DATA VAULT
SECURE YOUR BACKUP-DATA WITH RANSOMWARE RECOVERY - POWERED BY
THE
THREAT
Protection from ransomware is a primary concern for organizations today. With a Data Vault we give you a unique approach to ensure that attackers cannot compromise the backup data, allowing your organization to be confident that you can restore the affected primary storage and avoid paying ransoms. The Data vault is compatible with the most popular backup-systems.
SECURE YOUR DATA,
NO CHANGED ROUTINES
By adding a data vault to your existing backup system, you keep your existing routines and workloads.
ExaGrid is Tiered Backup Storage with a front-end disk-cache Landing Zone and separate Retention Tier containing all retention data. Backups are written directly to the “network-facing” ExaGrid disk-cache Landing Zone for fast backup performance. The most recent backups are kept in their full undeduplicated form for fast restores.
Once the data is committed to the Landing Zone, it is tiered into a “non-network-facing” long-term retention repository where the data is adaptively deduplicated and stored as deduplicated data objects
to reduce the storage costs of long-term retention data. As data is tiered to the Retention Tier, it is deduplicated and stored in a series of objects and metadata. As with other object storage systems, the ExaGrid system objects and metadata are never changed or modified which makes them immutable, allowing only for the creation of new objects or deletion of old objects when retention is reached. The backups in the retention tier can be any number of days, weeks, months, or years that is required. There are no limits to the number versions or length of time backups can be kept. Many organizations keep 12 weeklies, 36 monthlies, and 7 yearlies, or even sometimes, retention” forever”.
ExaGrid’s Retention Time-Lock for Ransomware Recovery is in addition to the long term-retention of backup data and utilizes 3 distinct functions:
ExaGrid’s approach to ransomware allows organizations to set up a time lock period that delays the processing of any delete requests in the Retention Tier as that tier is not network facing and not accessible to hackers. The combination of a non-network facing tier, a delayed deletion for a period of time and immutable objects that cannot be changed or modified are the elements of the ExaGrid Retention Time-Lock solution. For example, if the time lock period for the Retention Tier is set to 10 days, then when delete requests are sent to the ExaGrid from a backup application that has been compromised, or from a hacked CIFS, or other communications protocols, the entire long-term retention data (weeks/months/years) is all intact. This provides organizations days and week to identify that they have an issue and restore.
Data is time-locked for up to 30 days against any deletion. This is separate and distinct from the long-term retention storage that could be kept for years. The data in the Landing Zone will be deleted or encrypted, however, the Retention Tier data is not deleted upon an external request for the configured period of time – it is time-locked for up to 30 days against any deletion. When a ransomware attack is identified, simply put the ExaGrid system into a new recover mode and then restore any and all backup data to primary storage.
The solution provides a retention lock, but only for an adjustable period of time as it delays the deletes. ExaGrid chose not to implement Retention Time-Lock forever because the cost of the storage would be unmanageable. With the ExaGrid approach, all that is needed is up to an additional 10% more repository storage to hold the delay for the deletes. ExaGrid allows the delay of deletes from 1 day to 30 days.
Immutable data deduplication objects
Non-network-facing tier (tiered air gap)
Delayed delete requests
YOU ARE
NOT ALONE.
Cristie provides you a customized ready to fit solutions, installed at DC at choice, in your own DC, at one of our domestic Service Providers, in the cloud or hybrid. You tell us and we will design for a perfect match.
