NetApp Ransomware Resilience prerequisites

10/14/2025 Contributors

Get started with NetApp Ransomware Resilience by verifying the readiness of your operational environment, login, network access, and web browser.

To use Ransomware Resilience, you'll need to satisfy the following prerequisites.

In the NetApp Console

A NetApp Console user account with Organization Admin privileges for discovering resources.
A Console organization with at least one active Console agent connecting to on-premises ONTAP clusters or to Cloud Volumes ONTAP in AWS or in Azure.
The Console agent must have the cloudmanager-ransomware-protection container in an active state.

At least one Console system with a NetApp on-premises ONTAP cluster or Cloud Volumes ONTAP in AWS or Azure. Ransomware Resilience supports both NAS (NFS and SMB) and SAN (iSCSI, FC, and NVMe) protocols.

Ransomware Resilience is supported with ONTAP or Cloud Volumes ONTAP clusters with ONTAP version 9.11.1 or greater.

If you plan to use Ransomware Resilience on SAN workloads, you must be running ONTAP 9.17.1 or later.

If your on-premises ONTAP clusters or Cloud Volumes ONTAP in AWS or in Azure cloud are not already onboarded in the Console, you need a Console agent.

Refer to Learn how to configure a Console agent and standard Console requirements.

If you have multiple Console agents in a single Console organization, the Ransomware Resilience will scan ONTAP resources across all Console agents beyond the one that is currently selected in the Console UI.

In ONTAP 9.11.1 and later

An ONTAP One license is enabled on the on-premises ONTAP instance.

A license for NetApp Autonomous Ransomware Protection, used by Ransomware Resilience, enabled on the on-premises ONTAP instance, depending on the version of ONTAP you are using. Refer to Autonomous Ransomware Protection overview.

The general release of Ransomware Resilience, unlike the Preview release, includes a license for NetApp Autonomous Ransomware Protection technology. Refer to Autonomous Ransomware Protection overview for details.

For more licensing details, refer to Learn about Ransomware Resilience.

To apply protection configurations (such as enabling Autonomous Ransomware Protection and others), Ransomware Resilience needs admin permissions on the ONTAP cluster. The ONTAP cluster should have been onboarded using ONTAP cluster admin user credentials only.
If the ONTAP cluster is already onboarded in the Console using non-admin user credentials, then the non-admin user permissions must be updated with necessary permissions by logging into the ONTAP cluster, described on this page.

Data backups

An account in NetApp StorageGRID, AWS S3, Azure Blob, or Google Cloud Platform for backup targets and the access permissions set.

Refer to the AWS, Azure, or S3 permissions list for details.
NetApp Backup and Recovery does not need to be enabled on the system.

Ransomware Resilience helps configure a backup destination through the Settings option. See Configure settings.

Suspicious user behavior

For Ransomware Resilience to provide alerts about suspicious user behavior, you must configure a user activity agent. For more information, see Configure suspicious user activity detection in NetApp Ransomware Resilience.

Update non-admin user permissions in an ONTAP system

If you need to update non-admin user permissions for a particular system, complete these steps.

Log in to the Console and look for the system that needs its ONTAP user permissions updated.
Select the system to see details.
Select View additional information to display the username.
Log in to the ONTAP cluster CLI using the admin user.

Display the existing roles for that user. Enter:

security login show -user-or-group-name <username>

Change the role for the user. Enter:

security login modify -user-or-group-name <username> -application console|http|ontapi|ssh|telnet -authentication-method password -role admin

Return to the Ransomware Resilience UI to use it.