Forrester’s New Tech: Microsegmentation, Q3 2021
“Ransomware, once it gets into a network perimeter via phishing or other threat vector, spreads internally through SMB exploits…and RDP exploits…microsegmentation will slow down the propagation of future ransomware.”
Key Steps to Solve
How Akamai Guardicore Segmentation (formerly Guardicore Centra) helps you stop ransomware.
Identify every application and asset running in your IT environment.
Create rules to prevent common ransomware propagation techniques.
Receive alerts to any attempts to gain access to segmented applications and backups.
Initiate threat containment and quarantine measures when an attack is detected.
Use advanced visualization capabilities to support phased recovery strategies.
Ransomware attacks are only successful if they’re allowed to spread
Akamai Guardicore Segmentation gives you the visibility and precise policy controls you need to stop lateral movement by attackers in both data center and cloud environments.
Cut off common ransomware propagation vectors proactively by:
- Isolating critical applications, backups, file servers and databases
- Implementing Zero Trust access from users to applications
- Restricting endpoint-to-endpoint communication
This will limit the blast radius if an isolated ransomware infection occurs.
Akamai Guardicore Segmentation also helps you detect in-progress attacks and respond quickly with targeted countermeasures. Based on the specific indicators of compromise observed, you can take steps like:
- Adding isolation rules to quarantine affected endpoints or network areas
- Disabling services and communications channels targeted by specific ransomware attacks
- Temporarily blocking all access to backups and critical applications
Guardicore’s software-based approach gives security teams the agility and flexibility they need to mitigate the potentially devastating risks of ransomware attacks.
When a Guardicore customer was targeted by the same Darkside ransomware attack used against Colonial Pipeline, the outcome was different. Fast response and agile use of targeted microsegmentation policies stopped the attack in its tracks.