Skip to main content

Enable ONTAP ARP/AI

Contributors netapp-dbagwell netapp-aaron-holt
PDFs

Beginning with ONTAP 9.16.1, ARP has adopted Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI) to improve threat detection and response. After you upgrade your cluster to ONTAP 9.17.1 for SAN or ONTAP 9.16.1 for NAS, ARP/AI will be automatically enabled for FlexVol volumes if ARP is already enabled for those volumes. If you have not enabled ARP or have not enabled ONTAP automatic updates for your cluster, you should follow one of the scenarios described in this procedure.

Important Before upgrading to an ONTAP version with ARP/AI support, close out any existing ARP detections.
Before you begin

  • You must have FlexVol volumes to use ARP/AI. If you have FlexGroup volumes, the ARP model used prior to ARP/AI continues to operate after upgrading to ONTAP 9.16.1 or later.

Note (NAS environments only) When you upgrade to ONTAP 9.16.1 or later, ARP is enabled and becomes active automatically for any existing ARP instances with FlexVol volumes. Because ARP/AI is trained on an extensive machine learning model, a learning period is no longer required. Any learning periods that have not been completed prior to upgrade will automatically be ended, and the volumes transitioned to active ARP/AI.
Steps

  1. Follow the scenario that is specific to your configuration:

    • SAN environments only

      • For new and existing clusters running ONTAP 9.17.1 or later with FlexVol volumes: When you upgrade to or install ONTAP 9.17.1 or later, you should enable ARP on volumes you intend to protect. When you enable ARP using System Manager or the CLI, ARP/AI functionality is automatically enabled. Once enabled on a SAN volume, ARP/AI monitors data continuously during an evaluation period to determine if the workloads are suitable for ARP and set an optimal encryption threshold for detection.

    • NAS environments only

      • For new clusters running ONTAP 9.16.1 or later with FlexVol volumes: Enable ARP. ARP is not enabled by default. After you enable ARP, ARP/AI functionality is automatically enabled on the FlexVol volumes you choose to protect.

      • For existing clusters recently upgraded to ONTAP 9.16.1 and later that have ARP enabled: No action is needed. ARP/AI automatically becomes the new ARP method of threat protection on the FlexVol volumes you've chosen to protect.

      • For existing clusters recently upgraded to ONTAP 9.16.1 and later that do not have ARP enabled: Enable ARP. ARP/AI automatically becomes the new ARP method of threat protection after you enable ARP.

  2. After ARP/AI is enabled, decide whether you want ARP/AI protection updates to be delivered and installed automatically or manually.

Related information