- 31 Jul 2023
- 1 Minute to read
- Updated on 31 Jul 2023
- 1 Minute to read
Ransomware attacks have become an increasingly imposing threat to organizations. In most ransomware attacks, encryption restricts access to critical files, systems, and applications. This encryption process happens silently in the background.
Taking proactive measures against ransomware attacks helps safeguard your data and ensures the continuity of your operations. Each user’s behavior is monitored and fed in to a machine learning algorithm trained on an extensive dataset of attack flows. Via this monitoring CTERA Ransom Protect is able to detect and block ransomware attacks within seconds.
CTERA Ransom Protect monitors Windows File Sharing (SMB) traffic. It does not monitor user behavior on other file sharing protocols such as NFS or FTP.
Key Features of CTERA Ransom Protect include:
- Real-time detection: Advanced machine learning algorithms identify behavioral anomalies suggesting fraudulent file activity, and block offending users within seconds.
- Zero-day protection: CTERA Ransom Protect does not rely on traditional signature update services.
- Incident management: An administrator dashboard provides real-time attack monitoring, comprehensive incident evidence logging and post-attack forensics.
- Instant recovery: Near-instant recovery of any affected files from snapshots.
In addition, CTERA Ransom Protect requires minimal configuration, requiring a single click to activate ransomware protection on the CTERA Edge Filer.
CTERA Ransom Protect requires a Portal Plus license on the CTERA Portal.
In order to notify administrators by email when a suspected ransomware attack has happened, the mail server must be correctly configured. For details see Configuring Email Alerts .
CTERA Ransom Protect operates on the CTERA Edge Filer and does not rely on an internet connection. It works even when the connection to the CTERA Portal is down.