Active Protection

Active Protection protects your system from ransomware. Ransomware is a type of malicious software that blocks access to your files, systems, or networks by encrypting them, and then demands payment (ransom) to restore the access. A ransomware attack can cause serious operational disruption, data loss, and reputational damage for your organization.

The availability of this feature depends on the service quotas that are enabled for your account.

Default setting: Enabled.

The availability of this feature depends on the license that you have.

A protection agent must be installed on the protected machine. For more information about the supported operating systems and features, see Supported operating systems for antivirus and antimalware protection.

To configure Active Protection

  1. In the Create protection plan window, expand the Antivirus & Antimalware protection module.
  2. Click Active Protection.
  3. In the Action on detection section, select one of the available options:
    • Notify only — The software generates an alert about the process suspected of ransomware activity.
    • Stop the process — The software generates an alert and stops the process suspected of ransomware activity.
    • Revert using cache — The software generates an alert, stops the process, and reverts the file changes by using the service cache.

    Default setting: Revert using cache

  4. Click Done to apply the selected options to your protection plan.