W A S H I N G T O N , D C | M A Y 2 3 - 2 5 , 2 0 2 2

BIZ302-S

A data-centric approach to
ransomware protection

Jim Cosby
Deputy CTO, Public Sector Global Partners and Federal Civilian
Global Strategy and Technology Office
NetApp

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Analyst acclaimed
ENTERPRISE-GRADE LEADERSHIP

NetApp is a leader in
block and file storage per
Gartner1, GigaOm2 & IDC3

Ranked as world’s No. 1

data storage OS
"NetApp now provides file storage services for 30K+ customers 140+ countries 2K+ patents
all major public cloud IaaS providers, making
it a critical enabler in a storage segment"
– Andrew Smith, IDC
Sources: 1. NetApp, “NetApp is recognized as a Magic Quadrant leader…again,” https://www.netapp.com/blog/gartner-magic-
quadrant-primary-storage-2019/, 2019; 2. https://research.gigaom.com/reprint/data-storage-for-the-hybrid-multicloud-era-
netappxy40613/; 3. “IDC: A new NetApp on the rise,” https://www.netapp.com/blog/idc-new-netapp/, 2020
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 A decade of innovation with AWS
NETAPP’S HISTORY OF CLOUD INNOVATION

2013 2015 2017 2019 2021

NetApp NPS SaaS AltaVault backup Cloud Orchestrator Cloud tiering Amazon FSx for
to Amazon S3 SaaS backup~O365 Cloud backup NetApp ONTAP
Cloud Data Sense

2012 2014 2016 2018 2020

Teamed up Cloud Volumes ONTAP Cloud Sync to Amazon S3 Cloud Volumes service Spot by NetApp
with AWS at StorageGRID to Amazon S3 NetApp Kubernetes service Global file cache
re:Invent1 Cloud Insights Virtual desktop service

Source: 1 ZDNet, “NetApp, Amazon Web Services set hybrid cloud storage pact,” https://www.zdnet.com/article/netapp-amazon-web-services-set-hybrid-cloud-storage-pact/, 2012

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
4 © 2021 NetApp, Inc. All rights reserved.
 AWS ISV
Design partner of the year1

2021 NetApp, Inc.

Trusted experience
• Working with government customers
• Providing enterprise-grade performance
• Migrating mission-critical applications
• Supporting hybrid cloud workloads
• Protecting sensitive data

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Source: 1 AWS, “Announcing the AWS Partner Network’s Regional U.S. 2021 Partners of the Year,” https://go.aws/38SRgc9, 2021
Federal government and public cyber attacks
SOLAR WINDS, WANNACRY, COLONIAL PIPELINE, AND JBS MEAT PACKING

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Data-centric ransomware protection
PROTECT YOUR DATA THROUGH ACTIVE MANAGEMENT, MONITORING, AND REM EDIATION

Data-centric
Infrastructure management security and
1 Disaster prevention and recovery remediation

Infrastructure monitoring Identification

2 Anomaly and threat detection and reporting

Infrastructure services Best practices

3 Assessments, management, and setup management

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Infrastructure management
THE FOUNDATION OF A DATA-CENTRIC APPROACH BEGINS WITH WHERE THE DATA RESIDES

Infrastructure management Data-centric

1 Disaster prevention and recovery security and
remediation

Snapshot – immutable, space-efficient, pointer-based Cloud backup – integrated

data copies to prevent threats of ransomware encryption backup of ONTAP Snapshot
SnapLock – indelible, read-only copies to prevent copies to object storage
deletion of backup copies and to provide a logical air gap
SnapMirror/SnapVault – efficient replication and archive
of data to secondary storage (ONTAP or object)
SnapRestore – Snapshot copy restoration for accelerated
data recovery
Fpolicy – file access monitoring and detection
Autonomous ransomware protection – UBA ML-based
ransomware detection focused on file system anomalies
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Infrastructure monitoring
INTELLIGENT MONITORING AND DETECTION ACROSS YOUR HYBRID CLOUD

Infrastructure monitoring Identification

2 Anomaly and threat detection and reporting

Cloud Insights/Secure – monitor user behavior to detect

Hybrid cloud user behavior
anomalies and prevent ransomware attacks through user
anomaly
account blocking and Snapshot recovery point creation;
additionally optimize compute and data infrastructures

Cloud Data Sense – data governance and compliance;

Hybrid cloud file classification
automatically discover, identify, map, and classify your
data and identify access permissions

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Data protection and security assessment
ASSESS YOUR ENVIRONMENT AND PREPARE FOR SECURITY THREATS ON-PREMISES AND IN THE CLOUD

Infrastructure services Best practices

3 Assessments, management, and setup management

Determine data protection Recover faster when an attack Stay up to date with
and security readiness happens to reduce data loss security changes to avoid
before a threat occurs and disruption future risks

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NetApp Professional
Services
NetApp ONTAP powers cyber resilience
NATIVE RANSOMWARE DETECTION, PROTECTION, AND RECOVERY ACROSS YOU R HYBRID CLOUD

Protect Detect Recover

• Block malicious files before • Identify anomalous storage
they are written to disk behavior indicative of malware
attacks
• Create read only Snapshot
copies to thwart file infection • Detect suspicious file access
patterns with on-box
• Establish a logical air gap to anti-ransomware analytics
prevent unwanted backup
deletion with SnapLock • Integrate with NetApp Cloud
WORM volumes Insights or third-party user
behavior analytics solutions
• Recover data in seconds with
in-place Snapshot copies
• Restore data quickly from
efficient remote copies or
failover to remote storage
• Analyze logs and apply file level
forensics to isolate the threat

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The data growth and management dilemma
MEET CLOUD MANDATES FOR HYBRID AND CLOUD-NATIVE WORKLOADS

Enterprises are searching for a way to deploy file

Worldwide data will be workloads in the cloud without sacrificing:
80% unstructured by 2025 as
projected by IDC1

File-based enterprise Cost-performance Reliability

74% apps are candidates to
move to the cloud2

Organizations expect to be Security and Enterprise data

59% mostly cloud-based within

the next 18 months3
governance management

No one wants to re-factor

Sources: 1. IDC Data Management Solutions Review; 2. ESG Survey, https://www.netapp.com/pdf.html?item=/media/27893-ESG-InstaGraphic-NetApp-CVO-AWS-File.pdf; 3. NetApp 2021 Cloud Efficiency Report

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Addressing data growth and management
59% OF COMPANIES IN THE CLOUD NEED TO OPTIMIZE THEIR EXISTING US AGE1

AWS • Unified platform

OUTPOSTS
• Centrally orchestrate data and services

• Seamless migration
SnapMirror
• Lift and shift apps without rearchitecting

Data • Cloud efficiencies

fabric
• Optimize with data tiering to Amazon S3

ENTERPRISE IT
• Data protection
ANY DATA • Snapshots and SnapMirror replication
PRIVATE
CLOUD

Source: 1. NetApp 2021 Cloud Efficiency Report - https://www.netapp.com/pdf.html?item=/media/48190-NetApp-2021-Cloud-Efficacy-Report.pdf

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NetApp Cloud Volumes ONTAP
Supported ONTAP features
• NetApp Snapshot copies
• Strong cyber protection
SnapMirror
AWS GovCloud (US) • NFS V3/V4, CIFS SMB V2/V3
• iSCSI block-based storage
Data center Data Sense
• Deduplication, compression,
compaction, thin provisioning
• AES-256 encryption at rest and
SnapMirror in flight
• 30-70% or more consumption
savings
• NetApp SnapMirror
• NetApp FlexClone
• NetApp SnapLock
• High availability
• Cold data tiering to Amazon
S3 object storage
NetApp Management Suite
• Kubernetes integration with
Consistently manage and monitor your data across clouds and on premises Trident
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 “One of the fastest growing AWS
Amazon FSx for NetApp ONTAP services, within the first three
months, that we’ve ever seen.”
NATIVE AWS MANAGED SERVICE DELIVERING BLOCK AND FILE STORAGE - Edward Naim
General Manager, Amazon FSx, AWS

Full-featured NetApp ONTAP As a native AWS managed service

• Complete ONTAP data capabilities • Sold, managed, and supported by AWS
• Proven enterprise-grade features, management • Built with the latest AWS compute, disk, and
performance, data protection, and efficiencies networking to provide maximum performance
• Access to the full NetApp cloud portfolio • Tightly integrated with AWS services
• Integration with existing ONTAP systems • Easily managed by AWS Management Console,
AWS CLI, or AWS SDK
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Enterprise portfolio of data services
HOLISTIC DATA MANAGEMENT SUITE — NESTLED IN AN AWS NATIVE EXPERIENCE

NetApp Cloud Insights

Spot Ocean by NetApp

Data center
Cloud
Data NetApp Cloud Sync
Sense
Elastic
Tiering NetApp Cloud Data Sense
Snap Mirror data
tiering
Backup Built on NetApp Cloud Backup
Migrate NFS
Caching Automated
SMB
Cloud Sync backups
iSCSI
NetApp Global File Cache
APP
Global OS
File NetApp Astra Trident
Branch Cache
NetApp SnapCenter

NetApp Management Suite

Consistently manage and monitor your data across clouds and on premises
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Supports a wide spectrum of use cases
EXTEND, MIGRATE, AND LAUNCH WITH AWS

Enterprise-grade file shares Enterprise apps and databases Software development

Home directories, VDI, web applications, VMware Cloud, SAP, Oracle DB/RAC, Easily move to in-cloud development
VMC, SAP applications SQL Server, CRM, ERP with no changes to workflows

Data protection Line-of-business applications Hybrid cloud

Snapshots and file restore, Financial services, automotive, EDA, Lift and shift, cloud bursting,
automated backups, disaster recovery M&E post-production, healthcare distributed storage consolidation
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Data flexibilty and mobility
ALIGNING INTENDED USE TO LONG-TERM CLOUD STRATEGY

Expand
Primary Secondary
Decommission

Extend to Disaster Lift and shift Launch modern

hybrid cloud recovery workloads applications
Retire or extend your Lower cost, remove Like SAP, Oracle and Run stateful apps for
data center to AWS operational burdens SQL, and VMware Kubernetes containers

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
U.S. Navy customer
ADOPTION OF HYBRID CLOUD ACCELERATED BY NETAPP’S DATA FABRIC

Challenge – DoD Cloud mandate, accelerate

cloud migration
Solution – NetApp All Flash FAS, Hybrid FAS
and StorageGRID at the core with FabricPool
tiering to Amazon S3; Cloud Volumes ONTAP in
an AWS government region
Outcome – Tiered 45% off SSD to low-cost
object storage; S3-complaint API repository for
active archive; common enterprise data
management for primary applications and
disaster recovery by utilizing CVO in AWS

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Source: https://aws.amazon.com/fsx/netapp-ontap/customers/

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
20 © 2022 NetApp, Inc. All rights reserved.
Now is the time to talk to NetApp
A DATA-CENTRIC APPROACH TO RANSOMWARE PROTECTION

• Talk with our public sector team for more on:

▪ Schedule your data protection assessment
▪ Lab on demands
▪ Technical deep dives
▪ Free POC trials Prepare, protect, and
recover from unforeseen
▪ AWS credit opportunities security threats–on
premises and in the cloud.
netapp.com/aws/summit
netapp.com/aws

NetApp Data Protection and Security Assessment

https://www.netapp.com/pdf.html?item=/media/7369-ds-4031.pdf
© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
Jim Cosby

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
 Please complete
the session survey
in the mobile app
Android iOS

© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.