Overview

The Sangfor Security Solution for Ransomware provides an innovative strategy that successfully mitigates ransomware attacks by breaking every step in the Kill Chain.

Stage 1: Detect & Block Malware and Ransomware Infection
Sangfor Engine Zero is a new approach to malware identification and blocking. It uses a multi-stage AI analysis engine with a 99.65% detection rate. Engine Zero is built into Sangfor NGAF with Endpoint Security to identify malicious files at both the network level and endpoints. Anything that the on-premise capabilities cannot analyze is automatically sent to the cloud-based Neural-X sandbox.

Stage 2: Detect & Block C&C Communications
Sangfor NGAF with Endpoint Secure not only validates malicious C&C communications but can query the endpoints to conduct a self-scan to search for infections, making it an effective anti-ransomware tool. If an infection is found, NGAF will terminate all communications outbound to C&C servers.

Stage 3: Detect & Block Exploitation
Sangfor Endpoint Secure is a potent ransomware prevention solution as it installs advanced ransomware honeypot technology to quickly identify and killfile encryption processes before major damage is done.

Stage 4: Detect & Block Propagation
Sangfor NGAF with Endpoint Secure can quickly isolate infected systems from the network to prevent this from happening. And Sangfor NGAF is the only firewall that can graphically display allowed, suspicious, and malicious connections in real-time, enhancing its stature as a leading cyber security solution in the fight against malware and ransomware.