Views:

To protect endpoints from WannaCry/WCry or similar ransomware using TMEAC, do the following:

  1. Install or upgrade to TMEAC v2.0 SP1 Patch 1 Build 1550.
  2. Create and deploy Device Lockdown Policy to vulnerable endpoints. Do the following:
    1. Login to EAC Web UI and go to Management > Policies.
    2. Click +Add Policy and select *New.
    3. Provide the following information:
      • Name: Device Lockdown Policy
      • Users and Endpoints: <select target user or endpoint>
    4. Expand the Rules tab.
    5. Click +Assign Rule and select New Lockdown.
       
      If a Lockdown rule exists, select Existing instead and search for the Lockdown rule to assign to the policy.
    6. Uncheck the Always allow all applications in the Windows directory (overrides Block and Lockdown rules) checkbox.
    7. Click Save to start applying the policy to endpoints.

Alternately, you can download the Device Lockdown Policy Template here and import it to your current Application Control policy list.

If further assistance is needed, contact Trend Micro Technical Support.