When it comes to ransomware protection, your storage matters! Storage is the last line of defense, and NetApp is the most secure storage on the planet. BlueXP ransomware protection takes the on-box defense even further by leveraging ONTAP technology to make ransomware preparedness very easy, and recovery extremely fast (within minutes). The second half of 2024 has been a remarkable period for BlueXP ransomware protection, with the introduction of 13 new features and capabilities designed to enhance ransomware preparedness and resilience, with more flexibility, control, and efficiency. In this blog post, we’ll delve into these exciting new additions and explore how they can help secure your workloads and streamline your operations. Don't want to read? Watch the recap video instead! Expanded Support for Working Environments One of the most exciting updates is the expanded support for additional working environments, including Google Cloud Platform (GCP). Previously, BlueXP ransomware protection supported only on-premises network-attached storage and Cloud Volumes ONTAP in Amazon Web Services (AWS) and Microsoft Azure. With the inclusion of GCP, you can now protect your workloads stored in Cloud Volumes ONTAP across all three of the largest cloud providers. This expansion offers more options to secure your data wherever it resides, giving you greater flexibility in your data protection strategies. Google Cloud Platform as a Backup Destination In addition to supporting GCP for workload protection, you can now use GCP as a backup destination. This enhancement provides extra flexibility for your backup strategies, ensuring that your data protection is robust and adaptable. Enhanced Workload Identification and Security Risk Management BlueXP ransomware protection has integrated with BlueXP classification to identify workloads containing personal identifiable information (PII). This capability allows you to prioritize protection, assess privacy exposure during an attack, and decide which workloads to recover first. Moreover, the service now gathers information about security risks from NetApp Digital Advisor. This proactive approach helps you address vulnerabilities and enhance your overall security posture. Focused Workload Discovery and Custom Grouping You can now select specific working environments for workload discovery, ensuring you focus on protecting the most critical parts of your infrastructure. Custom grouping of workloads simplifies data management and protection, allowing you to manage workloads at scale and ensure consistent protection of all critical data. Advanced Threat Detection and Response To bolster threat detection and response, BlueXP ransomware protection has launched several significant new capabilities: Integration with Data Infrastructure Insight’s Storage Workload Security: This feature detects anomalous user behavior, allowing you to map suspicious activity to specific users and quickly mitigate potential security threats. Integration with Splunk Cloud Security Information and Event Management (SIEM): By sending data to Splunk Cloud SIEM for threat analysis and detection, you can enhance security through a widely-used platform, supporting coordination and communication across Storage and SecOps teams. Integration with Microsoft Sentinel SIEM: This integration offers another option for threat analysis and detection, further enhancing security capabilities and supporting collaboration between Storage and SecOps teams. Efficient Recovery from Attacks In the unfortunate event of an attack, BlueXP ransomware protection now offers new capabilities to facilitate quick recovery: Download a List of Impacted Files: You can download a list of impacted files as a CSV file, helping you quickly assess the extent of an attack and streamline the recovery process. File-Level Workload Restoration: This feature allows you to view and identify impacted files before restoring them, providing more granular control over recovery and ensuring that only necessary files are restored, saving time and resources. Enhanced Governance with Role-Based Access Control Governance of ransomware protection has been improved with enhancements to role-based access control. You can now limit access to specific activities, using two roles from BlueXP: BlueXP Account Admin and Non-Account Admin (Viewer). These enhancements provide better control over your ransomware protection strategies. Conclusion The new features and capabilities introduced in the second half of 2024 make BlueXP ransomware protection the easiest and most comprehensive ransomware defense at the storage layer. They offer more options, better control, and enhanced protection for your workloads. For more information, visit netapp.com/bluexp/ransomware-protection.
... View more
We are BlueXP customers with one organization setup "ZOOne Moxie" and within *same organization* there are multiple different projects - AMER-DEV, AMER-PROD, EU-PROD, US-TEST. To obtain "Refresh token" for project "AMER-DEV" we have used link https://services.cloud.netapp.com/refresh-token. -- Will there be *one* "Refresh Token" per *organization base* OR there will be *different token for each individual project* within given organization (ZOOne)? If there is Refresh token is separate for each project in one organization then How do we get refresh token per project.
... View more
We have refresh token for our environment, which we added to Lambda function in AWS. In Brief, our environment setup is as follows.... At North Virginia (NV): NVDAPPNAC01: ID:VsaWorkingEnvironment-vsMHkcei Cluster Management IP:192.168.0.100 Serial Number_1:90920140000001164776 Serial Number_2:90920140000001164777 Client ID: a1qsdfI7BOiE4UqoTbtXqUNNZmus9iaB At Oregon (OR): ORDAPPNAC01: ID:VsaWorkingEnvironment-TRpk9Eg9 Cluster Management IP: 10.100.194.82 Serial Number: 90920130000001116143 Client ID: J8vNOQYsxQNhTKPnsCbAUm0g2ejf8qHL When we run the API call from AWS we are getting the request JWT ID with, but getting the following error... "X-Agent-Id"=>"J8vNOQYsxQNhTKPnsCbAUm0g2ejf8qHLclients"} @ssl=#<Faraday::SSLOptions verify=true> @response=#<Faraday::Response:0x000000001f39bc90 ...> @response_headers={"date"=>"Wed, 16 Apr 2025 23:16:15 GMT", "content-type"=>"application/json; charset=utf-8", "content-length"=>"205", "connection"=>"keep-alive", "x-powered-by"=>"Express", "access-control-allow-origin"=>"*", "access-control-expose-headers"=>"Authorization,X-Original-Content-Type,Content-Disposition,X-Response-Id,X-Occm-Async-Request-Id,x-occm-async-request-id,x-response-Id,x-netapp-trace-id,x-netapp-message-id", "x-netapp-message-id"=>"90e50b9b-5da3-4487-9f1c-000832fbc7ce", "strict-transport-security"=>"max-age=86400; includeSubDomains", "x-xss-protection"=>"1; mode=block", "x-content-type-options"=>"nosniff", "cache-control"=>"no-cache", "x-frame-options"=>"SAMEORIGIN", "x-netapp-timecheck"=>"undefined message-queue=174", "etag"=>"W/\"cd-Z5hT0tEZzOguy9cd+NpbDpzE9jM\"", "x-netapp-trace-id"=>"b44cd686e44fa81c9d995f9bfd4bf309", "x-azure-ref"=>"20250416T231614Z-16b479cd887nbhtghC1CO1be0n000000080g000000001dm3", "x-cache"=>"CONFIG_NOCACHE"} @status=404 @reason_phrase="Not Found" @response_body="{\"message\":\"Could not find working environment with id VsaWorkingEnvironment-TRpk9Eg9\",\"causeMessage\":\"ResourceNotFoundException: Could not find working environment with id VsaWorkingEnvironment-TRpk9Eg9\"}">> ERROR: Unable to get replication status of KB10HAFS_NV in VsaWorkingEnvironment-TRpk9Eg9: no implicit conversion of String into Integer ["/var/task/lambda_function.rb:346:in `[]'", "/var/task/lambda_function.rb:346:in `block in netapp_get_replication_status'", "/var/task/lambda_function.rb:345:in `each'", "/var/task/lambda_function.rb:345:in `netapp_get_replication_status'", "/var/task/lambda_function.rb:620:in `netapp_process_event'", "/var/task/lambda_function.rb:955:in `lambda_handler'", "/var/runtime/lib/lambda_handler.rb:26:in `call_handler'", "/var/runtime/lib/runtime.rb:99:in `<main>'"] DEBUG: Replication status: DEBUG: DEBUG: Netapp status JSON: {"statusCode":200,"body":"Netapp probed data retrieved"} {"statusCode":200,"netapp":{"statusCode":200,"body":"Netapp probed data retrieved"}} END RequestId: a7155bb7-02fb-4f51-b42b-b28ffc8c5f39 What makes this to failed with 404 error when try to communicate to working environment "VsaWorkingEnvironment-TRpk9Eg9" at Oregon When I logon to the BlueXP UI I can see cluster is healthy. Any help will be appreciated. Thank you, -Sam
... View more
Hi All, Yes we are still running an AltaVault and almost ready to migrate the data, however the initial requirement is to get the AltaVault off our F5. Current setup is AltaVault pointing to the F5 which is directing data to StorageGrid, new requirement is to have the AltaVault pointing directly to newly implemented StorageGrid gateway node. Is there a way to change the IP associated with hostname in the cloud settings tab without losing access to current SG bucket?
... View more