Henrik,
One way would integrate Scale with QRadar. If I'm not wrong, you can configure QRadar to take a snapshot when it detects there's an attack happening. The details you can take from here:
Abraços / Regards / Saludos,
Anderson Nobre Power and Storage Consultant IBM Systems Hardware Client Technical Team – IBM Systems Lab Services |
| ||
Phone: 55-19-2132-4317 E-mail: ano...@br.ibm.com |
----- Original message -----
From: Henrik Morsing <hen...@morsing.cc>
Sent by: gpfsug-discuss-boun...@spectrumscale.org
To: gpfsug-discuss@spectrumscale.org
Cc:
Subject: [EXTERNAL] [gpfsug-discuss] Ransom attacks
Date: Thu, May 27, 2021 12:10
Hi,
It struck me that switching a Spectrum Protect solution from tapes to a GPFS filesystem offers much less protection against ransom encryption should the SP server be compromised. Same goes really for compromising an ESS node itself, it is an awful lot of data that can be encrypted very quickly.
Is there anything that can protect the GPFS filesystem against this kind of attack?
Regards,
Henrik
_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss