To prevent ransomware attacks with Download Insight
In the console, open the Virus and Spyware Protection policy - High Security and click Download Protection.
On the Download Insight tab, make sure that Enable Download Insight to detect potential risks in downloaded files based on file reputation is checked.
Check the following default options:
Files with 5 or fewer users
Files known by users for 2 or fewer days
The low default values force the client to treat any file that has not been reported to Symantec by more than five users or for less than 2 days to be treated as unproven files. When unproven files meet these criteria, Download Insight detects the files as malicious.
Make sure that Automatically trust any file downloaded from a trusted Internet or intranet site is checked.
On the Actions tab, under Malicious Files, keep the first action as Quarantine risk and the second action as Leave alone.
Under Unproven Files, click Quarantine risk.
Subscribing will provide email updates when this Article is updated. Login is required.