ransomware protection enable or not

Last post 06-16-2017, 11:19 PM by bsock79. 2 replies.
Sort Posts: Previous Next
  • ransomware protection enable or not
    Posted: 05-25-2017, 5:59 AM
    hi, i have 1sp7 , do i need always to enable ransomware protection on all my media i have only sap server . i watch the webinar but only last 10 minutes about this ransomware Option. i dont understand why should be this setting good . because snapshots are normally read only . why schould i activate additional this options. thanxs
  • Re: ransomware protection enable or not
    Posted: 05-25-2017, 6:42 AM
    The option to secure disk storage ensures that the any disk target configured for Commvault backups are secured from access to non-commvault software. In case of a ransomware attack we will block write access to this target. It is a good idea to turn this on. I have it turned on in our production backup and so far not seen any issues.
    Rajiv Kottomtharayil
    Developer,Commvault
  • Re: ransomware protection enable or not
    Posted: 06-16-2017, 11:19 PM

    I agree with Commvault.  We enabled the option the Friday evening when talks about WannaCry getting to the United States.  It has not changed anything as far as performance that we have seen so far.  Additionally, it was safe to say that our mount paths were protected by this new option, along with the alert for Ransomware, and a Job Summary report to our leadership showing there were no unexpected backup jobs that grew more than 30%.  Anything above 30% that was in the report was easily identifiable and happened to be Linux systems running Oracle RAC.  Thanks, Commvault.  Great option especially with only allowing Commvault processes to access the media.  

    Just think about how bad things could get if your mount paths were infected with ransomeware and that should be enough to motivate enabling this option, especially if you have any experience cleaning WannaCry off of a system.  We had around 1,000 clients infected - mostly vendor maintained that were not able to traverse to another network segment.  We enabled it on all 40 Media Agents and were the only technical team to not get hit.  If you do one you may as well do them all - more so if they share the same mount path.  

     

    Hope this helps.

The content of the forums, threads and posts reflects the thoughts and opinions of each author, and does not represent the thoughts, opinions, plans or strategies of Commvault Systems, Inc. ("Commvault") and Commvault undertakes no obligation to update, correct or modify any statements made in this forum. Any and all third party links, statements, comments, or feedback posted to, or otherwise provided by this forum, thread or post are not affiliated with, nor endorsed by, Commvault.
Commvault, Commvault and logo, the “CV” logo, Commvault Systems, Solving Forward, SIM, Singular Information Management, Simpana, Commvault Galaxy, Unified Data Management, QiNetix, Quick Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell, SnapProtect, ROMS, and CommValue, are trademarks or registered trademarks of Commvault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Close
Copyright © 2017 Commvault | All Rights Reserved. | Legal | Privacy Policy