Instead of helping IT understand how they can eliminate backup storage silos, vendors are proposing additional sub-silos of storage within the backup infrastructure. The primary reason is to try to cobble together a ransomware recovery strategy.
Most backup vendors are now proposing no less than four storage systems within the backup infrastructure:
- Backup storage with high data ingest capabilities keeps pace with the modern backup storage solutions’ ability to transfer data rapidly throughout the day.
- Archive or retention storage for the long-term storage of protected data. These systems typically can store data immutably to protect against a ransomware attack.
- High-performance storage for the backup metadata, the indexes, and configuration files that the backup software needs to operate.
- Sterile recovery storage to provide production class performance in case of a failure of production storage or a ransomware attack.
The problem is most storage systems are just that, individual systems. They are not a platform that can host all the backup storage use cases. StorONE’s S1:Backup is a backup storage platform that can consolidate each of the above storage demands without compromising performance or data availability. Watch our latest LightBoard video below to learn how StorONE’s S1:Backup eliminates storage silos.
There IS Innovation in Backup Server Software
Modern backup software vendors are innovators. In the past ten years, they’ve made block-level incremental backups so reliable that organizations use them as their default method to protect data. Software vendors have also innovated in recovery, delivering recovery in place technology (Instant Recovery) that instantiates VMs or applications directly on the backup appliance, saving data transfer time. They can also meet all of an organization’s retention demands thanks to advanced metadata techniques that allow them to sift through double-digit petabytes of retained data. Each of these innovations demands more from the backup storage target.
We’ve also seen innovation from hardware vendors that supply the components to the backup storage target. Flash drives are more affordable than ever, and hard disk drives now support 20TBs of capacity. Given these advancements, the cost to deploy, manage, and upgrade backup infrastructure should decrease, but the reality is that cost and complexity are increasing.
Backup Storage Targets Aren’t Innovating
The problem is the backup storage software that drives this hardware has not been updated in over two decades. Legacy backup storage targets depend on ever-increasing CPU clock speed to keep pace with the innovations in backup server software and storage hardware components—however, only the number of cores per CPU increases, not the clock speed per core. The result is applications like storage that don’t thread across additional cores don’t show the benefit like applications that do thread well.
S1:Backup Brings Innovation Back to Backup Storage
Our enterprise storage platform, which is a complete rewrite of storage IO, powers StorONE’s S1:Backup so it can extract all the innovation possible from each component in the infrastructure. This extensive development effort pays dividends in backup storage, especially ransomware protection.
Legacy backup storage targets can’t extract maximum performance from flash drives and won’t allow their customers to use high-density hard drives for fear of slow RAID rebuild times. S1:Backup can deliver hundreds of thousands of IOPS from 12 or fewer flash drives. It can run at 90% of available capacity and scale up to 15PBs in a single two-node cluster. The result is extreme density, 3.3PB in 12U without deduplication or compression.
Eliminate Storage Silos by Reducing RPO
The number one responsibility of backup storage targets is to secure a secondary copy of production data. Production data is always increasing, so transferring it to backup storage is more challenging than ever. The threat of a ransomware attack only compounds the situation by requiring multiple backups a day; some customers are moving to hourly backups.
The good news is most backup server software solutions have block-level incremental or change-block tracking backups, which move data to the backup storage target at a sub-file level. The bad news is that legacy backup storage targets can’t keep up with the high number of simultaneous jobs organizations need to send to lower their threat window exposure level.
StorONE’s S1:Backup uses its flash-first technology to rapidly ingest hundreds of inbound backup jobs to enable customers to increase backup frequency from multiple times a day to even hourly protection, almost eliminating an organization’s ransomware threat exposure window. The flash-first technology also enables the rapid consolidation of incremental backups into a synthetic full, which means organizations will never have to perform an “over-the-network” full backup again.
Finally, because it is flash-first and not flash-only, StorONE’s S1:Backup is affordable. The solution will move the oldest backups from flash to a hard-disk-tier using our intelligent tiering technology. Our efficient software enables you to use 18TB or 20TB hard disk drives without risk of drive failure or concerns about over-utilization of capacity. StorONE can deliver RAID rebuilds in less than 3 hours even with these high-density drives, thanks to our vRAID technology.
Eliminate Storage Silos by Consolidating Immutability
The table stakes defense against a ransomware attack is immutable storage. This requirement often forces IT to buy, support, and maintain a separate tier of storage, often an Object Storage system. The customer still needs a fast data-ingest tier to receive data but now must manage the copying of that data to the secondary immutable storage system.
This process increases the customer’s threat exposure window because there is a gap between data being received on the high-performance ingest device, the copy being started, and then the copy completing on the immutable storage. The process also consumes backup-server software and network resources while effectively doubling the capacity requirements of the backup storage infrastructure.
StorONE’s S1:Backup creates an instant, space-efficient immutable copy of every backup job. There is no time allocated to transferring the data, no consumption of double the storage capacity, and no new protocols to learn. S1:Backup provides immutability across all protocols.
Eliminate Storage Silos by Consolidating Backup Metadata
The data that backup software creates, indexes, and configuration files, are almost always stored on the server housing the backup application. Storing this metadata on the backup server or even on a SAN makes it vulnerable to various failures and threats, especially ransomware attacks. If ransomware encrypts this data, the backup software (once reinstalled) must recreate it by scanning all the protected data, assuming it is not also encrypted.
The reindexing process can take hours to rebuild configuration files, reestablish schedules, and verify retention policies. If backup data is also encrypted, even partially, IT must first copy, now manually, the data on the immutable object-store back to the rapid ingest backup storage system.
StorONE’s S1:Backup is the only solution to store protected data, make that data immutable, and store the active backup metadata without impacting performance. S1:Backup can also make space-efficient immutable copies of the backup metadata, protecting it from a ransomware attack and creating consistency with the immutable copies of protected data. With S1:Backup, you have consolidated three separate backup storage infrastructure use cases into a single solution while substantially improving the process.
Eliminate Storage Silos with StandBy Storage
Ironically, the most overlooked aspect of a ransomware recovery strategy is recovery. Suppose IT has reduced the exposure window by increasing the number of protection events and has made both the protected data and metadata resilient to a ransomware attack. In that case, IT is ready to respond when the eventual attack occurs. But what will IT use as its recovery point?
After a ransomware attack, IT is left with a production storage environment that appears ready for recovery. The problem is that the state of that environment is unknown. Ransomware attacks now typically work by making many copies of the trigger file and changing its name.
IT must find all of these variants then delete them before restoring and bringing production systems online. If the forensic process misses one trigger file, the attack will start again. The only option is for IT to completely wipe out the production data design by deleting volumes and recreating them. The first approach is time-consuming and leaves open the possibility of re-encryption. The second is even more time-consuming and removes forensic data required to understand where the attack originated and exactly what files were exposed.
StorONE’s S1:Backup is the only solution on the market that, on the same system, is making protected data and metadata resilient from attack, and can provide a sterile recovery environment, which we call StandBy Storage. The StandBy Storage capability of S1:Backup will dynamically allocate our flash-first technology to provide a high-performance recovery area to host data during a ransomware attack.
Since this data needs to interact with applications and users, the storage solution must present volumes in a read/write mode. Still, the S1:Backup will continue to make space-efficient immutable copies of this data so that if the ransomware trigger-file attacks it, a known good copy is less than 30 seconds away. The S1:Backup solution is highly available and supports all storage protocols (Fibre Channel, iSCSI, NVMe-oF, NFS, SMB, and S3). You don’t need to alter your environment and can run indefinitely on the S1:Backup solution until you can complete the forensic work in your production environment.
Consolidate Backup Storage with StorONE
StorONE’s S1:Backup is the first backup storage target to take a platform approach to the backup storage infrastructure. It combines four different backup storage use cases into a single solution without compromising protection at any point in the process.
To learn more, watch our latest webinar, “Three NEW Ransomware Exploits – How to Close the Backdoor,” now available on-demand.