Skip to main content
NetApp Ransomware Resilience

NetApp Ransomware Resilience prerequisites

Contributors amgrissino netapp-ahibbard netapp-bcammett
PDFs

Get started with NetApp Ransomware Resilience by verifying the readiness of your operational environment, network access, and web browser.

To use Ransomware Resilience, ensure you meet the prerequisites.

Supported systems

Ensure you're using a supported system:

  • On-premises ONTAP NAS (using NFS and CIFS protocols) with ONTAP version 9.11.1 and greater

  • On-premises ONTAP SAN (using FC, iSCSI, and NVMe protocols) with ONTAP version 9.17.1 and greater

  • Cloud Volumes ONTAP 9.11.1 or greater for AWS (using NFS and CIFS protocols)

  • Cloud Volumes ONTAP 9.11.1 or greater for Google Cloud Platform (using NFS and CIFS protocols)

  • Cloud Volumes ONTAP 9.12.1 or greater for Microsoft Azure (using NFS and CIFS protocols)

  • Cloud Volumes ONTAP 9.17.1 or greater for AWS, Google Cloud Platform, and Microsoft Azure (using FC, iSCSI, and NVMe protocols)

  • Amazon FSx for NetApp ONTAP, which uses Autonomous Ransomware Protection (ARP and not ARP/AI)

Note Using ARP/AI in ONTAP requires ONTAP 9.16 or greater.
ONTAP doesn't provide ransomware protection support for FlexGroup volumes, mount point volumes, mount path volumes, offline volumes, and Data protection (DP) volumes. Ensure you review supported and unsupported configurations in ONTAP.

NetApp Console requirements

Your NetApp Console configuration requires:

  • A NetApp Console user account with Organization Admin privileges for discovering resources.

  • A Console organization and system with at least one active Console agent connecting to a supported system.

    • If your on-premises ONTAP clusters or Cloud Volumes ONTAP in AWS or in Azure cloud are not set up in the Console, see Learn how to configure a Console agent and standard Console requirements.

      Note If you have multiple Console agents in a single Console organization, the Ransomware Resilience will scan ONTAP resources across all Console agents beyond the one that is currently selected in the Console UI.

  • The Console agent must have the cloudmanager-ransomware-protection container in an active state.

  • At least one Console system with a NetApp on-premises ONTAP cluster or Cloud Volumes ONTAP in AWS or Azure. Ransomware Resilience supports both NAS (NFS and SMB) and SAN (iSCSI, FC, and NVMe) protocols.

    • Ransomware Resilience is supported with ONTAP or Cloud Volumes ONTAP clusters with ONTAP version 9.11.1 or greater.

      Note To use Ransomware Resilience on SAN workloads, you must be running ONTAP 9.17.1 or later.

ONTAP requirements

  • You must be running ONTAP 9.11.1 or later with an ONTAP One license enabled on the on-premises ONTAP instance. For more information about ONTAP support, see Autonomous Ransomware Protection overview.

  • To apply protection configurations (such as enabling Autonomous Ransomware Protection), Ransomware Resilience needs admin permissions on the ONTAP cluster. The ONTAP cluster should have been onboarded using ONTAP cluster admin user credentials only.

Note If you've connected an ONTAP cluster to the Console with non-admin credentials, [you must update the credentials in the ONTAP cluster](#update-non-admin-user-permissions-in-an-ontap-system).

Data backups

  • An account in NetApp StorageGRID, AWS S3, Azure Blob, or Google Cloud Platform for backup targets with appropriate access permissions configured.

    Refer to the AWS, Azure, or S3 permissions list for details.

  • NetApp Backup and Recovery does not need to be enabled on the system.

    Ransomware Resilience helps configure a backup destination through the Settings option. See Configure settings.

Suspicious user behavior

For Ransomware Resilience to provide alerts about suspicious user behavior, you must configure a user activity agent. For more information, see Configure suspicious user activity detection in NetApp Ransomware Resilience.

Update non-admin user permissions in an ONTAP system

If you need to update non-admin user permissions for a particular system, complete these steps.

  1. Log in to the Console and look for the system that needs its ONTAP user permissions updated.

  2. Select the system to see details.

  3. Select View additional information to display the username.

  4. Log in to the ONTAP cluster CLI as an admin user.

  5. Display the existing roles for that user. Enter:

    security login show -user-or-group-name <username>

  6. Change the role for the user. Enter:

    security login modify -user-or-group-name <username> -application console|http|ontapi|ssh|telnet -authentication-method password -role admin

  7. Return to the NetApp Console to use Ransomware Resilience.