What are you looking for ?
Advertise with us
RAIDON

Pure Storage FlashBlade//S with Cohesity DataProtect Software: Secret Weapon Vs. Ransomware

Offers performance, simplified, and true scale-out data protection solution.

Pure Storage Mandeep AroraBy Mandeep Arora, data protection solutions architect, Pure Storage, Inc.

 

 

After a disaster, businesses can’t wait days or weeks to get their data back. Pure Storage FlashRecover//S, Powered by Cohesity delivers complete DR in minutes.

Pure Storage Flashrecover S Scheme Intro

One of the most common ransomware attacks we see today is the destruction of backup data. The ability to recover quickly from this sort of destructive attack is a huge question mark for traditional backup systems or any purpose-built backup solution. Businesses cannot wait days or weeks to get their data back – they need to recover within hours from any sort of disaster to avoid incurring major downtime and the resulting loss of revenue. Ransomware protection for FlashRecover provides that solution promptly and effectively.

With ransomware now targeting the backup ecosystem, your existing data protection solution may not be enough. Backing up data does safeguard against common disaster scenarios such as accidental deletion or natural disasters. But ransomware attacks can even further impact the backed-up data on the existing data protection infrastructure, and the ransomware threat is always looming. To address this challenge, Pure Storage, Inc. and Cohesity, Inc. have forged a partnership and brought to market a 1st-of-its-kind solution.

Pure Storage Ransomware Scheme

Cohesity and Pure Storage
Cohesity is a true scale-out data platform that enables policy-based provisioning and management of storage supported by FlashBlade. This approach aims to disaggregate the storage and compute, gives the flexibility to scale the storage or compute independently, and lets you build a data center backup solution with lower costs. FlashBlade//S with Cohesity DataProtect software offers a high-performance, simplified, and true scale-out data protection solution.

What’s new in FlashBlade//S and Cohesity? 
FlashBlade//S with DataProtect is an integrated, modern, all-flash data protection solution for rapid recovery at scale. This jointly developed solution is simple and fast and provides reliable backup and recovery for enterprise data – and much more. It allows you to restore petabytes of data in hours, not days or weeks. It also provides an extra layer of data security that’s game-changing in this era of ransomware attacks: with FlashBlade SafeMode turned on, all your backed-up data is protected with read-only mode snapshots that cannot be deleted or eradicated and are available for restore at any time. 

Before diving deep into the implementation, I’d like to highlight one key business value proposition of this solution: with FlashBlade//S and DataProtect deployment in the data center, you can perform a complete DR of the cluster data and the backup data in few minutes. No other purpose-built backup appliance solution has the capabilities to perform a complete on-prem DR of the backup data in minutes.

What is SafeMode in FlashBlade? 
SafeMode in FlashBlade provides rapid recovery from ransomware events. FlashBlade SafeMode for filesystems does two important things to protect against malicious attacks.

It enables you to:

  • Create on-demand, consistent point-in-time SafeMode snapshots of data and metadata Filesystems on FlashBlade//S from Cohesity cluster node. 
  • Create SafeMode snapshots for other filesystems, based on the snapshot schedule defined on FlashBlade.

The SafeMode snapshot feature prevents the user from eradicating the snapshots from the system. In this way, SafeMode provides a path to rapid recovery at the time of ransomware attacks.

Now let’s take a look at the architecture of the solution.

Figure 1: FlashRecover//S architecture overview.

Pure Storage Flashrecover S Scheme1

Solution is made up of 3 main parts: 

  • DataProtect software
    • DataProtect is simple, comprehensive, enterprise-grade backup and recovery software for traditional and modern data sources. 
  • Cohesity-certified compute nodes
    • DataProtect runs on Cohesity-certified compute nodes with no local drives. 
  • FlashBlade
    • It is the backend storage where the filesystems are created and mounted to compute nodes via NFS v3 protocol. 
    • SafeMode is enabled on the FlashBlade system.

The solution deployment doesn’t just create backup data filesystems for data on FlashBlade, it also creates the filesystems for metadata and configuration data on the FlashBlade filesystem. This solution comes with the snapshot feature enabled by default, which means you can perform on-demand SafeMode snapshots of backup data, cluster data, and metadata on FlashBlade and later use them for recovery purposes. 

Wondering how you can perform consistent snapshots on Cohesity filesystems?
To create a useful and consistent SafeMode snapshot of the backup copies, metadata, and configuration data, it’s important to quiesce the services on the Cohesity cluster. Currently, manual intervention is required to perform the SafeMode snapshot. You can create the SafeMode snapshot of the Cohesity Filesystems via ssh logging into one of the Cohesity cluster nodes. An iris_cli cluster create-snapshot command is used to create the snapshots. During this process, all of the cluster services will be stopped and all of the current running jobs and schedule on the cluster will be terminated. During this process, an internal backup of the node local data to the appropriate FlashBlade filesystem is performed. Once the process completes all the prereqs for creating the snapshot, the cluster will create the snapshot of all the Cohesity filesystems on the FlashBlade automatically. This is how simple it is to take consistent point-in-time SafeMode snapshots on FlashBlade, which can be later used to perform the recovery after a ransomware attack.

Note: The initial release of this feature requires manual intervention to perform consistent snapshots, because in the present implementation, automatic SafeMode snapshot creation via a FlashBlade schedule would not guarantee consistent snapshots of all the filesystems. A later release of Cohesity software will have improved integration that may be able to cover the operational gaps in the process. 

For a complete guide to DR of backup data with this joint solution and SafeMode snapshots, refer to this whitepaper and demo video of the solutions.

What’s next with ransomware protection for FlashRecover
I recommend leveraging the integrated snapshot feature of Cohesity and SafeMode snapshot on FlashBlade to get another layer of protection to protect yourself from any ransomware or malicious attacks on backup data.

Resources :
White papers and guides to learn more about FlashRecover:
Restore virtual machines at the speed of 1PB/day (Pure1 login required)
Demo video on backup and restore virtual machines at scale (Pure1 login required)
Simplified Oracle protection with FlashRecover (Pure1 login required)
Back up EPIC with FlashRecover (Pure1 login required)

Articles_bottom
ExaGrid
AIC
ATTOtarget="_blank"
OPEN-E