You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/azure-netapp-files/ransomware-configure.md
+4-3Lines changed: 4 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: azure-netapp-files
5
5
author: b-ahibbard
6
6
ms.service: azure-netapp-files
7
7
ms.topic: how-to
8
-
ms.date: 02/24/2026
8
+
ms.date: 03/05/2026
9
9
ms.author: anfdocs
10
10
ms.custom: references_regions
11
11
---
@@ -28,7 +28,8 @@ Advanced ransomware protection's alert mechanisms enable you to stay vigilant in
28
28
* Attack reports are retained for 30 days.
29
29
* Ransomware threat notifications are sent in the Azure Activity log.
30
30
* It’s recommended that you enable no more than five volumes per Azure region with advanced ransomware protection to mitigate performance issues.
31
-
* It's recommended you increase QoS capacity by 5 to 10 percent due to potential performance impacts of advanced ransomware protection. The scale of the impact can vary based on the configurations across your Azure NetApp Files deployment.
31
+
* It's recommended you increase QoS capacity by 5 to 10 percent due to potential performance impacts of advanced ransomware protection. The scale of the impact can vary based on the configurations across your Azure NetApp Files deployment.
32
+
* If your volumes have workloads with a high level of encryption and deletion, it may increase the possibility of false positives. It is recommended not to enable advanced ransomware protection on these volumes.
32
33
33
34
## Supported regions
34
35
@@ -127,7 +128,7 @@ You can also use [Azure CLI commands](/cli/azure/feature) `az feature register`
127
128
128
129
:::image type="content" source="./media/ransomware-configure/ransomware-threats.png" alt-text="Screenshot of ransomware threats." lightbox="./media/ransomware-configure/ransomware-threats.png":::
129
130
130
-
1. If you know the files are **not** an active threat, mark the files as a **False positive**.
131
+
1. If you know the files are **not** an active threat, mark the active threat as a **False positive**.
131
132
132
133
If you believe the files are a threat, select **Threat**. You can then [revert the volume](snapshots-revert-volume.md) based on the last snapshot captured before the threat.
133
134
1. Once you've resolved the threat, you can view archived ransomware reports on the same page. Reports are archived for 30 days.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments