Cyber vault ONTAP terminology
These are the terms commonly used in cyber vault architectures.
Autonomous Ransomware Protection (ARP) - Autonomous Ransomware Protection (ARP) feature uses workload analysis in NAS (NFS and SMB) environments to proactively, and in real time, detect and warn about abnormal activity that might indicate a ransomware attack. When an attack is suspected, ARP also creates new Snapshot copies, in addition to existing protection from scheduled Snapshot copies. For more information, see the ONTAP documentation on Autonomous Ransomware Protection
Air-gap (Logical) - You can configure NetApp storage with ONTAP as a logical air-gapped cyber vault by leveraging SnapLock Compliance to WORM-protect Snapshot copies
Air-gap (Physical) - A physical air-gapped system has no network connectivity to it. Using tape backups, you can move the images to another location. The SnapLock Compliance logical air-gap is just as robust as a physical air-gapped system.
Bastion host - A dedicated computer on an isolated network, configured to withstand attacks.
Immutable Snapshot copies - Snapshot copies that are not able to be modified, without exception (including a support organization or the ability to low level format the storage system).
Indelible Snapshot copies - Snapshot copies that are not able to be deleted, without exception (including a support organization or the ability to low level format the storage system).
Tamperproof Snapshot copies - Tamperproof Snapshot copies use the SnapLock Compliance clock feature to lock Snapshot copies for a specified period. These locked snapshots can not be deleted by any user or NetApp support. You can use locked Snapshot copies to recover data if a volume is compromised by a ransomware attack, malware, hacker, rogue administrator or accidental deletion. For more information, see the ONTAP documentation on Tamperproof Snapshot copies
SnapLock - SnapLock is a high-performance compliance solution for organizations that use WORM storage to retain files in unmodified form for regulatory and governance purposes. For more information, see the ONTAP documentation on SnapLock.
SnapMirror - SnapMirror is disaster recovery replication technology, designed to efficiently replicate data. SnapMirror can create a mirror (or exact copy of the data), vault (a copy of the data with longer Snapshot copy retention), or both to a secondary system, on premises or in the cloud. These copies can be used for many different purposes such as a disaster, bursting to the cloud, or a cyber vault (when using the vault policy and locking the vault). For more information, see the ONTAP documentation on SnapMirror
SnapVault - In ONTAP 9.3 SnapVault was deprecated in favor of configuring SnapMirror using the vault or mirror-vault policy. This is term, while still used, has been depreciated as well. For more information, see the ONTAP documentation on SnapVault.