Configuring URL Filtering policy to block Ransomware on InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2 (SP2)

Interscan Web Security Virtual Appliance6.5

Last updated: 2021/08/28

Solution ID: KA-0006342

Category: Configure

IWSVA 6.5 SP2 introduces a new URL Category, Ransomware, to protect customers from Ransomware attacks.

Customers can check the total number of ransomware that IWSVA has detected on IWSVA web console > dashboard.

Customers need to apply Hot fix1622 based on IWSVA 6.5 SP2 CP 1608.

To block Ransomware, configure the URL filtering policy on IWSVA 6.5 SP2:

Go to Web Console > HTTP > URL Filtering > Policies and make sure that URL filtering is enabled.
Go to Web Console > HTTP > URL Filtering > Policies | Policy | Rule. Click the plus sign next to Internet Security to expand the list of categories. Navigate to Ransomware and set the Action to "Block".

Click image to enlarge.
Verify the solution by accessing the sample site:

http://ca95-1.winshipway.com/

A notification page will be displayed for blocking Ransomware.

Click image to enlarge.
On the top right side of IWSVA dashboard, customers could check the total ransomware detections:

Click image to enlarge.

Click Total Ransomware Detections to check the details of the detected ransomware:

Click image to enlarge.

Was this article helpful?