Security Center provides the feature of anti-ransomware for databases. You can use the feature to create an anti-ransomware policy to back up data in your database. If your database is intruded by ransomware, you can restore the data of your database by using backups. This ensures that your workload runs as expected. This topic describes how to create an anti-ransomware policy for a database.

Background information

If you use Alibaba Cloud Hybrid Backup Recovery (HBR) to back up the data in your database, we recommend that you do not use the feature of anti-ransomware for databases to back up the data in your database.

Prerequisites

A specific amount of anti-ransomware capacity is purchased. The permissions to use anti-ransomware are granted. For more information, see Enable anti-ransomware

Procedure

  1. Log on to the Security Center console.In the left-side navigation pane, choose Protection Configuration > Host Protection > Anti-ransomware.
  2. On the Anti-blackmail page, click the Database extortion virus protection tab and click Create Policies.
  3. In the Database protection strategy panel, create an anti-ransomware policy for a database.
    1. In the Change database step, configure the following parameters and click Next.
      Parameter Description
      Policy Name The name of the anti-ransomware policy.
      Type The method that you want to use to select the database. Valid values:
      • Automatic identification database

        The system automatically identifies the databases that are deployed on your server. We recommend that you select this option.

      • Manually enter the database

        If the database that you want to protect is not displayed in the list of databases after you select Automatic identification database, you can select this option and manually specify the database.

      Database The database that you want to protect or the server in which the database resides.
      Database type The type of the database that you want to protect. This parameter is required only if you set the Type parameter to Manually enter the database. Valid values:
      • MYSQL
      • ORACLE
      • MSSQL
      Account The username of the account that you can use to log on to the required database. The account must have the permissions to back up data in the database. If you set the Database type parameter to ORACLE, you do not need to enter the username or the password of the database.
      Notice You must enter the username and password of the database instead of the server.
      Password The password of the account that you can use to log on to the database.
    2. In the Protection Policies step, configure the following parameters and click Finished.
      Parameter Description
      Protection Policies The anti-ransomware policy that you want to use. You can click Use recommendation strategy to use the recommended anti-ransomware policy that is provided by Security Center. If the recommended anti-ransomware policy cannot meet your business requirements, you can modify the policy.
      Full backup strategy The interval at which full backup is performed, the days of a week on which full backup is performed, and the point in time at which the full backup starts.

      Full backup indicates that you back up all data that exists at a specific point in time. Full backup is time-consuming and requires a large amount of anti-ransomware capacity.

      Incremental backup strategy The interval at which incremental backup is performed and the point in time at which the incremental backup starts.

      Incremental backup indicates that you back up only the data that is newly generated or modified after the last full or incremental backup. Therefore, incremental backup is time-saving and requires less anti-ransomware capacity.

      Backup data retention time The retention period of the backup.
      Backup network bandwidth limit The maximum network bandwidth that is allowed during data backup. If you set this parameter to 0, network bandwidth is unlimited.
      After the anti-ransomware policy for your database is created, Security Center automatically installs the anti-ransomware agent on your server, and the policy enters the Initializing state. After the anti-ransomware agent is installed on your server, Security Center backs up data in your database based on the backup policy that is configured in the anti-ransomware policy.

What to do next

After the anti-ransomware policy is created, you must precheck the database that is specified in the policy. If the precheck is successful, you can back up the data in the database. For more information, see Precheck a database.

After the anti-ransomware policy for your database is created, we recommend that you monitor the status of the anti-ransomware policy. If the policy is abnormal, perform troubleshooting at the earliest opportunity. For more information, see Troubleshoot the issues causing the abnormal status of an anti-ransomware policy for a database