Use the Detection toggle button to quickly enable or disable
alerts for ransomware threat detection at storage system level.
About this task
By default, IBM Storage
Virtualize systems running firmware
8.6.3.0 or later with mdisks on FCM4 drives using draid1 or draid6 are enabled for ransomware threat
detection alerts. You can enable or disable the alert for a specific storage
system.
Note: You can enable or disable
Ransomware Threat Detection and
update
Threat Notification Recipients for multiple devices simultaneously,
based on the following scenarios for the selected devices:
- Ransomware Threat Detection and Threat Notification
Recipients values are the same:
You can enable or disable Ransomware
Threat Detection and update Threat Notification Recipients for
all the selected devices simultaneously.
- Ransomware Threat Detection value is not the same:
You cannot enable or
disable Ransomware Threat Detection or update Threat Notification
Recipients for the selected devices simultaneously.
- Ransomware Threat Detection value is the same but Threat
Notification Recipients are different:
You can enable or disable Ransomware
Threat Detection only, but you cannot update the Threat Notification
Recipients for the selected devices simultaneously.
- Ransomware Threat Detection value is the same and Threat
Notification Recipients have no data:
You can enable or disable Ransomware
Threat Detection and add email IDs as Threat Notification
Recipients for the selected devices simultaneously.
Procedure
To enable or disable alerts for ransomware threat detection, complete the following
steps:
Note: Ransomware threat detection is available in both the free and
pro versions of
IBM Storage
Insights. You can enable or
disable this feature in either version.
In the free version, ransomware threat detection is
available only in the modern UI and not in the classic UI. For pro version, ransomware threat
detection is available in both the classic and modern UI.
-
From modern UI:
- Go to the storage systems page through . Select a specific storage system and click
More in the blue multi-select operations bar, then click
Ransomware threat detection, or click the 3 vertical dots menu at the end of
each storage system row and click Ransomware threat detection. The ransomware
threat detection details pane opens on the right side.
To enable or disable ransomware
threat detection for multiple storage systems at a time, select the storage systems and click
More in the blue multi-select operations bar, then click
Ransomware threat detection, and proceed with the following
steps.
- Toggle the Detection icon to enable or disable the ransomware
threat detection.
If needed, enter specific email addresses in the
Email Override box to receive alerts individually, overriding the global
notification settings.
- Click Save.
- From classic UI:
- Go to . Select a storage system for which you want to enable or disable
the alerts for ransomware threat detection.
- Right-click on the selected storage system and select Ransomware Threat
Detection. Toggle the Detection icon to enable or disable the
ransomware threat detection.
If needed, enter specific email
addresses in the Email Override box to receive alerts individually,
overriding the global notification settings.
- Click Save Changes.
Results
Your changes to the alerts for ransomware threat detection are saved successfully. You can
monitor the triggered ransomware threat alerts in the IBM Storage
Insights GUI. For more information, see Monitoring alerts for ransomware threat detection.