No content

Add-on Software for NetApp Customers NetApp Founder Dave Hitz & Cleondris Founder Dr. Christian Plattner Swiss Quality 

2 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 2010 Backup for ONTAP 2011 Alliance Partner 2012 ClusteredONTAP + 

3 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. + 2010 Backup for ONTAP 2011 Alliance Partner 2012 ClusteredONTAP 

4 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 2014 SnapDiff v1 2016 FPolicy 2020 SnapMirror Cloud + 

5 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

6 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions.  Backup & Restore  NAS & VMware  Stealth Backups  File Katalog  «Norton Commander» Storage Browser 

7 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

8 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions.  Ransomware Protection  Detection of defect files  Volume Analysis  Audit Log Management  Splunk Integration  Differential Restore CIFS Clients Cleondris Appliance Tier-2 DMT Tier-3 DMT Tier-3 CIFS Clients Cleondris Appliance Tier-1 SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Customer Location A Customer Location B Customer Location C Customer Location D Administrator 

9 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

10 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

11 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Failover 

12 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Failover MCC, SnapMirror (BC), SVM-DR 

13 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

14 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Cleondris Appliance  Comes as an .OVA file (630MB) ISO for non-virtual (physical or custom Linux) deployments available on request  Installed within minutes  Basic setup on console (network & initial web password, SSL etc)  Remaining configuration with browser  Updates can be deployed via browser (<80MB), takes less than 1 min  Inside: CentOS, PostgreSQL, Cleondris SW  Established technology since 2010 

15 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Cleondris: Big Picture – All Products in one SW Appliance NetApp NearStore VMware ESX 4/5/6 Virtualized Physical NetApp OSSV Web GUI NetApp Storage • Administrators • Backup Operators • Restore Operators • Security Officers LDAP/SSO Kerberos NetApp 7-Mode (Single, HA, Metro) ONTAP 8/9 (FAS, AFF, MCC, Select) FC/iSCSI NFS/CIFS SVM/vFiler SV, SM, QSM DP + XDP SnapMirror SnapVault+OSSV vCloud Director LUNs AltaVault SolidFire + HCI Indexing SnapGuard HCI Audit Backup Virtual Appliance Restore 

16 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. So what is inside the Cleondris appliance? CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL 9.6 Cleondris Software Database Requiring admins to have Linux know-how to be able to configure network & web ui credentials is not acceptable! 

17 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. So what is inside the Cleondris appliance? CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL 9.6 Cleondris Software Database Console Configurator 

18 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Basic appliance settings on the virtual console  Network Settings  IP/Subnet/Default Route  DNS  NTP Servers  Initial password for the web UI  Optional:  Enable SSH + password for root account  Protect console configurator with a password  Expand disk 

19 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. How we can quickly support our customers A support bundle can be downloaded via the UI. It contains logs, but most importantly, it contains a full dump of the PostgreSQL database of the customer (minus credentials). This allows Cleondris support to «load» the dump and «see» the customer’s environment. CENTOS 7.7 MINIMAL INSTALLATION PostgreSQL Cleondris Software Database SupportBundle.zip «SQL Dump» Cleondris Support Installation runs in «passive» mode (no active scanning, failover, backup, ...) basically a readonly version of the software PostgreSQL Import 

20 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Linux RHEL/CentOS VMware OVA Cloud Container Physical Server AWS Marketplace Cleondris Software 

Cleondrisfully supports Amazon FSxfor NetApp ON-Prem Ransomware Protection Backup & Restore VMware Support Blockchain Audit File Catalog Coming soon: Directly from the AWS Marketplace 

22 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

23 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CDM – Cleondris™ Data Manager  Snapshot based backups for NetApp since 2010 (ONTAP 7.3.3)  Flexible graphical scheduler incl. SnapMirror support  VMware: Restore complete VMs, disks, or individual files  NAS: Indexing + graphical file browser / NDMP frontend  Stealth mode (native scheduled ONTAP backups, but restore with CDM)  All functions from a simple Web UI  Replace tape backup with SnapMirror-Cloud 

24 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin XDP Storage/Backup Admin VMware on ONTAP 

25 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin Storage/Backup Admin vCenter Admin Storage/Backup Admin Helpdesk 

26 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CDM works in large Environments (10K+ VMs) Primary Storage Storage Virtual Machines Backup Storage Storage Virtual Machines XDP SnapVault Restore via FlexClone+NFS ESX Server NFS Datastores MCC MCC Data Manager Appliance 

27 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CDM works out of the box in complex setups vFiler/SVM NetApp Primary Storage vFiler/SVM vFiler/SVM ESX in DMZ Zone A ESX in DMZ Zone B VMware vCenter vFiler/SVM SnapVault/XDP NetApp Secondary Web GUI ZAPI vFiler0 (SSL) ZAPI vFiler0 (SSL) vSphere SDK (SSL) (SSL) Data Manager Appliance 

28 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. VMware Restore Options with Cleondris  Full VM Restore It is perfectly valid for the VM to not exist anymore or being disfunctional, the restore is very solid.  VM Clone Same as VM restore, but with a new name (do not replace existing VM).  VMDK Restore Replace selected VMDKs.  VMDK Attach Attach selected VMDKs either to the VM or a proxy VM (used for single file restore).  Datastore Clone Used for datastore inspection.  Disaster Recovery (HCC Product) Mass-VM Restore to DR Site with orchestrated VM Boot, includes Sandbox Option. 

29 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Stealth Backups for ONTAP  World’s only passive backup mode for VM environments  Snapshots and SnapMirror transfers are scheduled locally on ONTAP.  CDM is acting passively and constantly monitors ONTAP  …and keeps a file catalog of the contents of new snapshot copies  …and keeps an inventory of VMware objects inside the snapshots  However, complex restores (VMs, files, folders) can be done using the CDM UI as if the backups (snapshots and snapmirror transfers) had been generated by CDM. 

30 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin Storage/Backup Admin vCenter Admin Storage/Backup Admin Helpdesk 

31 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. vCenter Admin Storage/Backup Admin vCenter Admin Storage/Backup Admin Helpdesk SFTP Self-Service Restore 

32 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

33 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS XDP 

34 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Indexing for NAS Data on ONTAP  Unified indexing support for ONTAP 9/8/7  Easy to configure, even with hundreds of volumes  Allows offloading indexing to XDP/DP secondary volumes  Enables helpdesk team to locate + restore CIFS/NFS data (i.e., no expert knowledge needed)  New in Q4/2020:  Support for FlexGroups (OK)  SnapDiff V3 (OK)  Include size and mtime in the catalog (enables refined search) 

35 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. File Version Screen 

36 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Restoring a File 

37 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Restores will be logged (forever) 

38 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. «Norton Commander» View 

40 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Backup… SMB, NFS SG5712 SnapMirror Cloud Snapshot Metadata Multi-Versioned Directory Tree Control SnapDiff 

41 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. …and Restore SMB, NFS SG5712 SnapMirrorCloud Restore Snapshot Metadata Multi-Versioned Directory Tree Control 

42 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Enterprise Customers trust in CDM  CDM is used in the largest NetApp environments  CDM is easy to integrate and use (e.g., helpdesk!)  Some large NetApp accounts successfully using CDM:  International Bank, Germany (since 2010)  International Insurance Company, Germany/Italy (since 2011)  International Pharma Company, Germany & Worldwide (since 2012)  International Pharma Company, Basel, Switzerland (since 2013)  National Telco, Switzerland (since 2014)  Telco, Germany/Ireland (since 2015) 

43 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

SnapGuard™ ONTAP Ransomware Protection 

45 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard – Ransomware Protection and Audit for ONTAP PROTECT • World’s fastest distributed FPolicy engine for SMB + NFS - scales up to 300k FPolicy messages and 16k ransomware checks per sec and CPU core • Detects zero-day attacks with generic file damage checks (via privileged FPolicy connection) • Airgap Backup Check: verifies data on SnapMirror destination volumes («SnapScan») – competes with Dell EMC PowerProtect Cyber Recovery and IBM Spectrum Protect REACT • Automatic Emergency Snapshots • Different user blocking modes • «Emergency Stop Button»: One-click read-only mode for ONTAP shares • Differential Restore: rapid restore of affected files from latest good snapshot with single file clones World’s first FPolicy based Ransomware protection for ONTAP (Premiere at NetApp Insight 2016) Compatible with ONTAP FAS, AFF, Select, CVO and Amazon FSx for ONTAP – On-prem and/or Cloud Enterprise Grade, customers have deployed it to environments with 50+ clusters (single control pane!) CIFS Clients Cleondris Appliance 1 embedded FPE DMT 1 FPE / DMT Instance DMT 1 FPE / DMT Instance CIFS Clients SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Administrator ALARM • Native SIEM (Splunk, IBM Q-Radar, etc) integration • Configurable E-Mail Reports ANALYZE • Examine CIFS and NFS client activity in real-time • CVTX: Integrated blockchain-based file auditing • Audit Viewer with filter and aggregation mode ROCK SOLID • 100% engineered in Switzerland • Depends on very few third-party components (no log4j bugs or Elasticsearch licensing dramas) • Cleondris offers ONTAP add-ons since 2010 • Cleondris is self-funded without venture capital CONTACT • [email protected] / [email protected] • https://www.cleondris.com 

46 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Ransomware 5 years ago… 

47 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CryptoWall Team Lazarus Gandcrab Leakware Doxware Cr1ptTorm Emotet Spear-Fishing […] Internetbrowser E-Mail BYO Device Social Engineering Cloud Services Evil Staff James Bond Future Attacks […] A never ending stream of new ransomware uses a plethora of attack vectors to enter the customer’s environment ... and today – the situation is much more complex! 

48 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. No matter what kind of attack you face, in 95% of cases the central NAS storage is affected! Vulnerability Damage Repair Storage Team, go fix it! 

49 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. „Ransomware protection at the storage level is an absolute must today because it is the last line of defense and can be critical to a company's survival. The cost of such protection is not only low, but even insignificant compared to a damaging event where important data is no longer available.“ Christian Plattner, CEO Cleondris 

50 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard: 3 pillar principle Protection Analysis Repair 

51 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS XDP FPolicy 

52 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Syslog (Splunk or CEF) SNMP Notifications E-Mail SMB/CIFS Administrator SnapGuard Firewall Principle AD / KRB FPolicy NAS Documents 

53 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard™ Protects your NAS data!  First FPolicy based CIFS/NFS Firewall for Data ONTAP  Rule-based: blocks access based on patterns, access rate, ...  Interesting possibilities:  Pattern blocking with continuous learning  Emergency snapshots (in response to suspicious behavior)  Analyze changed .docx, .xlsx, and .pdf files  Integrated alarming via Syslog (Splunk/CIM), SNMP and e-mail  Architecture scales up to hundreds of controllers 

54 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. FPolicy is powerful: you can block any user 

55 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Blocking Users based on Filename Patterns 

56 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Known Ransomware Pattern Management using FSRM List The FSRM list contains over 4000 ransomware file extensions and file name patterns.  The list changes on a daily basis  Which patterns can I use?  How secure is an auto-update?  Manual administration effort? 

57 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard: Automatic Pattern Management 

58 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Pattern Management New incoming Patterns E-Mail Notifcation 

59 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. File Verification – automatically check changed files 

60 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

61 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS XDP FPolicy Snapshot Backup Verification 

62 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS VMware XDP Roadmap 2023 Snapshot Verification next-gen, can detect: - Encrypted VMDKs (ESXi Ransomware) - Encrypted Files in VMDKs (Preview) - PostgreSQL Databases NFS + Inside VMDK - Microsoft SQL Databases CIFS + Inside VMDK (Preview) Airgap 

Ruleset Bogus Filenames File Verification Custom On-Access Rules File Verification Bogus Filenames Pattern Pool SVM File Index Volume 1 Volume 2 Ruleset Ruleset Fpolicy Settings SVM Exceptions Specify which snapshots (*daily*, *weekly*) EVTX Monitoring On-Access Rules Snapshot Scan Rules Roadmap: Behavior Analysis 

64 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CIFS Clients Cleondris Appliance 1 embedded FPE DMT 1 FPE / DMT Instance DMT 1 FPE / DMT Instance CIFS Clients SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Administrator Scalability 

65 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CIFS Clients Cleondris Appliance 1 embedded FPE DMT 1 FPE / DMT Instance DMT 1 FPE / DMT Instance CIFS Clients SNMP/Syslog Reveiver NetApp ONTAP Cluster NetApp ONTAP Cluster Administrator FPolicy Engines (FPE) can run inside the appliance or on external servers which are running the Data Manager Tools (DMT). FPEs can be shared by many ONTAP SVMs. 

66 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard: 3 pillar principle Protection Analysis Repair 

67 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Lockdown Mode 

68 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Lockdown Mode 

69 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS NetApp ONTAP native NAS Audit Log (EVTX) EVTX Splunk, CEF Syslog (UDP/TCP/TLS) SIEM ▪ SVM Audit config ▪ SACL entries (1) (2, optional) (3, optional) 

70 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS Cleondris CVTX Blockchain FPolicy CVTX (1) (2) SIEM (3, optional) 

71 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CVTX EVTX ONTAP Configuration Tasks • SACL configuration inside file system • Provision a log volume for EVTX storage Not required. SnapGuard configures FPolicy automatically Time intensive configuration required. FPolicy Integration Optional active ransomware protection YES NO Encryption + Compression AES-CTS/HMAC-SHA2 (RFC 8006 style) NO Blockchain based verification YES (SHA256) NO DSGVO/GDPR (no clear text usernames, just SIDs in persistent storage) YES NO Search in history for user, path, extension, volume, .. YES Limited 10-year guarantee, S3 archival (roadmap) YES NO Export to CSV Command line toolkit to access files YES Limited 

72 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Events in the Blockchain  SMB Operation («Open», «Create», «Rename/Move», «Delete», «Set Attributes», «Open Dir», «Create Dir», «Rename/Move Dir», «Delete Dir»)  Timestamp  Client (SID + IP)  File Type (Normal, Directory, Stream, Symlink)  ONTAP SMB share, ONTAP volume  Path in the volume (+ target path for «Rename/Move» operation)  SMB «Open»: mode (RO, RW, Delete_at_close), (desired Access + create Options)  SMB «SETATTR»: type of changed attribute(s) (owner, size, etc.)  Whether the access was blocked by a Cleondris firewall rule 

73 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Screenshot: Configuring CVTX Auditing for an SVM  Auditing can be easily configured with just a few clicks in the Cleondris UI  The necessary configuration is automatically applied on ONTAP Roadmap 2023 Q1 

74 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SMB/NFS Cleondris CVTX Blockchain FPolicy CVTX (1) (2) SIEM (3, optional) Roadmap: automatic long-term archival to S3 

75 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Quering the Audit Log 

76 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Analyzing/Aggregating Events in the Audit Log Roadmap 2023 Q1 

77 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Possible queries in the blockchain In the event of a major Incident:  Which users were most active in the last X hours?  Who created/read/modified/deleted the most files?  At what point did the NAS traffic increase exactly?  On which shares did we observe the most activity? On a case-by-case basis:  Who has deleted file X?  Who has worked with file X in the last few days?  Where has file Y been moved to? 

78 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Volume Analysis 

79 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard: 3 pillar principle Protection Analysis Repair 

80 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Attack Detection Repair Back Online NetApp: Repair Scenario («Full Restore» with SnapRestore) M: «Last Good Backup» With SnapRestore all current data (good or bad) is reset… M: 

81 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Attack Detection Repair Back Online NetApp: Repair Scenario («Backwards») M: \\zha51\backup_20161121_0800 (readonly export of the snapshot directory) Single-File Clone (manually, Powershell, …) – OR you use the automated Cleondris Differential Restore! M: 

82 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard Differential Restore 

83 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. CVTX SMB/CIFS Roadmap: Restore using Blockchain Audit Log (Q1/2023) FPolicy DFR 

84 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Roadmap: 2023-JAN 

85 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. SnapGuard: 3 pillar principle Protection Analysis Repair 

86 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

87 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. Licensing Options  Cleondris Data Manager (CDM) Backup & Restore for ONTAP, NAS & VMware, SnapMirror-Cloud, Indexing  Indexing (IDX) Indexing + NAS-Restore only, subset of CDM  SnapGuard (SGEE) Ransomware Protection, Differential Restore Cleondris software is always licensed per-node (ONTAP / ESXi). There are no per-user, per-TB, per-Disk-Shelf, per-VM, … licenses needed! 

88 Cleondris® and SnapGuard® are registered trademarks of Cleondris GmbH in the United States, EU, China, Switzerland and/or other jurisdictions. 

Thank you! https://www.cleondris.com