Skip to main content
NetApp Knowledge Base

How does ARP behave in 9.16.1?

  1. Last updated
  2. Save as PDF
Views:
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • ONTAP 9.16.1
  • ARP/AI

Answer

  • Beginning with ONTAP 9.16.1, Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI) is automatically enabled for FlexVol volumes in NAS environments where ARP is already active.

  • ARP/AI leverages advanced machine learning models and a multi-signal approach, analyzing entropy changes, file headers, and metadata to enhance threat detection and response, accurately distinguishing normal activity from ransomware attacks, including those employing sophisticated evasion techniques.

  • FlexVol volumes are required to utilize ARP/AI. FlexGroup volumes continue to use the previous ARP model after upgrading. Upon upgrade, any incomplete ARP learning periods are ended, and volumes transition immediately to active ARP/AI, eliminating the need for further learning phases.

  • ARP/AI continuously adapts to new ransomware techniques using external malware data feeds, ensuring up-to-date protection without manual intervention. All previously learned data and customer feedback, including false positive designations, are retained during upgrades from ONTAP 9.15.1 or earlier, maintaining continuity in ransomware defense.

Additional Information

additionalInformation_text
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.