Site icon Sophos News

Don’t get hit by Petya or WannaCry: how to configure your firewall

The recent WannaCry and Petya malware outbreaks were the first widespread network worms for several years.

Worms differ from regular malware attacks because they can spread by themselves, often without needing any help from users.

Both WannaCry and Petya included what’s known as an network exploit: they sent out malicious network packets to take advantage of vulnerabilities in unpatched Windows computers on the network.

The good news is the IPS engine in Sophos SG and Sophos XG firewalls can help to stop attacks of this sort by watching out for, and neutralizing, malicious packets needed for the worm to spread.

However, there are some things you need to know if you want your Sophos firewalls to block network attacks *inside* your network as well as from outside.

(Spreading inside a network is known in the jargon as lateral movement. Hackers and crooks often use one trick to get in, and then another to find their way around internally.)

To prevent the spread of worms and bots on your network:

Applying IPS protection to a Firewall Rule doesn’t get any simpler than this.

For more information on how firewalls can help against threats like WannaCry and Petya, listen to our WannaCry Webcast or visit https://community.sophos.com/kb/en-us/124744.

Exit mobile version