Single Product Test. Superna Ransomware Test. Language: English June Last Revision: 4 th July

Similar documents
Symantec vs. Trend Micro Comparative Aug. 2009

Network Performance Test. Business Security Software. Language: English August Last Revision: 11 th October

Performance Test. ESET Endpoint Security. Language: English September Last Revision: 14 th September

Anti-Virus Comparative. Factsheet Business Test (August-September 2018) Last revision: 11 th October

Anti-Virus Comparative

Safe N Sec Enterprise Pro

RTTL Certification Test - March Language: English. March Last Revision: 8 th April

Webroot SecureAnywhere Business Endpoint Protection

Single Product Review. escan Internet Security 11. Language: English September 2010 Last revision: 13 nd October

AV-Comparatives. Support-Test (Germany) Test of German-Language Telephone Support Services for Windows Consumer Security Software 2016

Anti-Virus Comparative No.7

Anti-Virus Comparative

Compatibility Matrixes for VMware vcenter Site Recovery Manager 4.0 and Later

Anti-Virus Comparative No.8

Anti-Virus Comparative

Shimadzu LabSolutions Connector Plugin

GPA Migration Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

Anti-Virus Comparative Summary Report 2008

Quest VROOM Quick Setup Guide for Quest Rapid Recovery and Foglight Windows Installers

Anti-Virus Comparative

Tisio CE Release Notes

Corporate Product Review: ESET

Aellius LynX Office Lookup Enhancements

NCD ThinPATH PC Installation Guide and Release Notes

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

SUPPORT MATRIX. Comtrade OMi Management Pack for Citrix

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

End User License Agreement

Flexible MiniPCI to MiniPCI Express Bus Adapter

JOHNS HOPKINS ARAMCO HEALTHCARE MYCHART. Terms and Conditions

Hardware VXLAN Gateway Last Updated: July 17, 2018 For more information go to vmware.com.

Release Information. Revision History. Version: build 018 Release Date: 23 rd November 2011

Flexible x4 PCI Express 4-Way Splitter

Squid PCI Express Carrier Board for MiniPCIe modules

FirePoint 8. Setup & Quick Tour

Flexible MiniPCI Express Riser

Security Assessment. Prepared For: Prospect Or Customer Prepared By: Your Company Name

Price List Utilities. For Dynamics CRM 2016

StoneGate IPS. Hardware Requirements for Version 5.2.0

Flexible Mini PCI to PCI Bus Adapter

ADN. System Installer. Instruction manual

Flexible MiniPCI Express 2-Way Splitter

Squid PCI Express Gen3 Carrier Board for 2 M.2 SSD modules

Getting Started (No installation necessary) Windows On Windows systems, simply double click the AntGram icon to launch the program.

Thin Client Compatibility Guide For VMware Virtual Desktop Manager (VDM)

MySonicWall Secure Upgrade Plus

StoneGate Management Center version 5.2. Hardware Requirements

VIRTUALIZED BACKUP ADVANTAGES OF THE DELL POWERVAULT DL BACKUP TO DISK APPLIANCE POWERED BY SYMANTEC BACKUP EXEC 2010 R3

Ulisse Compact "Standard Pelco" configuration

VMware vcenter Log Insight Manager. Deployment Guide

OfficeServ Link User Manual

ABB Network Partner. User s Manual CAP/REx 500*2.0

pvs Release Notes All series

Getting Started (No installation necessary)

Class Composer General Terms of Use

Getting Started (No installation necessary) Windows On Windows systems, simply double click the AntPConc icon to launch the program.

Upgrading BankLink Books

Dell Change Auditor 6.5. Event Reference Guide

About Toad for Oracle 2017 Editions 2. Product release notes 4. Installation 5

Test Report PMP Test Data For PMP /20/2015

Active Directory Change Notifier Quick Start Guide

TN010 AKKON. Installation guide. (AKKON application documentation and operating system)

Symantec Protection Center Getting Started Guide. Version 2.0

Automator (Standard)

Workshop 4 Installation INSTALL GUIDE. Document Date: February 4 th, Document Revision: 1.1

IEEE Electronic Mail Policy

Firmware Loader. Software. For support mail to: tech mca.nl See also our website: mca.com. Software Manual. Revision 1.

Flexible MiniPCI Express to PCI Bus Adapter

StoneGate Firewall/VPN How-To Installing and Activating StoneGate FW/VPN in VMware ESX Server

PATGuard Time Manager 2

Setting Up Quest QoreStor with Veeam Backup & Replication. Technical White Paper

Web site Privacy Policy

Connect the DR-22WL/DR-44WL with the smartphone by Wi-Fi for the first time...3

Upgrading MYOB BankLink Notes (desktop)

MegaStat Installation Instructions

Agreements & Contracts: Electronic Documents User Agreement CUSTOMER SERVICE SKOWHEGAN SAVINGS

My Filings Your UCC Online Portal provides functionality to enable you to search and view all the filings which you have made.

RELEASE NOTES PRACTICE VELOCITY PV-CUSTOMER. Owner: Urgent Care Solutions PVM, Visit our website at:

Flexible 32-bit PCI to MiniPCI Express Adapter

Anti-Virus Comparative No.1

Installation and Configuration Manual. Price List Utilities. for Microsoft Dynamics CRM Dynamics Professional Solutions Ltd 1 / 14

Xerox Security Bulletin XRX V1.0

AhnLab Software License Agreement

Table of Contents. Part I About Oxygen Software. Part II Introduction. Part III Data extraction. Part IV Settings. Part V Copyright notes.

Metalogix Intelligent Migration. Installation Guide

Connect the DR-22WL/DR-44WL with the smartphone by Wi-Fi for the first time...3

Hardware VXLAN Gateway Last Updated: March 18, 2018 For more information go to vmware.com.

OUR CUSTOMER TERMS CLOUD SERVICES MCAFEE ENDPOINT PROTECTION ESSENTIAL FOR SMB

XcreenKey Verti. User Guide v2.0. Legal Before You Start Using XcreenKey Verti

F²MC-16FX FAMILY ALL SERIES FLASH SECURITY 16-BIT MICROCONTROLLER APPLICATION NOTE. Fujitsu Microelectronics Europe Application Note

MQESS Installation Manual

Fujitsu Microelectronics Europe Application Note MCU-AN E-V12 F²MC-16FX FAMILY 16-BIT MICROCONTROLLER ALL SERIES CLOCK OUTPUT APPLICATION NOTE

Westhold Sign Master User Manual. Version

Tanium Map User Guide. Version 1.0.0

Anti Virus Comparative Performance Test (Suite Products) May 2012

Cloud Access Manager Overview

One Identity Quick Connect Express

F²MC-16LX FAMILY MB90F897 DUAL OPERATION FLASH 16-BIT MICROCONTROLLER APPLICATION NOTE. Fujitsu Microelectronics Europe Application Note

Changing Databases. This presentation gives a quick overview on how to change databases in Osprey.

Transcription:

Single Product Test Superna Ransomware Test Language: English June 2017 Last Revision: 4 th July 2017 Commissioned by Superna - 1 -

1 Introduction This report has been commissioned by Superna. The product Superna Eyeglass 1.9.2 has been tested in June 2017. Superna Eyeglass Ransomware Defender prevents ransomware from encrypting user data on storage clusters. It does not replace endpoint protection software on client or server computers, but is designed to be used in conjunction with this. Ransomware Defender works by monitoring user data on storage clusters in real time, and checking for file-write operations typically conducted by ransomware programs, i.e. encryption of the files. As soon as such activity is detected, access from the infected user s computer to the storage cluster is blocked. The product can manage multiple clusters, each with multiple shares, and when ransomware activity is detected on one share on one cluster, the user s access to all managed shares and clusters will be removed. A notification is immediately sent to the administrator when ransomware activity is spotted and a user is blocked. Superna Eyeglass was provided in the form of preconfigured virtual hard disks for the VMware vsphere platform. A web-based interface was provided to manage the product. 2 Test Configuration Commissioned by Superna - 2 -

3 Test scenario The ransomware was executed manually on a client with connected shares. Ransomware Defender was in Blocking Mode. 3.1 Shares Four shares were mapped to 2 clusters as network drives to the client before the sample was executed. The shares content was provided by Superna containing different types of documents. 3.2 Client 1. Corp 2. Engineering 3. Finance 4. Marketing Windows 7 64bit English 3.3 Sample Selection One ransomware sample family, Locky, was used. This ransomware family was chosen by Superna as a known variant that attacks network attached drives. Commissioned by Superna - 3 -

4 How it works Superna Eyeglass Ransomware Defender prevents ransomware from encrypting user data on storage clusters by monitoring file operations. As soon as a blacklisted activity is detected and a given threshold is reached, access from the infected user s computer to the storage cluster is blocked by locking the user out. Ransomware Defender Ransomware Defender Threshold Settings Commissioned by Superna - 4 -

5 Result The sample encrypted the client and several files on the storage clusters. The number of encrypted files on the clusters before detection and user lockout is dependent on the user behavior threshold settings. Superna Eyeglass Ransomware Defender worked as expected and locked out the user from both storage clusters, halting the propagation of file encryptions after reaching the threshold. The user lockout only affects the compromised user account, allowing other users to access storage cluster data. The product also assists with recovery of affected data by listing the affected files. Once the user workstation has been remediated, the product can return access to all networked attached data by reversing the user lockout and completing the recovery process. Commissioned by Superna - 5 -

Copyright and Disclaimer This publication is Copyright 2017 by AV-Comparatives. Any use of the results, etc. in whole or in part, is ONLY permitted after the explicit written agreement of the management board of AV- Comparatives, prior to any publication. AV-Comparatives and its testers cannot be held liable for any damage or loss, which might occur as result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but a liability for the correctness of the test results cannot be taken by any representative of AV-Comparatives. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data. For more information about AV-Comparatives and the testing methodologies, please visit our website. AV-Comparatives (July 2017) Commissioned by Superna - 6 -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback