Improving protection against ransomware
Contributors Download PDF of this page
Ransomware attacks can cost a business time, resources, and reputation. Cloud Manager enables you to implement the NetApp solution for ransomware, which provides effective tools for visibility, detection, and remediation.
From the working environment, click the Ransomware icon.
Implement the NetApp solution for ransomware:
Click Activate Snapshot Policy, if you have volumes that do not have a Snapshot policy enabled.
NetApp Snapshot technology provides the industry’s best solution for ransomware remediation. The key to a successful recovery is restoring from uninfected backups. Snapshot copies are read-only, which prevents ransomware corruption. They can also provide the granularity to create images of a single file copy or a complete disaster recovery solution.
Click Activate FPolicy to enable ONTAP’s FPolicy solution, which can block file operations based on a file’s extension.
This preventative solution improves protection from ransomware attacks by blocking common ransomware file types.
The default FPolicy scope blocks files that have the following extensions:
micro, encrypted, locked, crypto, crypt, crinf, r5a, XRNT, XTBL, R16M01D05, pzdc, good, LOL!, OMG!, RDM, RRK, encryptedRS, crjoker, EnCiPhErEd, LeChiffre
Cloud Manager creates this scope when you activate FPolicy on Cloud Volumes ONTAP. The list is based on common ransomware file types. You can customize the blocked file extensions by using the vserver fpolicy policy scope commands from the Cloud Volumes ONTAP CLI.