Anti-Cryptor task in Kaspersky Security for Network Storage Protection
This article concerns:
- Kaspersky Security 11.0.1 for Windows Server (version 18.104.22.1687)
- Kaspersky Security 11.0.0 for Windows Server (version 22.214.171.1240)
- Kaspersky Security 10.1.2 for Windows Server (version 10.1.2.996)
- Kaspersky Security 10.1.1 for Windows Server (version 10.1.1.746)
Protecting file resources with Anti-Cryptor
The Anti-Cryptor component can only be used for protecting files and folders located in shared folders. For successful detection of a file-encrypting activity, a network folder must be opened from the volume available as a local path for a protected server.
Anti-Cryptor is installed on a server and cannot be installed on a network storage, which is why you cannot add the network data storage to the protection scope of the Anti-Cryptor component if it is not connected as NAS (Network-Attached Storage).
To use Anti-Cryptor for data storage system protection:
- Connect the network data storage to the protected server as SAN (Storage Area Network). SAN implies the use of the data storage as an additional volume on the protected server.
- Allow shared network access to the folders in this volume and add them to the Anti-Cryptor component’s protection scope.
Kaspersky Security will detect file-encrypting activity in such folders.
The feature is available in the following solutions:
- Kaspersky Endpoint Security for Business Select
- Kaspersky Endpoint Security for Business Advanced
- Kaspersky Total Security for Business
- Kaspersky Security for File Servers
- Kaspersky Security for Storage
- Kaspersky Hybrid Cloud Security (Server)
- Kaspersky Hybrid Cloud Security Enterprise (Server)
Protecting file resources with Anti-Cryptor for NetApp
Starting with version Kaspersky Security 10.1 for Windows Server, the Anti-Cryptor for NetApp feature has been added. The Anti-Cryptor for NetApp component intercepts file operations in shared network folders of the NetApp data storage system and checks them for encryption activity.
You can add the protected data storage cluster to the protection scope and register a server with Kaspersky Security 10.1 for Windows Server installed as an FPolicy server. Kaspersky Security 10.1 for Windows Server will receive notifications on file operations on the network storage and return a verdict on each operation to the network storage through the FPolicy protocol.
The Anti-Cryptor for NetApp component is only compatible with RPC-compliant NetApp clustered data storages.
Data storage operating systems compatible with Anti-Cryptor for NetApp:
- Data ONTAP 8.2.1 or later in the cluster mode
- Data ONTAP 9.0 or later in the cluster mode
The feature is available in Kaspersky Security for Network Storage Protection.