Modify ARP/AI snapshot retention periods on ASA r2 storage systems
Suggest changes
PDFs
If Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI) detects abnormal activity on one or more of your ASA r2 system storage units, it automatically creates an ARP snapshot to protect the storage unit's data. Depending upon your storage capacity and the business requirements for your data, you might want to increase or decrease the default ARP snapshot retention period. For example, you might want to increase the retention period for business critical applications so that, if needed, you have longer retention periods for data recovery, or you might want to decrease the retention period for non-critical applications to save storage space.
The default retention period for the ARP snapshot varies depending on the action you take in response to the abnormal activity.
| If you take this action… | ARP snapshots are retained by default for… |
|---|---|
Mark as false positive |
12 hours |
Mark as potential ransomware attack |
7 days |
Do not take immediate action |
10 days |
The default retention periods can be modified using the ONTAP command line interface (CLI). See Modify options for ONTAP automatic snapshots for steps to change the default retention period.