When it comes to ransomware protection, your storage matters!  Storage is the last line of defense, and NetApp is the most secure storage on the planet. BlueXP ransomware protection takes the on-box defense even further by leveraging ONTAP technology to make ransomware preparedness very easy, and recovery extremely fast (within minutes). 

The second half of 2024 has been a remarkable period for BlueXP ransomware protection, with the introduction of 13 new features and capabilities designed to enhance ransomware preparedness and resilience, with more flexibility, control, and efficiency. In this blog post, we’ll delve into these exciting new additions and explore how they can help secure your workloads and streamline your operations.

Don't want to read? Watch the recap video instead!

Expanded Support for Working Environments

One of the most exciting updates is the expanded support for additional working environments, including Google Cloud Platform (GCP). Previously, BlueXP ransomware protection supported only on-premises network-attached storage and Cloud Volumes ONTAP in Amazon Web Services (AWS) and Microsoft Azure. With the inclusion of GCP, you can now protect your workloads stored in Cloud Volumes ONTAP across all three of the largest cloud providers. This expansion offers more options to secure your data wherever it resides, giving you greater flexibility in your data protection strategies.

Google Cloud Platform as a Backup Destination

In addition to supporting GCP for workload protection, you can now use GCP as a backup destination. This enhancement provides extra flexibility for your backup strategies, ensuring that your data protection is robust and adaptable.

Enhanced Workload Identification and Security Risk Management

BlueXP ransomware protection has integrated with BlueXP classification to identify workloads containing personal identifiable information (PII). This capability allows you to prioritize protection, assess privacy exposure during an attack, and decide which workloads to recover first.

Moreover, the service now gathers information about security risks from NetApp Digital Advisor. This proactive approach helps you address vulnerabilities and enhance your overall security posture.

Focused Workload Discovery and Custom Grouping

You can now select specific working environments for workload discovery, ensuring you focus on protecting the most critical parts of your infrastructure. Custom grouping of workloads simplifies data management and protection, allowing you to manage workloads at scale and ensure consistent protection of all critical data.

Advanced Threat Detection and Response

To bolster threat detection and response, BlueXP ransomware protection has launched several significant new capabilities:

1. Integration with Data Infrastructure Insight’s Storage Workload Security: This feature detects anomalous user behavior, allowing you to map suspicious activity to specific users and quickly mitigate potential security threats.
2. Integration with Splunk Cloud Security Information and Event Management (SIEM): By sending data to Splunk Cloud SIEM for threat analysis and detection, you can enhance security through a widely-used platform, supporting coordination and communication across Storage and SecOps teams.
3. Integration with Microsoft Sentinel SIEM: This integration offers another option for threat analysis and detection, further enhancing security capabilities and supporting collaboration between Storage and SecOps teams.

Efficient Recovery from Attacks

In the unfortunate event of an attack, BlueXP ransomware protection now offers new capabilities to facilitate quick recovery:

• Download a List of Impacted Files: You can download a list of impacted files as a CSV file, helping you quickly assess the extent of an attack and streamline the recovery process.
• File-Level Workload Restoration: This feature allows you to view and identify impacted files before restoring them, providing more granular control over recovery and ensuring that only necessary files are restored, saving time and resources.

Enhanced Governance with Role-Based Access Control

Governance of ransomware protection has been improved with enhancements to role-based access control. You can now limit access to specific activities, using two roles from BlueXP: BlueXP Account Admin and Non-Account Admin (Viewer). These enhancements provide better control over your ransomware protection strategies.

Conclusion

The new features and capabilities introduced in the second half of 2024 make BlueXP ransomware protection the easiest and most comprehensive ransomware defense at the storage layer. They offer more options, better control, and enhanced protection for your workloads. For more information, visit netapp.com/bluexp/ransomware-protection.