Advanced Cyber Security

You are here: SecPoint & IT Security News

What is the Best Firewall to block Ransomware Attacks?

Ransomware is the latest life threatening attacks against organisations.

It is often risk free for the attackers to target and organisation.

They will break into the target organisation to steal sensitive business information.

This can be sensitive data, IP technology such as source code to a game, employee information or customer data.

Attackers aggressively push the customers to pay ransom

The SecPoint Protector UTM Firewall if you need real strong protection on your network.

It has very strong protection against hacking gangs such as:

What is the key elements a firewall must contain to fight Ransomware?

  1. Updated IP addresses for Country blocking to easily block countries where the business is not conducting business. This could be, Afghanistan, Russia, China etc. The Country IP lists are updated weekly unlike other products. The IPs change all the time for countries
  2. Very strong Intrusion Prevention System (IPS) Technology Protection to Block specific exploits. more than 40.000 IPS database that is being updated daily. The databases consist of Exploits, Malware, WEB Attacks, Mail Server attacks and more.
  3. The UTM Firewall must have very strong Anti Virus Capability such as supporting up to 3 vendors at the same time. Example ESET, Kaspersky & ClamAV. This can help block ransomware tricking phishing mails coming in that non tech savy employees are clicking on.
  4. Global RBL List to block Toxic IP addresses. A powerful database of 12 RBL listed combined together that blocks more than 640 Million Toxic IP addresses. This can be IPs used in illegal software sharing, botnet attacks, spam attacks, DDoS attacks, Hacker attacks, Vulnerability Scanning, Phishing attacks and sending virus. It is recommended to block all Toxic IPs. The 12 RBL lists are updated multiple times daily.
  5. The SecPoint specific RBL with more than 1.5 Million blocking updated daily collected from multiple honeypots.
  6. It is also recommended to fully blocking TOR Traffic since high amount of toxic traffic is coming from there.
  7. There must be full transparency on the firewall System which type of data is being collected. Which third party will get access to the data?
  8. It is optimal the Firewall system is running on Linux operating backdoor free and allows the user themself to put their own custom Kernel to prove there is no backdoors or third party access.
  9. Limit all incoming traffic to the Firewall administration to only be from trusted IP addresses
  10. Prevent Human Errors. Start hacking your own firewall regularly to find out if any configurations are not set correct, has been misconfigured. Or was changed by mistake at a point and different ports services temporary was forgotten and left open to the Internet.
  11. Extensive Data Leak Prevention (DLP) Technology. Prevent attacks to easily gain access to VPNs, File Sharing services to make it very difficult to leak data out of the network.
  12. Double testing the policies and network with extensive Vulnerability Scanning & Assessment on a daily basis.