It seems like quite a while since I’ve written a blog piece, but I’ve been galvanised into action by some new features that were introduced into Protect 8.1.5 while I recently spent some time away from work…
Spectrum Protect 8.1.5 will now detect “suspicious activity” in your clients. Or to put it more simply – Protect will help to protect you against ransomware attacks as they start. That is the period where the ransomware is quietly encrypting away and spreading over your network but is still un-noticed by your production users.
To achieve this Protect will now notify you in the Operations Centre overview screen and in a new Security Notification screen of in-expected changes to various metrics. The metrics are tracked, averaged over time and include increase/decrease of the amount of data/number of files being backed up and decreases in the dedupe ratio. These all being indicative of something making changes en-masse to the underlying filesystem. You can configure the server to email your server team or application owners directly if their servers have warnings pop up against them.
Pretty cool huh?
You can see a short video by Tricia Jiang here: