Jump to content

Recommended Posts

No, MBARW only supports workstation OS. Additionally, the MBARW protection software must be on the endpoints in order to protect a server share. If one of your users opens a macro infected office doc or malicious *.js or *.scr in a zipped email attachment, the malicious encryption process is not running on the server, therefor the server will not be able to stop the encryption process. It must be stopped at the source machines.

Link to post
Share on other sites

A server will not be at risk for ransomware unless one is using them for questionable purposes, like using them for internet browsing or opening email, which is a huge no no. You protect your servers by implementing solid policies around acceptable usage, a staggered backup schedule and having MBARW on the clients that connect to the servers.

Again, even if you put MBARW on a server, it cannot stop an encryption process that is running from an endpoint workstation. That ransomware process is located in the memory of the endpoint it unpacked on, you must have the MBARW software on the endpoint to be able to stop the encryption process before it reaches a server share / mapped drive.

Link to post
Share on other sites

On 4/26/2017 at 10:36 AM, djacobson said:

A server will not be at risk for ransomware unless one is using them for questionable purposes, like using them for internet browsing or opening email, which is a huge no no. You protect your servers by implementing solid policies around acceptable usage, a staggered backup schedule and having MBARW on the clients that connect to the servers.

Again, even if you put MBARW on a server, it cannot stop an encryption process that is running from an endpoint workstation. That ransomware process is located in the memory of the endpoint it unpacked on, you must have the MBARW software on the endpoint to be able to stop the encryption process before it reaches a server share / mapped drive.

What if Ransomware gets executed from the workstation and just encrypts the UNC Shares/ Mapped Drives ONLY - ignoring the files on the computer?

How can the server protects it self from computers that is infected by Ransomware?

Edited by vane
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.