in the United States, EU, China, Switzerland and/or other jurisdictions. Cleondris Appliance Comes as an .OVA file (630MB) ISO for non-virtual (physical or custom Linux) deployments available on request Installed within minutes Basic setup on console (network & initial web password, SSL etc) Remaining configuration with browser Updates can be deployed via browser (<80MB), takes less than 1 min Inside: CentOS, PostgreSQL, Cleondris SW Established technology since 2010
in the United States, EU, China, Switzerland and/or other jurisdictions. So what is inside the Cleondris appliance? CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL 9.6 Cleondris Software Database Requiring admins to have Linux know-how to be able to configure network & web ui credentials is not acceptable!
in the United States, EU, China, Switzerland and/or other jurisdictions. So what is inside the Cleondris appliance? CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL 9.6 Cleondris Software Database Console Configurator
in the United States, EU, China, Switzerland and/or other jurisdictions. Basic appliance settings on the virtual console Network Settings IP/Subnet/Default Route DNS NTP Servers Initial password for the web UI Optional: Enable SSH + password for root account Protect console configurator with a password Expand disk
in the United States, EU, China, Switzerland and/or other jurisdictions. How we can quickly support our customers A support bundle can be downloaded via the UI. It contains logs, but most importantly, it contains a full dump of the PostgreSQL database of the customer (minus credentials). This allows Cleondris support to «load» the dump and «see» the customer’s environment. CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL Cleondris Software Database SupportBundle.zip «SQL Dump» Cleondris Support Installation runs in «passive» mode (no active scanning, failover, backup, ...) basically a readonly version of the software PostgreSQL Import
in the United States, EU, China, Switzerland and/or other jurisdictions. Linux RHEL/CentOS VMware OVA Cloud Container Physical Server AWS Marketplace Cleondris Software
in the United States, EU, China, Switzerland and/or other jurisdictions. CDM – Cleondris™ Data Manager Snapshot based backups for NetApp since 2010 (ONTAP 7.3.3) Flexible graphical scheduler incl. SnapMirror support VMware: Restore complete VMs, disks, or individual files NAS: Indexing + graphical file browser / NDMP frontend Stealth mode (native scheduled ONTAP backups, but restore with CDM) All functions from a simple Web UI Replace tape backup with SnapMirror-Cloud
in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin Storage/Backup Admin vCenter Admin Storage/Backup Admin Helpdesk
in the United States, EU, China, Switzerland and/or other jurisdictions. CDM works in large Environments (10K+ VMs) Primary Storage Storage Virtual Machines Backup Storage Storage Virtual Machines XDP SnapVault Restore via FlexClone+NFS ESX Server NFS Datastores MCC MCC Data Manager Appliance
in the United States, EU, China, Switzerland and/or other jurisdictions. CDM works out of the box in complex setups vFiler/SVM NetApp Primary Storage vFiler/SVM vFiler/SVM ESX in DMZ Zone A ESX in DMZ Zone B VMware vCenter vFiler/SVM SnapVault/XDP NetApp Secondary Web GUI ZAPI vFiler0 (SSL) ZAPI vFiler0 (SSL) vSphere SDK (SSL) (SSL) Data Manager Appliance
in the United States, EU, China, Switzerland and/or other jurisdictions. VMware Restore Options with Cleondris Full VM Restore It is perfectly valid for the VM to not exist anymore or being disfunctional, the restore is very solid. VM Clone Same as VM restore, but with a new name (do not replace existing VM). VMDK Restore Replace selected VMDKs. VMDK Attach Attach selected VMDKs either to the VM or a proxy VM (used for single file restore). Datastore Clone Used for datastore inspection. Disaster Recovery (HCC Product) Mass-VM Restore to DR Site with orchestrated VM Boot, includes Sandbox Option.
in the United States, EU, China, Switzerland and/or other jurisdictions. Stealth Backups for ONTAP World’s only passive backup mode for VM environments Snapshots and SnapMirror transfers are scheduled locally on ONTAP. CDM is acting passively and constantly monitors ONTAP …and keeps a file catalog of the contents of new snapshot copies …and keeps an inventory of VMware objects inside the snapshots However, complex restores (VMs, files, folders) can be done using the CDM UI as if the backups (snapshots and snapmirror transfers) had been generated by CDM.
in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin Storage/Backup Admin vCenter Admin Storage/Backup Admin Helpdesk
in the United States, EU, China, Switzerland and/or other jurisdictions. Indexing for NAS Data on ONTAP Unified indexing support for ONTAP 9/8/7 Easy to configure, even with hundreds of volumes Allows offloading indexing to XDP/DP secondary volumes Enables helpdesk team to locate + restore CIFS/NFS data (i.e., no expert knowledge needed) New in Q4/2020: Support for FlexGroups (OK) SnapDiff V3 (OK) Include size and mtime in the catalog (enables refined search)
in the United States, EU, China, Switzerland and/or other jurisdictions. Backup… SMB, NFS SG5712 SnapMirror Cloud Snapshot Metadata Multi-Versioned Directory Tree Control SnapDiff
in the United States, EU, China, Switzerland and/or other jurisdictions. …and Restore SMB, NFS SG5712 SnapMirrorCloud Restore Snapshot Metadata Multi-Versioned Directory Tree Control
in the United States, EU, China, Switzerland and/or other jurisdictions. Enterprise Customers trust in CDM CDM is used in the largest NetApp environments CDM is easy to integrate and use (e.g., helpdesk!) Some large NetApp accounts successfully using CDM: International Bank, Germany (since 2010) International Insurance Company, Germany/Italy (since 2011) International Pharma Company, Germany & Worldwide (since 2012) International Pharma Company, Basel, Switzerland (since 2013) National Telco, Switzerland (since 2014) Telco, Germany/Ireland (since 2015)
in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard – Ransomware Protection and Audit for ONTAP PROTECT • World’s fastest distributed FPolicy engine for SMB + NFS - scales up to 300k FPolicy messages and 16k ransomware checks per sec and CPU core • Detects zero-day attacks with generic file damage checks (via privileged FPolicy connection) • Airgap Backup Check: verifies data on SnapMirror destination volumes («SnapScan») – competes with Dell EMC PowerProtect Cyber Recovery and IBM Spectrum Protect REACT • Automatic Emergency Snapshots • Different user blocking modes • «Emergency Stop Button»: One-click read-only mode for ONTAP shares • Differential Restore: rapid restore of affected files from latest good snapshot with single file clones World’s first FPolicy based Ransomware protection for ONTAP (Premiere at NetApp Insight 2016) Compatible with ONTAP FAS, AFF, Select, CVO and Amazon FSx for ONTAP – On-prem and/or Cloud Enterprise Grade, customers have deployed it to environments with 50+ clusters (single control pane!) CIFS Clients Cleondris Appliance 1 embedded FPE DMT 1 FPE / DMT Instance DMT 1 FPE / DMT Instance CIFS Clients SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Administrator ALARM • Native SIEM (Splunk, IBM Q-Radar, etc) integration • Configurable E-Mail Reports ANALYZE • Examine CIFS and NFS client activity in real-time • CVTX: Integrated blockchain-based file auditing • Audit Viewer with filter and aggregation mode ROCK SOLID • 100% engineered in Switzerland • Depends on very few third-party components (no log4j bugs or Elasticsearch licensing dramas) • Cleondris offers ONTAP add-ons since 2010 • Cleondris is self-funded without venture capital CONTACT • [email protected] / [email protected] • https://www.cleondris.com
in the United States, EU, China, Switzerland and/or other jurisdictions. CryptoWall Team Lazarus Gandcrab Leakware Doxware Cr1ptTorm Emotet Spear-Fishing […] Internetbrowser E-Mail BYO Device Social Engineering Cloud Services Evil Staff James Bond Future Attacks […] A never ending stream of new ransomware uses a plethora of attack vectors to enter the customer’s environment ... and today – the situation is much more complex!
in the United States, EU, China, Switzerland and/or other jurisdictions. No matter what kind of attack you face, in 95% of cases the central NAS storage is affected! Vulnerability Damage Repair Storage Team, go fix it!
in the United States, EU, China, Switzerland and/or other jurisdictions. „Ransomware protection at the storage level is an absolute must today because it is the last line of defense and can be critical to a company's survival. The cost of such protection is not only low, but even insignificant compared to a damaging event where important data is no longer available.“ Christian Plattner, CEO Cleondris
in the United States, EU, China, Switzerland and/or other jurisdictions. Syslog (Splunk or CEF) SNMP Notifications E-Mail SMB/CIFS Administrator SnapGuard Firewall Principle AD / KRB FPolicy NAS Documents
in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard™ Protects your NAS data! First FPolicy based CIFS/NFS Firewall for Data ONTAP Rule-based: blocks access based on patterns, access rate, ... Interesting possibilities: Pattern blocking with continuous learning Emergency snapshots (in response to suspicious behavior) Analyze changed .docx, .xlsx, and .pdf files Integrated alarming via Syslog (Splunk/CIM), SNMP and e-mail Architecture scales up to hundreds of controllers
in the United States, EU, China, Switzerland and/or other jurisdictions. Known Ransomware Pattern Management using FSRM List The FSRM list contains over 4000 ransomware file extensions and file name patterns. The list changes on a daily basis Which patterns can I use? How secure is an auto-update? Manual administration effort?
in the United States, EU, China, Switzerland and/or other jurisdictions. CIFS Clients Cleondris Appliance 1 embedded FPE DMT 1 FPE / DMT Instance DMT 1 FPE / DMT Instance CIFS Clients SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Administrator FPolicy Engines (FPE) can run inside the appliance or on external servers which are running the Data Manager Tools (DMT). FPEs can be shared by many ONTAP SVMs.
in the United States, EU, China, Switzerland and/or other jurisdictions. CVTX EVTX ONTAP Configuration Tasks • SACL configuration inside file system • Provision a log volume for EVTX storage Not required. SnapGuard configures FPolicy automatically Time intensive configuration required. FPolicy Integration Optional active ransomware protection YES NO Encryption + Compression AES-CTS/HMAC-SHA2 (RFC 8006 style) NO Blockchain based verification YES (SHA256) NO DSGVO/GDPR (no clear text usernames, just SIDs in persistent storage) YES NO Search in history for user, path, extension, volume, .. YES Limited 10-year guarantee, S3 archival (roadmap) YES NO Export to CSV Command line toolkit to access files YES Limited
in the United States, EU, China, Switzerland and/or other jurisdictions. Screenshot: Configuring CVTX Auditing for an SVM Auditing can be easily configured with just a few clicks in the Cleondris UI The necessary configuration is automatically applied on ONTAP Roadmap 2023 Q1
in the United States, EU, China, Switzerland and/or other jurisdictions. Possible queries in the blockchain In the event of a major Incident: Which users were most active in the last X hours? Who created/read/modified/deleted the most files? At what point did the NAS traffic increase exactly? On which shares did we observe the most activity? On a case-by-case basis: Who has deleted file X? Who has worked with file X in the last few days? Where has file Y been moved to?
in the United States, EU, China, Switzerland and/or other jurisdictions. Attack Detection Repair Back Online NetApp: Repair Scenario («Full Restore» with SnapRestore) M: «Last Good Backup» With SnapRestore all current data (good or bad) is reset… M:
in the United States, EU, China, Switzerland and/or other jurisdictions. Attack Detection Repair Back Online NetApp: Repair Scenario («Backwards») M: \\zha51\backup_20161121_0800 (readonly export of the snapshot directory) Single-File Clone (manually, Powershell, …) – OR you use the automated Cleondris Differential Restore! M:
in the United States, EU, China, Switzerland and/or other jurisdictions. CVTX SMB/CIFS Roadmap: Restore using Blockchain Audit Log (Q1/2023) FPolicy DFR
itpresstour
kworkdev
shihochan
oracle4engineer
line_developers_tw
findy_eventslides
cheng_wei_chen
nori_shinoda
sakaik
hiranabe
sansantech
jacopen
jct
reverentgeek
lauravandoore
katiecoart
honzajavorek
ipullrank
orderedlist
jakevdp
tenderlove
sabderemane
davidcarrasco
kneath
