Enabling Ransomware Prevention

Ransomware Protection

Ransomware protection only detects ransomeware but do not block them. If you need to isolate and kill ransomware based on the detection result, see Isolating and Killing Malicious Programs.

Prerequisite

You have purchased Host Security Service premium or WTP edition.

Constraint

• Only Huawei Cloud servers can be protected.
• When enabling ransomware protection, configure server backup, handle the ransomware alarms, and fix system and middleware vulnerabilities in a timely manner. If the Server Backup function is not enabled, services may not be restored after being attacked.
• Servers that are not protected by HSS premium, WTP, or container editions do not support ransomware prevention operations.
• In pay-per-use billing mode, ransomware protection is not supported.

Procedure

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
   Figure 1 Accessing HSS
   

3. In the displayed dialog box, click Try the new edition to switch to the HSS (New) console.
   

   • Currently, HSS is available in the following regions: CN South-Guangzhou, CN-Hong Kong, AP-Bangkok, and AP-Singapore.
   • On the HSS (New) console, you can click Back to Old Console in the upper left corner to switch to the HSS (Old) console.

4. In the navigation pane, choose Prevention > Ransomware Prevention. Click the Protected Servers tab. Click Add Server.
   

   If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

   Figure 2 Enabling server protection
   

5. In the dialog box that is displayed, select Linux, enable protection, configure the policy, and click Next. For more information, see Table 1.
   Figure 3 Configuring ransomware prevention
   

   Table 1 Ransomware prevention parameters

   Parameter	Description	Example Value
   OS	Server OS to be protected.	Linux
   Ransomware Prevention	: enabled : disabled
   Policy	Select an existing policy or create a new one. Use policy: Select an existing policy. Create new: Create a policy.	Use policy
   Policy	Select an existing policy.	-

6. Click Next. Configure server backup and retention.
   • Server backup is enabled by default and must be enabled.
   • Enable server backup and configure the retention rule. For details, see Modifying a Backup Policy.
     Figure 4 Configuring server backup
     
     

     The server backup function must be enabled. If the server backup function is disabled, you cannot perform the next step.

7. Click Next and select servers. You can search for a server by its name or by filtering.
   Figure 5 Selecting servers
   

8. Click OK.
9. In the navigation pane, choose Prevention > Ransomware Prevention. Click the Protected Servers tab and check protected servers.