This paper will assist in designing a “defense-in-depth” strategy to combat ransomware using Deep Security. We will first discuss the generic and the most effective IT strategies over the years against threats and then provide specific configuration guidance on how to leverage Deep Security modules, such as Intrusion Prevention System (IPS), firewall, application control, integrity monitoring and anti-malware, to help create a “defense-in-depth” strategy against ransomware.

This paper is not intended or claimed to provide a “magic” solution to combat ransomware nor should it be believed that there is a single technology which will prevent all of the bad scenarios or the continued proliferation of ransomware.

An information security professional’s job is to make it harder and increasingly frustrating for adversaries by adopting a “defense-in-depth” or “layered security model”. This model recommends “Detective”, “Preventive”, and “Forensic” defensive layers and we will see where Deep Security can fit into this model.