By Martin Phan, Solutions Architect, Catalogic Software
NetApp is certainly doing their best to make their
customers' lives easier by extending their product portfolio and data footprint
to the cloud. By providing innovative technologies like ONTAP Select (NetApp's
operating system, Data ONTAP, running as a virtual appliance in the cloud) or
Cloud Volumes ONTAP (CVO) which allows users to seamlessly extend Data ONTAP volume
functionality to a NetApp volume hosted in the cloud, customers are easily able
to migrate workloads to the cloud without losing the familiarity of NetApp
technologies. As NetApp continues to innovate and help drive the migration of
data to the public cloud, some questions may arise in the minds of users:
-
"How do I protect the data on my cloud from
unauthorized access or Ransomware attack?"
-
"How do I audit my data to see how often it is being
accessed and by whom?"
-
"How can I control what is being written to my
storage (i.e. only Word and Excel documents are permitted)?"
While there is the desire to adopting storage workloads in the
cloud, you certainly don't want to shell out $$$ to house someone's music
collection or run the risk of Ransomware being introduced to your internal
environment via cloud storage. So how do you expand your footprint into the
cloud and take advantage of the awesome potential of limitless storage, while auditing
exactly what is happening to ensure that you are making the most of your
investment?
This is where tools such as CryptoSpike
and RestoreManager
can help you keep a close eye on your NetApp data residing in the Data Center or
in the cloud. Let us look at how CryptoSpike's real-time monitoring can prevent
unauthorized data or Ransomware from ever landing in your environment.
CryptoSpike now available for NetApp Cloud
CryptoSpike operates by monitoring the file transactions
that are occurring within NetApp volumes. By intercepting all the SMB
transactions that are occurring on your storage, from either on-premise and/or
cloud, you are able to audit the activity that occurs on the storage volumes
directly.
CryptoSpike can automatically take action when known
ransomware signatures or restricted files (controlled by a blacklist) are encountered
or rejecting all files from being written/modified, etc. with the exception of
only a certain file type (controlled by a whitelist).
This auditing can occur as CryptoSpike communicates with the
underlying NetApp storage technology, be it a physical controller running NetApp's
Data ONTAP OS or a virtualized controller/container object running on NetApp
ONTAP Select or Cloud Volumes ONTAP. The flexibility to audit your filesystem
activity, regardless of where the data resides, is possible through CryptoSpike.
Once CryptoSpike determines a violation, it can flag or
block the user entirely and automatically revert the changes made from the user,
using the latest NetApp snapshot (without having to restore all the data from
the snapshot.)
Below are screenshots on the granularity of the auditing.
CryptoSpike is monitoring nearly everything, from the type of request, where it
is coming from, from whom, the time these operations are taking place, etc.
This information can be charted and graphed to allow IT administrators to
visualize and compare their data center vs. cloud storage and apply their
investments where they can receive the most return.
Screenshot 1 - Reviewing filesystem
activity for users using CryptoSpike reports.
Screenshot 2 - SMB / NFS
transactions over defined window of time. SMB transactions from create, delete,
read, write, rename, etc. can be recorded.
For customers looking for this level of auditing and data
governance, Catalogic Software is certain CryptoSpike can fulfill your needs
for auditing NetApp file storage on-prem or in the cloud. For a live demo -
check Catalogic's website or YouTube
Channel.
##
Note: CryptoSpike and RestoreManager are licensed by subscription.
When working with physical NetApp controllers, the license is per
controller and when working with cloud storage, i.e. ONTAP Select or
CVO, the license is based on capacity. For further details – contact
your local Catalogic Sales representative to get started on a free
30-day trial.
About the Author
Martin Phan takes pride in leveraging his 20+ years of experience in the software-industry supporting, developing, implementing and selling enterprise software and data protection solutions to help customer solve their backup and recovery challenges.