Alex -

NetApp OnTap 9.10.1 adds ransomware protection, NVMe/TCP

NetApp's OnTap 9.10.1 enhancements include new ransomware protection and add NVMe/TCP performance as well as new object storage capabilities.

NetApp's newest version of OnTap adds security, performance and expanded capabilities to the vendor's flagship storage operating system.

Announced at the NetApp Insight conference last week, the 9.10.1 update, which is due out next month, will add automation to fight ransomware and ease storage system management, increase performance with NVMe/TCP, and add object storage capabilities to OnTap S3, NetApp's support for Amazon Simple Storage Services object storage. The company released some details about a new, all-flash storage array, the AFF A900, at the virtual event.

The enhancements to OnTap are "evolutionary" and further strengthen NetApp's operating system, which spans the reach of where data can be stored, according to Dave Raffo, senior analyst at Evaluator Group.

"As NetApp expands, adding to their technology and product base, it is still mainly about OnTap," he said. "The difference now is that OnTap is not only tied to its hardware, but it is a cloud operating system as well."

OnTap is a mature product and a core technology to NetApp's cloud strategy, according to Raffo. The upgrades echo the vendor's push to enable customers to work on premises or in the cloud.

Fighting ransomware autonomously

Ransomware protection is becoming a standard feature for storage vendors. In NetApp's case, the vendor has added machine learning (ML) to its storage OS to understand usage, especially in how data is written, and to quickly detect anomalies.

NetApp's ML software studies how data is saved to a storage system, according to Octavian Tanase, senior vice president of hybrid cloud engineering at NetApp. If the algorithm detects an anomaly in the write patterns, an immutable snapshot is taken of the data and replicated with SnapLock, NetApp's implementation of write-once, read-many technology, so that data can be read but not changed or deleted.

NetApp OnTap 9.10.1
NetApp OnTap 9.10.1

IT is alerted and can take remedial actions such as isolating the systems and ensuring they have a good snapshot of data. This gives customers a recovery point as close to the beginning of the attack as possible.

Instead of reacting to a ransomware attack, NetApp is trying to prevent an attack from happening in the first place, according to Tanase.

"The best way to do that is build analytics in the product that understands file entropy and takes action as soon as possible," he said.

NetApp's SnapLock implements retention policies that are designed to avoid eating up capacity. There are specific retention policies for different types of data that NetApp follows as well.

Better performance with NVMe/TCP

NetApp will now be using the TCP protocol for its NVMe over fabrics. Customers won't need new hardware as the protocol works over existing network connections. NetApp believes the support of NVMe/TCP will see broader deployment, as it will lower latency without incurring new equipment costs. It is the first vendor to support the protocol, according to Tanase.

NVMe/TCP is more efficient and more resilient than internet small computer systems interface (iSCSI), a protocol used for communication between the host and target, for customers looking to modernize in that way, he said.

AFF A900

NetApp previewed a new array with the AFF A900, NetApp's new flagship all-flash storage platform, according to Tanase. Existing customers using the A700 can replace their processor control module, giving their investment a longer shelf life. The A900 uses the same 8U chassis, with side-by-side controllers for high availability, he said.

The A900 will also be sold as a new system and will come with hot-pluggable I/O modules and hot-pluggable PCM modules, which will allow the replacing of failed modules non-disruptively during production. Tanase said targeted use cases include workloads requiring high throughput, low latency and high resiliency such as database workloads. The A900 can also be used to consolidate more workloads onto one system.

Protecting object data

Users of OnTap S3 now have the option of hybrid cloud backup, according to a company blog post.

NetApp's storage and data replication software, SnapMirror, can now back up OnTap S3 object data to on-premises hardware; StorageGrid, NetApp's software-defined object storage product; the public cloud; or other OnTap S3 buckets on the vendor's all-flash and hybrid arrays.

Data at the edge, generated by IP cameras, remote offices and other devices, is usually sent in a key value pair or object fashion, Tanase said. NetApp wants its customers to be able to ingest objects and has added these enhancements with the edge in mind, he said.

Automation for simplification

NetApp rolled out automatic firmware updates for simplification, a new feature that not all customers may want, according to Evaluator Group's Raffo. Most companies prefer having a say when firmware upgrades happen, and the automatic feature may be more appealing to smaller companies that don't have a dedicated storage admin.

The new feature is opt-in, and customers can choose to continue updating their firmware on their own timeline.

Next Steps

Recent surge in ransomware attacks threatens national security

Dig Deeper on Cloud storage

Disaster Recovery
Data Backup
Data Center
and ESG