ONTAP Security and Compliance Solutions Administration [ARR_NEP_OCSA]

OVERVIEW

In this course, you learn how to administer NetApp® ONTAP® 9 data management software-integrated security and compliance features. You learn how to create a secure IT environment according to Zero Trust principals such as “least privilege access” and “encrypt everything.” You also administer, configure, and manage the integrated data security and compliance features in ONTAP 9, which include data retention with SnapLock software and data integrity with autonomous ransomware protection.

OBJECTIVES

• Secure an ONTAP based storage system according to Zero Trust principles

• Apply least privilege access control to ONTAP administrators and users

• Secure data in flight

• Secure data at rest

• Enforce compliance with data privacy and retention regulations

• Secure access to data by NAS protocols

• Protect data from corruption by ransomware or malware

AUDIENCE

NetApp Customers, Partners and Employees

CONTENT

Module 1: Security concepts

• Security threats

• Security standards and regulations

• Security defenses

• Zero Trust

Using the Active IQ Unified Manager security dashboard

Module 2: NetApp ONTAP management security

• ONTAP authentication

• Role-based access control

• Multifactor authentication

Applying least privilege access control  and Configuring MAV

Module 3: NetApp ONTAP network security

• NAS network security

• Securing data in flight

• LIFs

• SAN security

• iSCSI security

• NVMe security

Segregating network traffic & Securing data in flight

Module 4: NetApp ONTAP storage security

• Encrypting data at rest

• NSE

• NVE

• Key management

Encrypting a volume & deleting data securely

Module 5: NetApp ONTAP data retention

• SnapLock compliance software

• Managing SnapLock volumes

• Protecting SnapLock volumes

• Advanced SnapLock features

Configuring SnapLock compliance software for file retention & using the privileged delete feature

Module 6: NetApp ONTAP NAS security

• NFS user authentication

• NFS user authorization

• NFS permissions

• Securing in-flight SMB data

• SMB user authentication

• SMB user authorization

• Active Directory features

• Storage-Level Access Guard

• User name-mapping

• Auditing and logging

Managing access to NAS shares & configuring Storage-Level Access Guard

Module 7: Protecting NAS data integrity

• NAS data integrity

• Malware and antivirus protection

• FPolicy

• ONTAP anti-ransomware

• Cloud Secure

Blocking the storage of unwanted data, creating frequent recovery points, enabling anti-ransomware protection and recovering from a ransomware attack