02 PM

You need a very good endpoint client to prevent such attacks from happening. There are several vendors out there but right now I see a lot of traction with Cisco's FireAMP for endpoint and TRAPS from Palo Alto Networks. If you already have a Cisco Sourcefire running on your network then FireAMP for endpoint would be a better fit  and vice-versa. 

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents