Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

Related
Recommended
StephenMcKay

CryptoGuard 5:

A new policy option now sets the default action on detection of ransomware to terminate the process. We have kept the option to only isolate a process should you wish to keep using the setting from CryptoGuard 4. 

This new release is a design change in how our ransomware detection works; resulting in Sophos detecting more ransomware families and protecting more file types and sizes. 

The software release to support CryptoGuard 5 has already released; we will be migrating customers over from CryptoGuard v4 to v5 starting in February. As with all of our feature enablement, it will be done in small batches and you can control the change in action via the Sophos Central policy. 

Regards,

Stephen

Parents

  • Hi,

    Is there any feature to exclude a range of IP addresses? We have workstations with assigned IP addresses through DHCP that processes files on our file servers. The process includes a combination of encrypting files using GnuPG and deleting files using Windows utility 'sdelete.exe'. This combination seems to be detected as ransomware attack. We have to temporarily disable Sophos CryptoGuard protection for us to be able to process files. I have tried adding the process/programs in the exclusion list i.e. absolute path of the executables. But it does not seem to work.

Comment

  • Hi,

    Is there any feature to exclude a range of IP addresses? We have workstations with assigned IP addresses through DHCP that processes files on our file servers. The process includes a combination of encrypting files using GnuPG and deleting files using Windows utility 'sdelete.exe'. This combination seems to be detected as ransomware attack. We have to temporarily disable Sophos CryptoGuard protection for us to be able to process files. I have tried adding the process/programs in the exclusion list i.e. absolute path of the executables. But it does not seem to work.

Children
No Data
Unfiltered HTML