Enabling Autonomous Ransomware Protection

The following procedures explain how to use the ONTAP CLI to enable Autonomous Ransomware Protection (ARP) active mode as well as how to verify that ARP is enabled. For more information about ARP, see How ARP works.

To enable ARP in active mode on an existing volume using the ONTAP CLI

Run the following command. Replace vol_name and svm_name with your own information.
```
security anti-ransomware volume enable -volume vol_name -vserver svm_name
```
For more information about this command, see security anti-ransomware volume enable in the NetApp documentation center.

To enable ARP by default on an existing SVM using the ONTAP CLI

Run the following command. Replace svm_name with your own information.
```
vserver modify -vserver svm_name -anti-ransomware-default-volume-state dry-run
```
For more information about this command, see vserver modify in the NetApp documentation center.

To verify the status of ARP using the ONTAP CLI

Run the following command.
```
security anti-ransomware volume show
```
For more information about this command, see security anti-ransomware volume show in the NetApp documentation center.

You can temporarily suspend (and then resume) ARP if you're anticipating heavy workload events. For more information, see Pause ONTAP Autonomous Ransomware Protection to exclude workload events from analysis in the NetApp Documentation Center.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Protecting data with Autonomous Ransomware Protection

Responding to ARP alerts