fotohansel - Fotolia

NetApp Cloud Insights gets AI monitoring and ransomware detection

Cloud Insights adds artificial intelligence-based continuous audit and monitoring of entire IT estate and generates impact assessments from performance events, plus anomaly alerting for ransomware

NetApp has upgraded its Cloud Insights infrastructure management software with artificial intelligence (AI)/machine learning so that it automatically generates a topology of a customer’s infrastructure and even predicts impacts from observed events.

The NetApp product has also added anti-ransomware capability that can spot anomalous behaviour and trigger snapshots to roll back to.

Cloud Insights can operate across any supplier’s products – not just NetApp – and can interrogate storage, switch fabrics, networking, servers, applications, container platforms etc, and provide a single screen view to the customer.

This can provide easy-to-consume information about operational metrics such as performance and capacity, financial metrics to allow chargeback, “showback” etc, and management and reporting across the whole IT estate.

The addition of AI-based learning allows Cloud Insights to generate an ever-changing topology showing these areas. Previously, customers would have to set up what they wanted to monitor and were stuck with that until they changed it.

Now, Cloud Insights will look at a range of resources according to what it considers important and infer likely further effects from events there, said Grant Caley, CTO at NetApp.

“Cloud Insights will see, for example, performance problems on storage and will raise alerts about likely impacts to other parts of the infrastructure,” he said.

Cloud Insights will also make suggestions to admins of possible solutions, such as moving workloads or adding capacity, based on its knowledge of the IT estate.

AI is also being brought to bear on ransomware detection in Cloud Insights. Here, the software tracks user usage patterns for anomalous behaviour, said Caley, and data protection measures are triggered.

“Say I’m in every day during the week nine-to-five and I access three spreadsheets a day,” he said. “Then one day it looks like I’m in on a Sunday and accessing a big shared drive that I don’t normally. Cloud Insights would pick up on the anomalous behaviour and – on NetApp storage [only] – would take a snapshot to recover to.”

NetApp also has Snaplock, which can make snapshots that can’t be deleted for a set period so that ransomware attackers cannot dispose of copies of data that a customer could recover to.

Read more on NetApp

Meanwhile, also in the company’s anti-ransomware armoury are the NetApp Ontap operating system, which can detect encryption activity, and Cloud Data Sense, which can scan and audit data for such things as open permissions.

Would Cloud Insights form the basis of any kind of consumption model procurement, with capacity and other upgrades triggered by customer need?

Caley said Cloud Insights had API (application programming interface) connectivity to its Service Now configuration management platform and has been used for internal procurement at NetApp, but there are no plans to offer this to customers.

“It’s about reducing complexity in managing systems,” he said. “So, instead of keeping track of things on a load of spreadsheets you can connect APIs into workflows.

“Previously, the customer decided what to monitor. Now it’s the tool itself, and that takes away the need to pre-think what to monitor.”

Finally, NetApp also announced an update to FlexPod XCS, its converged infrastructure product that combines NetApp storage with Cisco servers and that company’s Intersight automation platform.

Here the first addition is the ability for Flexpod XCS to deploy across the cloud, with the addition of storage resources from NetApp Cloud Volumes Ontap for backup, disaster recovery and workload migration.

Also, Intersight now has Kubernetes CSI management for NetApp storage, while Flexpod will be offered as a pay-as-you-go service.

Read more on Data centre