Contents
Configuring a New Policy
-
Access Policies Menu
Select “Policies” from the menu and press the “+New Policy” button.
-
Define Policy Details
Enter the Policy Name, select the frequency, Protection Window start time, and Time Zone. Then, choose whether to execute the policy immediately or pause it until a specified time. Click “Next.”-
First Run Timing: The first run operates on Coordinated Universal Time (UTC) to accommodate global users. If "Activate now" is selected, the first scan will initiate at the next 15-minute UTC interval. For example, if you create a policy at 10:25 UTC and choose "Activate now," the first job will start at 10:30 UTC. Subsequent runs will follow your defined schedule.
-
First Run Timing: The first run operates on Coordinated Universal Time (UTC) to accommodate global users. If "Activate now" is selected, the first scan will initiate at the next 15-minute UTC interval. For example, if you create a policy at 10:25 UTC and choose "Activate now," the first job will start at 10:30 UTC. Subsequent runs will follow your defined schedule.
-
Select Protection Options
-
Choose “Live Scan” from the protection options.
Optionally, enable “Always keep the last clean copy of the data” and/or “Always keep the latest infected copy of the data.”
- These options are only available for EBS, where Elastio retains individual EBS volume snapshots when selected.
- These options are only available for EBS, where Elastio retains individual EBS volume snapshots when selected.
- Select the protection type:
- Ransomware Detection
- Malware Scan
- Recoverability Check
- Non-Ransomware Entropy Scanning
Refer to Elastio Scans for details on protection types.
-
-
Choose Cloud Connectors
Select the Cloud Connectors where the policy will operate. This ensures the policy scope is confined to specific AWS Accounts or Regions, avoiding unintended impacts.
-
Select Assets to Protect
- Choose from EC2, EBS, S3, and EFS assets.
- For EBS, specify:
- All EBS Volumes: Protects all EBS volumes, attached or unattached, without associating them with EC2 instances.
-
Specific assets: Allows selection of EBS volumes by asset name, ID, tags, AWS Accounts, and AWS Regions.
- Additional options:
- Choose to skip or scan the latest/all pre-existing EBS snapshots.
- Enable scanning of assets immediately upon creation. Elastio will initiate a scan 5 minutes after creating a new instance to verify its safety.
-
Optionally, filter assets by tags and click “Next.”
Note: The Policy dynamically identifies tagged assets during each execution, meaning assets and tags do not need to exist at policy creation.
- Choose to skip or scan the latest/all pre-existing EBS snapshots.
-
Assign Vaults
In Step 5, select the vaults for the Cloud Connectors chosen in Step 3. If no separation of scan jobs is needed within a Cloud Connector, use the default settings. Click “Save” or “Save & Run.”- Save & Run: Elastio will initiate the first scans immediately, with subsequent scans following the schedule.
-
Save: The first scan will be scheduled according to the policy's configuration.