Skip to main content
Cloud Insights

Automated Response Policies

Contributors netapp-alavoie

Response Policies trigger actions such as taking a snapshot or restricting user access in the event of an attack or abnormal user behavior.

Note Workload Security is not available in Cloud Insights Federal Edition.

You can set policies on specific devices or all devices. To set a response policy, select Admin > Automated Response Policies and click the appropriate +Policy button. You can create policies for Attacks or for Warnings.

Create Attack Policy

You must save the policy with a unique name.

To disable an automated response action (for example, Take Snapshot), simply un-check the action and save the policy.

When an alert is triggered against the specified devices (or all devices, if selected), the automated response policy takes a snapshot of your data. You can see snapshot status on the Alert detail page.

See the Restrict User Access page for more details on restricting user access by IP.

You can modify or pause an Automated Response Policy by choosing the option in the policy's drop-down menu.

Workload Security will automatically delete snapshots once per day based on the Snapshot Purge settings.

Snapshot Purge Settings