- Configure additional ESET Remote Administrator (6.3 and later) HIPS rules in the following ESET products to protect against Filecoder (ransomware) malware
- ESET Endpoint Security
- ESET Endpoint Antivirus
- ESET File Security for Microsoft Windows Server
Click each image to open a new window for additional anti-ransomware best practices and additional policy configurations:
ESET's Host-based Intrusion Prevention System (HIPS) is included in ESET Endpoint Security, ESET Endpoint Antivirus, ESET Mail Security for Microsoft Exchange, and ESET File Security for Microsoft Windows Server. HIPS monitors system activity and uses a pre-defined set of rules to recognize suspicious system behavior. When this type of activity is identified, the HIPS self-defense mechanism stops the offending program or process from carrying out potentially harmful activity. Changes to the Enable HIPS and Enable Self-defense settings take effect after the Windows operating system is restarted.
To further help prevent ransomware malware on your Windows systems, create the following policy rules in ESET Remote Administrator version 6.3 or later:
Open ESET Remote Administrator Web Console (ERA Web Console) in your web browser and log in. How do I open ERA Web Console?
- Click Admin → Policies, select the Agent policy being applied to your server(s) (your default parent policy) and then click Policies → Edit.
Alternatively, you can create a new policy in ESET Remote Administrator (6.x).
- Expand Settings → Antivirus, click HIPS and then click Edit next to Rules.
Click the + to expand each section below to create the HIPS rules for the suggested processes.