Detect & Respond to Ransomware with Veeam ONE

Abstract

Veeam® ONE™, part of Veeam Availability Suite™, is a powerful tool that provides proactive alerting, monitoring and reporting in your environment. Out of the box, Veeam ONE can monitor your environment for ransomware in several different ways. Veeam ONE can take things a step further by automatically taking action when an alarm threshold is met.

Veeam ONE is extremely flexible and configurable, allowing for endless possibilities when it comes to ransomware detection.

In this paper, we take a closer look at these capabilities in Veeam ONE in two parts, based on Veeam ONE Monitor and Veeam ONE Reporter.Part I examines the capabilities for monitoring and responding to ransomware in Veeam ONE Monitor.

Part II takes a closer look at the capabilities for reporting on your environment when it comes to ransomware, including building custom reports in Veeam ONE Reporter.

Ransomware Monitoring OOTB

When it comes to ransomware, any defense is better than no defense at all. There are many different types of ransomware out there today, and with each passing moment each gets more sophisticated. Backup and recovery of data once it is infected by ransomware is a go-to method of beating the ransom, but if you don’t know if your backups completed successfully, you could still be putting your company’s data in jeopardy.

Making sure there is a recoverable backup is just one step, but it is also important to monitor the entire environment for suspicious or unusual activity. Being able to identify abnormal behavior over the network, with backup jobs or even how resources are being used, can contribute to helping stop ransomware in its tracks.

Real-time alerting about backup job success and knowing what impacts the success of backup operations can be beneficial for any business fighting ransomware or in general. Veeam ONE makes it easy to know the state of your backup jobs and their status.