SnapGuard™ provides you with peace of mind by protecting your data fabric from malicous software and users. SnapGuard has been designed specifically for NetApp Data ONTAP storage systems and is therefore the ideal software for corporations already running on or planning to run on NetApp.
When endpoint security fails, shared data stored on your NetApp Data ONTAP systems is at risk and ransomware may freely jeopardize your valuable data. SnapGuard not only helps you to protect your assets, but can also help if your system has already been attacked.
Cleondris is not only the first company that came up with the idea of implementing active ransomware detection and automatic defense using NetApp's built-in FPolicy mechanism. We are also the first to offer a combined FPolicy + EVTX (NetApp file service audit) processing to even better protect your data. Our firewall is able to run in-band, malicious behavior can be stopped on the spot.
No matter what protective measures you take, it is still possible that data from clients is corrupted by malicious software operating with currently still unknown approaches. Restoring a whole volume with SnapRestore to an earlier snapshot is often no option, as good and bad changes are reverted at the same time. be. The unique differential restore in SnapGuard allows you to repair defective data only - at the same time, good modifications are left as-is.
Observe CIFS and NFS client activity in real-time. Thanks to SnapGuard's live view, administrators can immediately see all ongoing operations on a NetApp volume and clients showing suspicious behavior can be put on a block list with a single click. The live view is completely agent-less and can be attached to any ONTAP volume in real-time.
If you suspect that a NetApp flexible volume has been damaged by ransomware, the SnapGuard integrated volume analyzer let's you efficiently generate a metadata break-down, including overview of all used file-extensions and their location/distribution in the file system. Thanks to Data ONTAP SnapDiff and NDMP functionality, the analysis does not need any CIFS connectivity. Based on the results, you can then initiate a differential restore.
The optional Data Manager Tools (DMT) allow the off-loading of firewall functionality to computers in different security zones. This approach makes SnapGuard ideal for service providers: it only communicates inside the secure management network over the NetApp ZAPI, NDMP and SnapDiff APIs with the nodes and the cluster admin vserver (or 7-Mode vfiler0) of Data ONTAP. Only for FPolicy communication access to the ONTAP data interfaces in the customer zone is needed - thanks to DMT, this can be properly separated from the management network.
Also in 2018 we will continue to improve SnapGuard. Cleondris is currently adding exciting new features to the SnapGuard product line. The upcoming generic file damage detection is based on an online background mechanism (absolutely no impact on client latency) and very reliable. Don't believe the fuss about using machine learning to detect ransomware patterns: our next-gen approach does not rely on any kind of obscure or incomprehensible client access patterns evaluation, the only thing that matters is whether clients are corrupting data or not.
Cleondris offers two editions of SnapGuard:
CLEONDRIS®, CDM®, SNAPGUARD® and ULTRAVIRT® are registered trademarks of Cleondris GmbH in Switzerland, the United States, the EU, China, Lichtenstein and/or other jurisdictions. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. NetApp, Data ONTAP, FlexClone, FlexVol, MetroCluster, Network Appliance, ONTAPI, RAID-DP, SnapMirror, SnapVault, vFiler and WAFL are trademarks or registered trademarks of NetApp, Inc. in the U.S. and/or other countries. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such.