Security Guard for Qumulo
What is the Security Guard?
Security Guard is an automated self-test that simulates a ransomware-like attack scenario on your file system. By running this test regularly, you can ensure that the system’s Data Security solution is operating correctly and is capable of detecting suspicious behavior. It is recommended to run the Security Guard at least once per day to maintain a high level of confidence in your ransomware defense readiness.
Setting up Security Guard
To configure and run Security Guard on Qumulo, you must have:
- A Security Guard share with auditing enabled.
- An Active Directory (AD) user with the appropriate permissions to access and execute the Security Guard actions on that share.
Follow these steps:
-
Open the Ransomware Defender Application
Launch the Ransomware Defender interface and navigate to the Security Guard tab. -
Access the Job Settings
Scroll down to the Job Setting section.
Define how often Security Guard should run automatically. You can specify intervals in hours (‘H’) or days (‘D’). If you wish to verify the configuration immediately, you can click Run Now to initiate a test run outside the scheduled interval.
-
Select Qumulo as the Network Element
Choose the Qumulo cluster from the list of available network elements.
noteAt this time, IP-based Security Guard is not supported for Qumulo. You must select the Qumulo cluster by name from the provided list.
-
Configure the Active Directory User
Enter the credentials of the AD user who will trigger the Security Guard event. Add both the username and password in the designated fields. This user will trigger the Security Guard Event.
-
Apply the Settings
Click Submit to finalize and apply the Security Guard configuration. The job will now run at the specified interval.
Once configured, the Security Guard will regularly test the Qumulo system, validating that Data Security is ready to detect and alert on any simulated malicious activities.