Harmony Endpoint Anti-Ransomware, Behavioral Guard and Forensics
R81 Harmony Endpoint Server Administration Guide|310
Harmony Endpoint Anti-
Ransomware, Behavioral Guard
and Forensics
The Harmony Endpoint Forensics and Anti-Ransomware component monitors file operations,
processes, and network activity for suspicious behavior. It also analyzes attacks detected by
other client components or the Check Point Security Gateway. It applies Remediation to
malicious files.
Anti-Ransomware constantly monitors files and processes for unusual activity. Before a
Ransomware attack can encrypt files, Anti-Ransomware backs up your files to a safe location.
After the attack is stopped, it deletes files involved in the attack and restores the original files
from the backup location.
All details of attacks are organized in the Forensics Analysis Report.
For example, if Harmony Endpoint Anti-Bot detects a malicious URL, it notifies Forensics
through internal communication. Forensics starts a complete investigation and generates a
Forensics Analysis Report.
You can also configure the Forensics component to analyze incidents that are detected by a
third party Anti-Malware solution.
Configure the settings in the Harmony Endpoint Forensics and Anti-Ransomware rule of in
the SmartEndpoint Policy tab.
If Endpoint Security servers do not have internet connectivity, Forensics information is stored
and sent for evaluation immediately when a server connects to the internet.
To Next Page
Loading...
