AD360 / ENABLING IT (5MIN)
There are several good products on the IT security market. However, it can easily get complicated when it comes to setting up these different products in order to have it work the best possible way and give the maximum amount of safety for your environment. With the help of Panda's automatic classification of processes where nothing unknown is allowed to run, we can with 100% certainty know that nothing malicious will run and infect our network. That's why we recommend Pandas solution.
The difference between Panda Adaptive Defense and Panda Adaptive Defense 360 is that 360 includes antivirus. So in case you already have a traditional antivirus solution, you may still use Panda Adaptive Defense in order to complement your already existing solution.
Once you have purchased your product, you will receive an automatic email to activate your login and where you can create a password. Do you not have Panda Adaptive Defense, want help with the installation and management of the service? We fix everything for you and much more by clicking here!
Now you have free access to download the agent you want. If you have Mac or Linux instead of Windows, you can still use Panda's antivirus, but without the overall solution of Adaptive Defense. Once the software is installed, your machine will appear in your new web console.
CONFIGURE YOUR SOLUTION (15MIN) (PART1)
In order for your machines to be as safe as possible, the Advanced Protection should be set to Lock mode. Below you can see where to configure the protection to Lock mode. Here it is also stated that the protection should report (pop-up) when something is blocked on the computer, which also gives the administrator an option to unblock the file immediately. However, this is not recommended, only advanced users / developers should use this option to quickly unlock files that they know for sure are harmless.
In this case, the security profile is named Lock mode without web, and currently allows the users on the computer to approve files. The profile should also have network limit configured, as shown below:
CONFIGURE YOUR SOLUTION (15MIN) (PART 2)
Assign the security profile to the computers in order for the security profile to take effect, you need to set up which computers with installed agents to have this policy. All installed computers will appear in the web console under different groups. If you have an AD (Active Directory) then it will implement the AD groups for you. Otherwise, you may create new groups and move computers between the groups just as you like. You can do this when you know which computers / groups should have this policy. Then you add the policy on the group as shown:
Security Settings for Workstations & Servers -> Then select the security profile you created
As you can also see in the picture, there are several different settings that can be configured, which can be done in 'settings'. It may be good to set the profile for Per-Computer settings that determines how software should be updated. You can find all these settings under each heading.
If computers are not in the group, which should be there. Then you can mark the units you want to move by marking the relevant computers via the checkbox to the left of the computer name. When you select the computers you will get the following options that allow you to move, isolate or set schedule jobs for patch management, see pictures:
CLOSE PORT 3389 (10MIN)
To be completely secure, you must close port 3389 (well, it shouldn't be open for RDP). You do this in your firewall that you usually access via 192.168.1.1 or 192.168.0.1. Usually this is not public, unless you or someone else has opened it.
The port 3389 is used by default for RDP and if public then it constitutes an opportunity to scan the network and find your computer. If you need to use RDP for external communication outside your network, we recommend that you use a VPN. This means that you expand your local network, and VPN functions are usually found in most firewalls.
If you need the RDP function, then it is good to consider using a VPN or changing which port is used for RDP and then set an alarm via Panda's ART, so you get an alarm in case there's any unwanted activity. Setting an alarm at the RDP port is recommended, even if you have the port closed in case the firewall is opened and a bruteforce attack is initiated.
Congratulations! Now your computer is secured, and you don't have to worry about ransomware.
If you need assistance with surveillance or additional configurations, you are most welcome to contact us.