Skip to main content
BlueXP ransomware protection

Configure BlueXP ransomware protection settings

Contributors amgrissino
PDFs

You can configure a backup destination or enable threat detection by reviewing recommendations on the Dashboard.

Enabling threat detection automatically sends data to a security and event management system (SIEM) for threat analysis and detection.

Add a backup destination

BlueXP ransomware protection can identify workloads that do not have any backups yet and also workloads that do not have any backup destinations assigned yet.

To protect those workloads, you should add a backup destination. You can choose one of the following backup destinations:

  • NetApp StorageGRID

  • Amazon Web Services (AWS)

  • Microsoft Azure

You can add a backup destination based on a recommended action from the Dashboard.

The Dashboard provides many recommendations. One recommendation might be to configure a backup destination.

Steps

  1. From the BlueXP left navigation, select Protection > Ransomware protection.

  2. Review the Dashboard's Recommended actions pane.

    Dashboard page

  3. From the Dashboard, select Review and fix for the recommendation of "Prepare <backup provider> as a backup destination."

  4. Continue with instructions depending on the backup provider.

Access the Settings page from the menu

You can easily access the Settings page from the menu.

  1. From the BlueXP ransomware protection menu, select the vertical Vertical Actions…​ option at the top right.

  2. From the menu, select Settings.

  3. To add a backup destination, select Add.

Add StorageGRID as a backup destination

To set up NetApp StorageGRID as a backup destination, enter the following information.

  1. In the Settings > Backup destinations page, select Add.

  2. Enter a name for the backup destination.

    Backup destinations page

  3. Select StorageGRID.

  4. Select the Down arrow next to each setting and enter or select values:

    • Provider settings:

      • Create a new bucket or bring your own bucket that will store the backups.

      • StorageGRID gateway node fully qualified domain name, port, StorageGRID access key and secret key credentials.

    • Networking: Choose the IPspace.

      • The IPspace is the cluster where the volumes you want to back up reside. The intercluster LIFs for this IPspace must have outbound internet access.

    • Backup lock: Choose whether you want the service to protect backups from being modified or deleted. This option uses the NetApp DataLock technology. Each backup will be locked during the retention period, or for a minimum of 30 days, plus a buffer period of up to 14 days.

      Caution If you configure the backup lock setting now, you cannot change the setting later after the backup destination is configured.

      • Compliance mode: Users cannot overwrite or delete protected backup files during the retention period.

  5. Select Add.

Result

The new backup destination is added to the list of backup destinations.

Backup destinations page the Settings option

Add Amazon Web Services as a backup destination

To set up AWS as a backup destination, enter the following information.

For details about managing your AWS storage in BlueXP, refer to Manage your Amazon S3 buckets.

  1. In the Settings > Backup destinations page, select Add.

  2. Enter a name for the backup destination.

    Backup destinations page

  3. Select Amazon Web Services.

  4. Select the Down arrow next to each setting and enter or select values:

    • Provider settings:

    • Encryption: If you are creating a new S3 bucket, enter encryption key information given to you from the provider. If you chose an existing bucket, encryption information is already available.

      Data in the bucket is encrypted with AWS-managed keys by default. You can continue to use AWS-managed keys, or you can manage the encryption of your data using your own keys.

    • Networking: Choose the IPspace and whether you'll be using a Private Endpoint.

      • The IPspace is the cluster where the volumes you want to back up reside. The intercluster LIFs for this IPspace must have outbound internet access.

      • Optionally, choose whether you'll use an AWS private endpoint (PrivateLink) that you previously configured.

        If you want to use AWS PrivateLink, refer to AWS PrivateLink for Amazon S3.

    • Backup lock: Choose whether you want the service to protect backups from being modified or deleted. This option uses the NetApp DataLock technology. Each backup will be locked during the retention period, or for a minimum of 30 days, plus a buffer period of up to 14 days.

      Caution If you configure the backup lock setting now, you cannot change the setting later after the backup destination is configured.

      • Governance mode: Specific users (with s3:BypassGovernanceRetention permission) can overwrite or delete protected files during the retention period.

      • Compliance mode: Users cannot overwrite or delete protected backup files during the retention period.

  5. Select Add.

Result

The new backup destination is added to the list of backup destinations.

Backup destinations page the Settings option

Add Microsoft Azure as a backup destination

To set up Azure as a backup destination, enter the following information.

For details about managing your Azure credentials and marketplace subscriptions in BlueXP, refer to Manage your Azure credentials and marketplace subscriptions.

  1. In the Settings > Backup destinations page, select Add.

  2. Enter a name for the backup destination.

    Backup destinations page

  3. Select Azure.

  4. Select the Down arrow next to each setting and enter or select values:

    • Provider settings:

    • Encryption: If you are creating a new storage account, enter encryption key information given to you from the provider. If you chose an existing account, encryption information is already available.

      Data in the account is encrypted with Microsoft-managed keys by default. You can continue to use Microsoft-managed keys, or you can manage the encryption of your data using your own keys.

    • Networking: Choose the IPspace and whether you'll be using a Private Endpoint.

      • The IPspace is the cluster where the volumes you want to back up reside. The intercluster LIFs for this IPspace must have outbound internet access.

      • Optionally, choose whether you'll use an Azure private endpoint that you previously configured.

        If you want to use Azure PrivateLink, refer to Azure PrivateLink.

    • Backup lock: Choose whether you want the service to protect backups from being modified or deleted. This option uses the NetApp DataLock technology. Each backup will be locked during the retention period, or for a minimum of 30 days, plus a buffer period of up to 14 days.

      Caution If you configure the backup lock setting now, you cannot change the setting later after the backup destination is configured.

      • Unlocked: Specific users can overwrite or delete protected files during the retention period.

      • Locked: Users cannot overwrite or delete protected backup files during the retention period. This option satisfies full regulatory compliance.

  5. Select Add.

Result

The new backup destination is added to the list of backup destinations.

Backup destinations page the Settings option

Enable threat detection

You can automatically send data to a security and event management system (SIEM) for threat analysis and detection.

  1. From the BlueXP left navigation, select Protection > Ransomware protection.

  2. From the BlueXP ransomware protection menu, select the vertical Vertical Actions…​ option at the top right.

  3. Select Settings.

    The Settings page appears.

    Settings page

  4. In the Settings page, select Connect in the SIEM connection pane.

  5. Enter SIEM server details to enable threat detection.

  6. Select Enable.

    The Settings page shows "Connected."