How to Build Layered Defensibility with a Tiered Resilience Architecture

Meet “resiliency architectures”—a next-gen backup solution that gives organizations every chance to become more resilient in a rapidly evolving risk landscape.

Resiliency Architectures

image_pdfimage_print

Tiered backup architectures with different logical and geographic locations can help meet the diverse backup and recovery needs of today’s businesses—but this isn’t a new idea. What is “new” to report is that tiered resilience architectures are needed now more than ever—provided they are next-generation solutions.

When the outcome of a breach or cyber event is too often a complete shutdown of operations that can last for days and put not only information but also people at risk, we need solutions that can turn these “major events” into “tolerable events.”

What is an example of a next-gen backup solution? A Tiered Resilience Architecture.

Backups Won’t Be Enough

Before I explain what makes a solution next-gen, let’s consider what came before it. 

Initially, companies wanted to back up their data in an 8-12 hour, overnight time window. Once they could do that, they started to worry about backup failure. So, they adopted a new approach: the 3-2-1 backup strategy with three copies of data on two different media (disk and tape), keeping one copy off-site, just in case. However, the Colonial Pipeline breach made it quite clear that even with backups, recovery times can be weeks or longer without the right architecture and technology solutions in place.

So, the 3-2-1 approach, with multiple, distributed copies of backups, isn’t ideal if the aim is to recover as swiftly as possible following an event. And most business leaders don’t care as much about redundancy as they do about a speedy return to normal.

But backups should be the last line of defense. Many just aren’t fast enough, which is why organizations need to take a serious look at tiered backup architectures. This can help them address every angle, mitigate every risk, and give them every chance to be as resilient as possible.

The Future of Disaster Recovery Is Here

Previously, I wrote about how tiered architectures amplify data protection against insider threats and advanced malware when combined with data bunkers and Pure Storage® SafeMode™ protections. Backing up data and having rapid restore capabilities remain critical for data protection, but they’re only part of the picture. 

A Pure Storage Tiered Resilience Architecture is a multilayered, recovery architecture that primarily uses SafeMode snapshots to implement the lowest possible recovery times based on an organization’s needs and the recovery time objectives (RTOs). SafeMode is a data protection solution built into Pure FlashArray™ and FlashBlade®—super immutable, out-of-band, multifactor-authenticated snapshots. 

“Super immutable” is different from “traditional” immutable snapshots because they can’t be modified once written (thus making them immutable), but they also can’t be deleted! While traditional, immutable snapshots can’t be modified once created, with the right privileges on the storage array (generally, admin-level), they can be deleted. 

SafeMode snapshots also come with one additional, huge caveat: No bad actor (person or process)—even with administrative privileges—can fully eradicate data from a Pure Storage array without invoking a special, out-of-band Pure Storage support process. Period. That means you have a guaranteed point of recoverability right there on your primary storage arrays. Get your recovery started immediately and get back up and running in far less time.

Take a deeper dive into the value of SafeMode.

Why Do You Need a Tiered Resilience Architecture?

For speed and near-instant recovery.

Resilience is A tiered resilience architecture enables you to recover data very quickly in the event of a cyberattack, disaster, or administrative accident. SafeMode snapshots afford you a near-instant recovery capability, instead of relying on other backup technologies that are slow, complex, and prone to malfunction or experience other technical issues at exactly the worst time. 

Even if you’re using Rapid Restore from Pure, restore times will still be significantly longer than recovering from a SafeMode snapshot, which can be done in milliseconds. (Restoring from a snapshot is even faster than using Pure with Commvault, which can recover 270 terabytes (TB) per hour vs. other widely used solutions, which can generally recover between 2TB and 6TB per hour or less.)

But that’s not all. By implementing a resilience architecture, you’ll also benefit from:

  • Reduced management overhead
  • Improved environmental and sustainability metrics
  • Enhanced ability to easily test and prove the environment is working—and confirm that your recoverability goals are being met
  • A lifetime of nondisruptive upgradability, so you never need to migrate data again

The Unmatched Performance of a Pure Storage-based Resilience Architecture

Now, let’s get into how to build this next-gen backup solution with Pure. We’ll start with a high-level overview of the architecture’s structure.

Generally, a tiered resilience architecture is implemented in several tiers or layers of defense:

Resiliency Architectures

Tier 0

Mission-critical infrastructure at this layer includes, but isn’t necessarily limited to, Active Directory, DNS, and time services. Without these services, little or nothing else in the environment will function.

Tier 1

Host your primary data and applications that are critical to your business operations on this tier (elements like core databases and application services, along with their defined dependencies). These will be the primary focus of recovery because when they’re unavailable, neither is your organization’s ability to deliver business services to customers.  

Tier 1 should house three to seven days of SafeMode snapshots. Depending on your application’s performance requirements, you could use either FlashArray//X™, FlashArray//XL™, or FlashArray//C™ to create this layer.

Tier 2

Tier 2 is essentially a snapshot replica archive for storing offloaded snapshots from Tier 1, which also lives at this layer. The archive should be able to store the snapshots for the longer term—at minimum, three months (90 days) to 6-12 months or longer, if possible. This tier is also critical and useful for longer-term forensics after an attack.

You can build a snapshot archive on FlashArray//C, FlashBlade//S™, or FlashBlade//E™.

Note: While Tier 2 is meant for storing data for the long term or meeting data compliance needs, you could, in the event of a major disruption, use this layer to run workloads at slightly lower performance to keep your business running. 

Tier 3 

This layer can be a fast backup tier for extreme scenarios only. Generally, the backup tier should be used as a long-term retention layer for compliance or to restore data for applications that don’t warrant protecting with snapshots.  

Here again, you could use FlashArray//C or FlashBlade//S, with ISVs and enterprise application native solutions integrated to allow backup data to be written directly to the array and protected with immutable snapshots and SafeMode. You could also use FlashBlade//E to replace traditional spinning disk backups.

Tier 4

An optional Tier 4 layer of defense would comprise a one-way-in data bunker used for large-scale disasters. Data bunkers are highly secure and provide an extra layer of durability as optional disaster recovery sites serving behind your primary and secondary backup sites. Host a replicated copy of data and make compute available on demand. Potentially, you could store years of data at the Tier 4 layer.

If you’re using Pure Storage to build your resiliency architecture, you could create Tier 4 on FlashArray//C or FlashBlade//S. You can also build this layer by using public cloud S3 targets or cloud-adjacent bare metal services such as Equinix Metal. You would generally want higher speed storage FlashArray//X or FlashBlade//S for Tier 4, as the intent is to run just as current production would, only in a different location.

Key Steps to Get Started

You don’t have to build a tiered backup architecture with the Pure Storage platform, but without it at the foundation of your architecture, and without capabilities like SafeMode, you won’t have a truly next-gen solution for backup and recovery. 

Once you’ve decided how many layers of defense you need, and which Pure flash storage arrays you want to use to build and support your resilience architecture, you’ll need to take the following key steps:

  • Step 1: Store the data for the workloads you want to protect on your Pure Storage array.  
  • Step 2: Enable snapshots on those arrays and set up protection groups to support your desired disaster recovery objectives. 
  • Step 3: Let the snapshots run for a couple of weeks, based on your defined policies. This process will help ensure protection group policies are proven to be configured accurately. It will also give you the opportunity to tune the policies without having to invoke the out-of-band process with Pure Support. 
  • Step 4: Enable Pure SafeMode to protect snapshots from accidental or purposeful deletion and eradication. (Remember that after you turn on SafeMode, the only way to change protection group settings or disable SafeMode is through a special Pure support process.)

A Pure Tiered Resilience Architecture is the future of disaster recovery. It brings advanced resilience, performance, and simplicity to help your organization truly revolutionize its legacy, antiquated backup environment.

Beyond the Firewall: Insights and Strategies from Leading CISOs

Written By: