View workload health at a glance using the Dashboard
The BlueXP ransomware protection Dashboard provides at-a-glance information about the protection health of your workloads. You can quickly determine workloads that are at risk or protected, identify workloads impacted by an incident or in recovery, and gauge the extent of protection by looking at how much storage is protected or at risk.
You can also use the Dashboard to review and act on protection recommendations, access global settings, download reports, and access this technical documentation.
Review workload health using the Dashboard
-
From the BlueXP left navigation, select Protection > Ransomware protection.
After discovery, the Dashboard shows you the health of workload data protection.
-
From the Dashboard, you can view and do any of the following in each of the panes:
-
Workload data protection: Click View all to see all workloads that are at risk or protected on the Protection page. Workloads are at risk when protection levels don’t match a protection policy. Refer to Protect workloads.
-
Alerts and workload data recovery: Click View all to see active incidents that have impacted your workload, are ready for recovery after incidents are neutralized, or are in recovery. Refer to Respond to a detected alert.
An incident is categorized in one of the following states:
-
Impacted (shows on Alerts page)
-
Ready for recovery (shows on Recovery page)
-
Recovering (shows on Recovery page)
-
Recovery failed (shows on Recovery page)
-
Recovered (shows on Recovery page)
-
-
Recommended actions: To increase protection, review each recommendation and click Review and fix.
Any recommendations that were added since you last visited the Dashboard are indicated with “New” for at least 24 hours. Actions are listed in priority order with the most important at the top. You can review and act on each one or dismiss it.
The total number of actions does not include dismissed actions.
-
Workload data: Monitor changes in protection coverage over the last 7 days.
-
Workload backups: Monitor changes in workload backups created by the service that failed or completed successfully in the last 7 days.
-
Review protection recommendations on the Dashboard
BlueXP ransomware protection assesses the protection on your workloads and recommends actions to improve that protection.
You can review a recommendation and act on it, which changes the recommendation status to Complete. Or, if you want to act on it later, you can dismiss it. Dismissing an action moves the recommendation to a list of dismissed actions, which you can review later.
Here is a sampling of the recommendations that the service offers.
Recommendation | Description | How to resolve |
---|---|---|
Add a ransomware protection policy |
The workload is currently not protected. |
Assign a policy to the workload. |
Configure backup destinations |
The workload does not currently have any backup destinations. |
Add backup destinations to this workload to protect it. |
Edit workload name |
Your workloads are using default names. |
Give your workload a descriptive name. |
Enable threat detection |
Send data to a security and event management system (SIEM) for threat analysis and detection. |
Enter SIEM/XDR server details to enable threat detection. |
Enable workload-consistent protection for applications or VMware |
These workloads are not managed by SnapCenter Software or SnapCenter Plug-in for VMware vSphere. |
To have them managed by SnapCenter, enable workload-consistent protection. |
Make a policy stronger. |
Some workloads might not have enough protection. Strengthen protection on workloads with a policy. |
Increase retention, add backups, enforce immutable backups, block suspicious file extensions, enable detection on secondary storage and more. |
Protect critical or highly important application workloads against ransomware. |
The Protect page displays critical or highly important (based on the Priority level assigned) application workloads that are not protected. |
Assign a policy to these workloads. |
Protect critical or highly important file share workloads against ransomware. |
The Protection page displays critical or highly important workloads of the type File Share or Datastore that are not protected. |
Assign a policy to each of the workloads. |
Review new alerts |
New alerts exist. |
Review the new alerts. |
-
From the BlueXP left navigation, select Protection > Ransomware protection.
-
From the Recommended actions pane, select a recommendation and select Review and fix.
-
To dismiss the action until later, select Dismiss.
The recommendation clears from the To Do list and appears on the Dismissed list.
You can later change a dismissed item to a To Do item. When you mark an item completed or you change a dismissed item to a To Do action, the Total actions increases by 1. -
To review information on how to act on the recommendations, select the information icon.
Download CSV files
You can download CSV files that show details of protection, alerts, and recovery.
You can download CSV files from any of the main menu options:
-
Dashboard: Contains all summary information for all workloads.
-
Protection: Contains the status and details of all workloads, including the total number protected and at risk.
-
Alerts: Includes the status and details of all alerts, including the total number of alerts and automated Snapshots.
-
Recovery: Includes the status and details of all workloads that need to be restored, including the total number of workloads marked "Restore needed", "In progress," "Restore failed" and "Successfully restored."
If you download CSV files from the Protection, Alerts, or Recovery page, only the data on that page is included in the CSV file.
The CSV files include data for all workloads on all BlueXP working environments.
-
From the BlueXP left navigation, select Protection > Ransomware protection.
-
From the Dashboard or other page, select the Refresh option in the upper right to refresh the data that will appear in the files.
-
Do one of the following:
-
From the Dashboard or other page, select the Download option.
-
From the BlueXP ransomware protection menu, select Reports.
-
-
If you selected the Reports option, select one of the preconfigured named files and select Download (CSV).
Access technical documentation
You can access the technical documentation from docs.netapp.com or from inside the BlueXP ransomware protection service.
-
From the BlueXP left navigation, select Protection > Ransomware protection.
-
From the Dashboard, select the vertical Actions option.
-
Select What's new to view details in the Release Notes or Documentation to view the BlueXP ransomware protection documentation Home page.