Ransomware Protection

Setting Ransomware Protection GuardPoints

Steps to create GuardPoints on individual clients and client groups are similar. GuardPoints can be created on the GuardPoints tab of individual clients and client groups.

To create a Ransomware Protection GuardPoint:

1. In CipherTrust Manager, open the Transparent Encryption application.

2. Select the client or client group on which you want to create a GuardPoint.

   • Click an Ransomware Protection-enabled client under the Client Name column (Clients > Clients). These are the clients with either Ransomware Protection, or CTE Ransomware Protection, protection mode.

   • Click a client group under the Client Group Name column (Clients > Client Groups).

3. On the GuardPoints tab, click Create GuardPoint:

   Note

   Once Ransomware Protection is enabled during CTE registration, Ransomware Protection is applied to all GuardPoints.

   Ransomware Protection is supported in 2 Protection Modes:

   • RWP: In CipherTrust Manager, when creating a GuardPoint, you cannot assign a policy and type is automatically set to Ransomware Protection Only.

   • CTE-RWP: On clients with CTE RWP mode, you can create a Ransomware Protection GuardPoint set to Ransomware Protection Only, as well as other types of GuardPoints that use policies as shown below. In Linux, Ransomware Protection is also available for other GuardPoints if the GuardPoints are set on a directory.

   

4. Specify the Path to be protected. This is a mandatory field. Options to specify the GuardPoint paths are:

   • Enter/Browse Path: Select this option, and enter the path by either typing or clicking the Browse button.

     Note

     • For CTE Windows, Ransomware Protection GuardPoints are applied at the volume level. Even if you specify the path of a folder or a file, the GuardPoint will be applied at the volume level.

     • For CTE Linux, Ransomware Protection is applied at GuardPoint level.

     • If you specify a network share, all of the network shares to be mounted subsequently will be protected.

     • A CTE client administrator can configure protection of all existing GuardPoints, and those to be added to the client subsequently.

     • A maximum of 200 GuardPaths can be specified using the Enter/Browse Path option.

   Browse Method

   1. Click Browse to select the path by browsing the client file system. This method prevents typographical errors and verifies client availability. This is the recommended method to specify individual paths. Note that the client must be registered with CipherTrust Manager in order to browse its file system.

   2. In the Enter Path field, specify the path. Alternatively, in the Select Path field, select the path from the on-screen file system browser, and click Select Path.

   3. Click Add.

   Manual Method

   Alternatively, if you know the path, manually enter path in the given text box. Enter one path per line.

   • Upload CSV: Select this option and click Browse to upload the CSV file containing the list of one or more paths. This is the recommended method to specify a large number of paths in one step.

     Note

     If a manually entered path does not yet exist, check that you entered the path correctly. The CipherTrust Manager does not parse manually entered paths for correct syntax.

5. Click Create. A message appears prompting to confirm the reuse of these GuardPoint settings on another path.

   • Click Yes to use the same settings on another path. The Use Settings on Another Path dialog box is displayed. Perform the following steps:

     1. In the Enter Path field, specify the path. Alternatively, in the Select Path field, select the path from the on-screen file system browser, and click Select Path.

     2. Click Add Path. The newly added path appears under the Paths list on the left. Similarly, add as many paths as required.

     3. Click OK.

   • Click No if you do not want to use the same settings on another path.

6. Check the GuardPoint status, type:

   secfsd -status guard