Skip to main content
NetApp Knowledge Base

What is the purpose of the arw.medium.encryption.percentage.threshold option in ONTAP 9.17.1?

  1. Last updated
  2. Save as PDF
Views:
25
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
CORE
Last Updated:

Applies to

  • ONTAP 9.17.1
  • Autonomous Ransomware Protection (ARP)

Answer

  • arw.medium.encryption.percentage.threshold is not hardware dependent.
  • Option defines the internal threshold (%) that ONTAP uses to classify medium level encryption.
  • Parameter originates from legacy ARP behavior and remains as an internal ARW scoring parameter.
  • Not intended for tuning; does not influence high encryption alert workflows.
  • High encryption thresholds and alert behavior
    • arw.high.encryption.alert.enabled must be on for high encryption evaluation.
    • When high encryption threshold is exceeded:
      • EMS message is generated: callhome.arw.activity.seen
      • ARP snapshot is created: Anti_ransomware_attack_backup
      • AutoSupport and SNMP notifications are generated.
  • Medium encryption threshold behavior
    • Does not generate alerts.
    • Does not create snapshots.
    • Used only for ARW internal evaluation logic.

Additional Information

additionalInformation_text
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.