New Capability: DAS Activity Monitoring for on-prem NAS devices (NetApp, Isilon, Unity)

Description

:bangbang:Admins and Data Owners need an easy and intuitive way to monitor, track and investigate data access activity and access right changes performed on unstructured data. Data Access Security Activity Monitoring allows for visibility across the system through a single pane of glass allowing for ability to perform the security and governance tasks they are in charge of (such as identifying threats) with efficiency and ease.

Key benefits:

  • Real-time Visibility of Activity Data: Provide real-time visibility into data access activity on unstructured data for your Netapp, EMC PowerScale and Unity NAS storage.
  • Forensics investigations and Reporting on Activity Data: Enable admins to generate comprehensive reports for compliance audits and perform inquiries and investigations on Activity Data. These reports help examine activity patterns, identify anomalous or unauthorized behaviors, and more - serving as both an Access Control device, and Proof of Governance.
  • Surface Identity Access Changes as Proof of Compliance - simplify and expedite audits by providing an easy way to query and report on access changes made to critical data sources.

New Capabilities

Added support for NAS storage Activity Monitoring consisting of Netapp, EMC PowerScale and EMC Unity.

Problem

Administrators and Data Owners are often in charge of data across multiple systems and need visibility into the actions taking place on the data under their purview. Gathering this information is often a tedious process, requiring manual retrieval and, in many cases, technical knowledge—if it’s possible at all.

  • Organizations have a blind spot regarding how access to unstructured is used, unused, or abused and whether access and actions done on data assets is appropriate.
  • Organizations would like to have visibility into actions taken on their data to detect and alert on inappropriate access, as well as detect and intercept attacks and breach attempts.
  • Data Access usage plays a critical role in determining used and unused access - and determining identities access patterns and profiles - that can all shape critical governance decisions, such as approving, provisioning and revoking access, towards a least privilege access model.
  • Organizations are obliged to provide proof of monitoring access rights changes as part of audit events to comply with regulations. However, holistically reporting on this information is extremely difficult.

Solution

Activity Monitoring allows for Real-time Visibility of Activity Data. This provides real-time visibility into data access activity on unstructured data for your Netapp, EMC PowerScale and Unity NAS storage. It also enables Forensics investigations and Reporting on Activity Data, allowing admins to generate comprehensive reports for compliance audits and perform inquiries and investigations on Activity Data.

Action Required

A Virtual Appliance is required for all On-Prem activity monitoring capabilities. Please ensure you have configured a VA cluster of Cluster Type ‘Data Access Security - Activity Monitor’ in Identity Security Cloud before enabling Activity Monitoring.

In the DAS Application configuration there will be a new screen available for Netapp, PowerScale and Unity application types which will allow you to enable Activity Monitoring.

Use the toggle to enable the Activity Monitoring feature and select the corresponding VA Cluster created above.

Set the desired retention period and any monitoring exclusions, then click Save to enable. Activity Monitoring will be enabled immediately upon saving the configuration changes.

Important Dates

General Availability Date: Apr 9, 2025