How do I edit an anti-ransomware policy, add servers to a policy, and remove servers from a policy? - Security Center

After creating an anti-ransomware policy, you can perform the following management operations:

Disable or enable the policy — temporarily stop or resume data backup tasks
Edit the policy — update backup settings and protected directories
Manage servers — add or remove servers, and install or uninstall the anti-ransomware agent
Delete the policy — permanently remove the policy and all associated backup data

Prerequisites

Before you begin, make sure that you have:

An anti-ransomware policy. To create one, see Create an anti-ransomware policy.

How a policy takes effect

A policy takes effect on a server only when both of the following conditions are met:

The policy is enabled.
The Security Center agent on the server is in a normal state.

If the policy status is abnormal, resolve the issue as soon as possible. For details, see What do I do if the status of an anti-ransomware policy is abnormal?

Disable or enable an anti-ransomware policy

Disable a policy to temporarily stop its data backup tasks. This is useful during a first-time backup, which consumes significant CPU and memory resources and may affect your services. Re-enable the policy during off-peak hours to resume data backup.

Log on to the Security Center console. In the top navigation bar, select the region of the asset you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose Protection Configuration > Host Protection > Anti-ransomware.
On the Anti-ransomware for Servers tab, find the policy and toggle the switch in the Policy Status column.
- Disable: Turn off the switch. The running data backup task stops immediately.
- Enable: Turn on the switch. Data backup resumes based on the policy.

Edit an anti-ransomware policy

Log on to the Security Center console. In the top navigation bar, select the region of the asset you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose Protection Configuration > Host Protection > Anti-ransomware.
On the Anti-ransomware for Servers tab, find the policy and click Edit in the Actions column.
In the Edit Policies panel, update the parameters. For parameter descriptions, see Create an anti-ransomware policy.
Click OK.

Security Center runs data backup tasks based on the updated policy after you save the changes.

Manage servers in an anti-ransomware policy

After creating a policy, you can add or remove servers and install or uninstall the anti-ransomware agent on individual or multiple servers.

Log on to the Security Center console. In the top navigation bar, select the region of the asset you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose Protection Configuration > Host Protection > Anti-ransomware.
On the Anti-ransomware for Servers tab, find the policy and click the icon to expand the server list.
Perform the operation you need:
Add servers
To add servers to the policy, edit the policy and update the server selection. For details, see Edit an anti-ransomware policy.
Note
Each server can belong to only one anti-ransomware policy. Each policy supports a maximum of 100 servers.
Remove servers
Important
Removing a server from a policy permanently deletes all backup data for that server. Deleted backup data cannot be restored.
- To remove a single server, click Delete in the Actions column and click OK.
- To remove multiple servers, select them and click Delete below the server list.
Install or uninstall the anti-ransomware agent
- To install or uninstall the agent on a single server, click Install or Uninstall in the Actions column.
- To install or uninstall the agent on multiple servers in the same policy, select them and click Install or Uninstall below the server list.
Note
If you uninstall the agent within the data retention period, Security Center keeps the existing backup data. If you uninstall the agent outside the data retention period, Security Center deletes the backup data.

Delete an anti-ransomware policy

Important

Deleting a policy permanently stops all running backup tasks and deletes backup data for all servers the policy covers. Deleted backup data cannot be restored.

Log on to the Security Center console. In the top navigation bar, select the region of the asset you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose Protection Configuration > Host Protection > Anti-ransomware.
On the Anti-ransomware for Servers tab, find the policy and click Delete in the Actions column.
In the confirmation dialog, click OK.