Course Overview
Learn how to administer NetApp ONTAP® 9 data-management software integrated security and compliance features. Learn how to create a secure IT environment according to Zero Trust principals such as ‘least privilege access’ and ‘encrypt everything’.
This course comprehensively describes the administration, configuration, and management of the integrated data security and compliance features in ONTAP 9, including data retention using SnapLock software and data integrity with autonomous ransomware protection.
Course Content
In this course, you learn how to administer NetApp® ONTAP® 9 data management software-integrated security and compliance features. You learn how to create a secure IT environment according to Zero Trust principals such as “least privilege access” and “encrypt everything.” You also administer, configure, and manage the integrated data security and compliance features in ONTAP 9, which include data retention with SnapLock software and data integrity with autonomous ransomware protection.
Who should attend
Customers, partners, and/or employees.
Prerequisites
ONTAP Security and Compliance Solutions Administration is intended for data protection administrators of any experience level.
Course Objectives
This course focuses on enabling you to do the following:
- Secure an ONTAP based storage system according to Zero Trust principles
- Apply least privilege access control to ONTAP administrators and users
- Secure data in flight
- Secure data at rest
- Enforce compliance with data privacy and retention regulations
- Secure access to data by NAS protocols
- Protect data from corruption by ransomware or malware
Outline: ONTAP Security and Compliance Solutions Administration (OCSA)
Module 1: Compliance Solutions
- Data Compliance
- Challenges
- High availability
- Backup and archive
- Disaster recovery
- Compliance
- Cloud integration
- Data compliance types
- Data retention
- Data encryption
- Data protection solutions
- Compliance features
Module 2: ONTAP Data Retention
- SnapLock compliance software
- SnapLock Compliance
- SnapLock Enterprise
- SnapLock architecture
- Compliance clock
- Clock architecture
- SnapLock compliance volume
- SnapLock enterprise volume
- File types
- Regular
- WORM
- WORM appendable
- SnapLock settings verification
- Protecting SnapLock volumes
- Snapshot copies
- Replication
- SnapVault
- Advanced SnapLock features
- Privileged delete feature
- Audit log
- Compliance administrator account
- SnapLock APIs
Module 3: ONTAP Key Management
- Key management
- Centralized key management
- Compliance with mandates
- Investment protection
- OKM
- External Key Server (KMIP)
- Setup wizard
Module 4: ONTAP Data Encryption
- Storage encryption solutions
- ONTAP 9.1
- NetApp storage encryption (NSE)
- NetApp volume encryption (NVE)
- NetApp SANtricity full disk encryption (FDE)
- FIPS security levels
- Volume encryption demonstration
- License
- OKM setup
- OKM backup
- Node keys
- Create encrypted volume
- SVM key
- Volume key
- Encrypt existing volume
- Decrypt volume
- Move encrypted volume
- Re-key encrypted volume
- Delete
LABS:
- Configure SnapLock for file retention
- Create aggregates that are compatible with SnapLock software
- Create SnapLock volumes
- Create SnapLock volume shares
- Manage a SnapLock enterprise volume
- Manage a SnapLock compliance volume
- Create a cluster peer relationship
- Create an SVM on cluster2
- Create an SVM peer relationship
- Create a SnapLock for SnapVault protection relationship
- Manage source and destination volumes
- Manage a SnapLock for SnapVault relationship
- Create an audit log
- Create a compliance administrator account
- Enable the privileged delete feature
- Delete WORM files by using the privileged delete feature
- Configure the onboard key manager
- Display the key management backup information
- Verify the creation of encryption keys for each node