Professional Documents
Culture Documents
Giai Phap Ngan Chan RANSOMWARE 28-10
Giai Phap Ngan Chan RANSOMWARE 28-10
Page 1 of 10
a. TrendMicro
Tnh nng ngn chn m ha d liu (Ransomware) ca Trend Micro Security 11(2017):
-Kim tra v ngn cc chng trnh thc hin cc thay i tri php trong h thng.
- Tnh nng chng m ha d liu gip ngi dng bo v c cc file word, excel v cc
file office khng b m ha v i tin chuc ca Hacker, bo v d liu quan trong c an
ton, chng tht thot d liu quan trng.
Ti v ci t tnh nng mi ca Trend Micro Security 11 (2017) ti
y: http://trendmicro.ctydtp.vn/tai-ve.html
b. Kaspersky
Page 2 of 10
iu khin qun l d s dng, qun l hu nh tt c cc tnh nng bo v khc ca Kaspersky v vy bn
s tn t thi gian v chi ph hn gi an ton cho d liu ca mnh.
Bo mt c th bao gm cc yu cu c th ca bn
Bt c khi no bn cn thm cc gii php bo mt hn na cho gii php Kaspersky Endpoint Security for
Business ADVANCED ca mnh, ch cn thm mt trong nhng gii php Kaspersky Targeted Security
Solutions c th mang n cho bn kh nng bo v tch hp y cho lu tr, o ha, email, cng Internet
hoc cng tc. c gii php bo mt cao nht ca chng ti dnh cho doanh nghip, hy chn Kaspersky
TOTAL Security for Business.
2.1.2 Thit lp policy ngn chn truy xut d liu qua cng usb
- Cu hnh trn tng my trong h thng mng LAN
- Cu hnh Policy trn AD trong h thng Domain
2.1.3 Cu hnh ty chnh & Cp nht Windows, Windows Firewall, Windows
Defender
- Cp nht cc bn v li Windows
- Ty chnh cu hnh Windows Firewall
Kch hot / v hiu qu Windows Firewall: C nhiu cch kch hot tng la
trong windows, nhng c l y l mt cch tt nht bn hiu v thc hnh vi tng
la. Bn c th s dng firewall bng cch kch hot qua giao din, hay i khi bn ci
t mt ng dng hay phn mm mi h thng se hin th cho bn cch s dng netsh
to cc lut cho vic m hoc ng cc cng m ng dng s dng.
netsh advfirewall set allprofiles state on (off)
Cho php hoc ngn chn Ping: Lnh ping thng c dng thm d server, n s
phn hi cc gi tim ICMP c client request, bn c th s dng netsh kim sot
n
netsh advfirewall firewall add rule="ALL ICMP V4" dir=IN action = block protocol=icmpv4
netsh advfirewall firewall add rule="ALL ICMP V4" dir=IN action = allow protocol=icmpv4
Page 4 of 10
Trong Windows 10, Windows Defender c bo v in ton m my . Tnh nng
ny s gi thng tin cho Microsoft da trn n c th pht trin ch k chng phn
mm c hi mi i ph tt hn vi vic xc nh v loi b malware.
Cui cng v pha cui, bn s thy Version info . Nhp vo Use Windows Defender
pha di s m Windows Defender UI.
Nu bn khng mun cho Windows Defender qut cc tp tin ca bn c th, th
mc, loi tp tin hoc qu trnh, bn c th t trn Exclusion list . thm bt c iu
g vo danh sch loi tr, ch cn bm vo Add an exclusion di Exclusions v thm
tp tin, th mc, loi tp tin
Page 5 of 10
2.2 Gii php phng chng Ransomware cho h thng Network & Wireless
2.2.1 Thit b cn bng ti WAN v h tr VPN
2.2.2 Firewall WatchGuard / Cisco
2.2.3Wifi WatchGuard / Meraki
2.2.4 Router Cisco Access list, nh tuyn, qun l VLan.
Trnh ly lan Ransomware trong trng hp 1 VLan b ly nhim.
2.2.5 Switch h tr VLan (layer2, layer3).
Page 6 of 10
2.3.3 H thng File Server
- Anrivirus Kaspersky Enpoint
- Agent Backup Acronis Backup
- Lp lch ng b d liu sang thit b lu tr ngoi vi v ngt kt ni thit b vi h
thng sau khi ng b hon tt.
2.5 Gii php kt ni an ton v phng chng Ransomware cho h thng Site to Site, Client
to Site.
2.5.1 Cu hnh VPN Loadbalance gia cc site thng qua thit b loadbalance hoc
firewall theo cc chun m ha IPSec/ SSL
2.5.2 Cu hnh VPN SSL Client to Site trn Firewall WatchGuard v thit b End
User.
2.5.2 S dng ng leaseline cho nhng kt ni c yu cu bo mt v tc
truyn ti d liu cao.
2.5.3
Page 7 of 10
2.7 Training ngi dng v an ton thng tin v cch phng chng Ransomware t pha
End User.
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Mc 2.2 nh gi:
- H th ng hin ti l h thng mng ngang hng, khng c h thng qun l ngi dng tp
trung.
- D liu lu tr phn tn trn my ca tng ngi dng, khng c sao lu d phng nn khi
pht sinh s c trn my tnh nh h hng phn cng, nhim virus, rt d mt d liu.
- Vic lu tr d liu trn my c nhn khng c phn quyn cn gy ra tnh trng r r thng
tin ni b gia cc phng ban hoc r r ra bn ngoi.
- Cha c thit b bo mt cho h thng mng ni b trc cc mi e do t bn ngoi Internet,
nguy c ly nhim cc phn mm gin ip, virus m ho d liu rt cao.
Tiu ch Tnh nht qun Tnh bo mt Tnh ton vn Tnh sn sng Tnh tin li
Page 8 of 10
- Tnh nht qun: D liu c lu tr v qun l tp trung ti mt im, khng trng lp hoc
sai khc v ni dung thng tin.
- Tnh bo mt: H thng mng v d liu c bo v khi cc mi nguy hi nh virus nh
cp thng tin, m ho d liu,
- Tnh ton vn: D liu c phn quyn truy cp r rng, khng b thay i hoc xo b bi
nhng ngi khng c thm quyn.
- Tnh sn sng: Khi c s c pht sinh khng lm ngng tr hoc gim thiu ti a thi gian
ngng tr hot ng ca h thng.
- Tnh tin li: Tit kim thi gian v nhn lc trong vic qun l, d dng trin khai p dng
cc chnh sch qun l mi khi c thay i.
Page 9 of 10
Phn 3: TNG QUAN V GII PHP XUT.
Page 10 of 10