To prevent ransomware variants, configure Download Insight to quarantine the files that the Symantec customer base knows are malicious or that haven't yet been proven to be malicious.
To prevent ransomware attacks with Download Insight
In the console, open the Virus and Spyware Protection policy - High Security and click Download Protection.
On the Download Insight tab, make sure that Enable Download Insight to detect potential risks in downloaded files based on file reputation is checked.
Check the following default options:
Files with 5 or fewer users
Files known by users for 2 or fewer days
The low default values force the client to treat any file that has not been reported to Symantec by more than five users or for less than 2 days to be treated as unproven files. When unproven files meet these criteria, Download Insight detects the files as malicious.
Make sure that Automatically trust any file downloaded from a trusted Internet or intranet site is checked.
On the Actions tab, under Malicious Files, keep the first action as Quarantine risk and the second action as Leave alone.
Under Unproven Files, click Quarantine risk.
Click OK.
Legacy ID:
v117437993_v81626096
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)