Sangfor Anti-Ransomware Solution

Additional Info

CompanySangfor Technologies
Company size (employees)5,000 to 9,999
Type of solutionHybrid


The Sangfor Security Solution for Ransomware provides an innovative strategy that successfully mitigates ransomware attacks by breaking every step in the Kill Chain.

Stage 1: Detect & Block Malware and Ransomware Infection
Sangfor Engine Zero is a new approach to malware identification and blocking. It uses a multi-stage AI analysis engine with a 99.65% detection rate. Engine Zero is built into Sangfor NGAF with Endpoint Security to identify malicious files at both the network level and endpoints. Anything that the on-premise capabilities cannot analyze is automatically sent to the cloud-based Neural-X sandbox.

Stage 2: Detect & Block C&C Communications
Sangfor NGAF with Endpoint Secure not only validates malicious C&C communications but can query the endpoints to conduct a self-scan to search for infections, making it an effective anti-ransomware tool. If an infection is found, NGAF will terminate all communications outbound to C&C servers.

Stage 3: Detect & Block Exploitation
Sangfor Endpoint Secure is a potent ransomware prevention solution as it installs advanced ransomware honeypot technology to quickly identify and killfile encryption processes before major damage is done.

Stage 4: Detect & Block Propagation
Sangfor NGAF with Endpoint Secure can quickly isolate infected systems from the network to prevent this from happening. And Sangfor NGAF is the only firewall that can graphically display allowed, suspicious, and malicious connections in real-time, enhancing its stature as a leading cyber security solution in the fight against malware and ransomware.

How we are different

Sangfor’s Security Solution for Ransomware is the only complete, holistic security solution to prevent and mitigate ransomware attacks in real-time. No other anti-ransomware prevention tool can impact every step in the ransomware kill chain and no other solution is modular enough to be tailored to the requirements and budget of an organization.

Sangfor Anti-Ransomware Solution:
- The only solution that is proven to block every step in the ransomware kill chain
- The only solution with direct integration between firewall and endpoint agents, and not using TI or management console as a go-between
- A firewall can block C2 communications and lateral propagation based on direct endpoint input
- NGAF Network Firewall can verify that the endpoint is infected based on C2 communications
- The only solution with a ransomware honeypot that effectively stops the encryption process and identifies the controlling application network-wide