There is no surprise to anyone that data management is a constant challenge with ever-growing amounts, increased regulation and the risk posed by ever more complex cybersecurity threats.
Therefore, when you invest in your enterprise storage infrastructure with platforms such as those by NetApp, this investment is significant, so having tools that can provide insight into how your data is used is crucial in ensuring that your investment is well made and your data controlled, governed and secured.
You may have seen a recent post on our site (it’s here) that shared information on a partnership between Gardner Systems, Catalogic Software and Prolion which makes available a suite of management tools to enhance insight into your NetApp ONTAP powered data platforms.
The post provided a brief overview of each of the technology components that suite offered and how it could help you develop your data management strategy.
In this post, I’d like to delve a little deeper into the components discussed and share some thoughts technically on how they deliver what they do and why it has value.
It shouldn’t be news to anyone that ransomware is an issue, making data inaccessible causes all types of problems from inconvenience, to regulatory punishment (no access to data is equivalent to data loss and has to be reported) to the potential loss of a business and NetApp’s ONTAP operating system is as much of a target as any other data repository.
CryptoSpike provides protection against this by exploiting ONTAP’s F-Policy server to get real-time information on file access and changes, using a multi-pronged approach to detect, stop the spread of and recover from ransomware.
Its base protection is provided by standard block and allow lists with the block list updated every day and downloaded to the CryptoSpike server, while the allow list is a little more bespoke been initially generated via a scan of your current files. Tools that use this kind of block and allow technology are limited in appeal as they cannot keep up with change or deal with “zero-day” threats. Therefore the most important CryptoSpike component is the Learner module which tracks user behaviour and builds a pattern of allowable file transactions (e.g. read, write, open, etc.). Once learned it can then identify anomalous behaviour and block the offending account.
CryptoSpike also goes beyond this by providing insights into user activity such as file opens, closes, deletes, writes etc providing a definitive record of user access to a given piece of data. This capability is invaluable to your wider governance and security strategy.
The threat to our data posed by malicious software is well known, however, an equally big threat is the masses of uncontrolled and unmanaged data we store. Been unaware of the data 5 W’s of who, where, when, why and what, makes effective data management difficult and trying to build this understanding inside of a large scale ONTAP environment filled with millions of files in multiple unstructured data repositories is almost impossible without some help.
Restore Manager provides that by providing a full catalogue and detailed reporting on your NetApp file system.
Restore Manager does this via the ONTAP SnapDiff API to gather the relevant metadata from files and folders and stores this in a central database. Once here we can become very targeted in the way we look for data across an estate of any size.
We can explore our data by name, type, size or across deletion and creation periods. This granularity allows us to create bespoke reports to assist in our data management and help us build our strategy based on detailed knowledge of our current environment not guesses and define more accurately key policies such as retention periods, security models and data ownership.
The Catalogic/Prolion relationship also provides other useful tools, but I just wanted to focus on these two as the primary management ones for ONTAP and it is worth reiterating these tools only run on NetApp ONTAP powered controllers, no other storage at present, so if you like the sound of what they do but don’t run ONTAP, they’re not for you!
Building a data platform
The modern data management challenge is not solved by a particular storage array, media type or by moving storage to the cloud, what we need to fully control and understand our data, is to architect a data platform, something that includes robust storage, but more importantly management tools that allow us better insight, control and security.
These tools from Catalogic and Prolion can certainly help you too start building such a platform on top of your ONTAP environment, so if you want to get your NetApp based data under control these tools could be for you.