Summary
Ransomware attacks are not the only outage event IT teams need to be prepared for. Having a data resilient architecture is critical to enable Rapid Restore capabilities regardless of the reason for the outage.
Daily we hear about businesses facing the task of recovering from large-scale, unplanned outage events. These are unfortunate reminders that it’s not just ransomware or even natural disasters that we need to protect and recover from, but a multitude of new vectors in our ever more complex application ecosystem. It has been reported that upwards of two-thirds of businesses will be attacked within a given year and that number is on the rise. When we add in the recent unforced outages that required massive recovery efforts of very public systems, we see the criticality of having a data-resilient architect to ensure the life and sustainability of our businesses. The right architecture provides us with Rapid Restore capabilities that minimize disruption and data loss from unplanned outages.
Pure Storage can help IT teams recover from these unplanned outages, whether that’s your applications, operating systems, or data in a timely manner by leveraging SafeMode™ protected snapshots. While traditional backups may be available, restoration efforts are often needlessly elongated and can result in far more data loss than necessary, further lengthening recovery efforts. Let’s explore how Pure solves recovery challenges and enables customers to have a truly data-resilient architecture.
Snapshots: Your First Line of Defense
Your first line of defense should be to leverage Pure Storage’s protection group snapshots for Tier 0 and Tier 1 applications, taking only seconds to recover with minimal data loss. Pure Storage® FlashArray™ protection group snapshots provide point-in-time consistency across sets of volumes. This unlocks the ability to leverage these indelible copies of your data to recover applications that span multiple volumes without suffering from issues around consistency and data integrity.
If you need to roll back due to a failed update and your environment is set up in a manner where your operating system boot volume is separate from application and data volumes, you may be able to easily recover the failed operating system or application updates to a last known good state. For applications where this type of rollback is viable, leveraging Pure Storage SafeMode protected snapshots allows this operation to be performed in seconds.
Our customers who choose to leverage Virtual Volumes (vVols) and Storage Policy Based Management (SPBM) enjoy the robust built-in data service policy compliance engine in modern vSphere. By standing up SPBM policies using Pure Storage’s vSphere plugin, the SPBM policies and Pure Storage protection groups are tightly coupled. In the event of VM corruption, a rollback of a VM (or an individual data volume) is only a right-click away within the vSphere Web Client. If a mass rollback is required, then this can be easily scripted using PowerShell examples that are published in the Pure Storage GitHub repository. A role-play demo of this capability can be seen below.
This isn’t just a theoretical recovery method. One of our customers recently experienced an unplanned outage requiring large scale recovery. Their experience was substantially different from what other businesses with the same challenge broadly reported in the industry. Having Windows VM’s on VMware, with Pure Storage, and our Pure VMware Plugin, they were able to recover all of their Windows VM’s from a previous SafeMode protected snapshot in a matter of hours. While other companies were trying to figure out what had happened and what to do about it, they had already recovered their entire environment, and enjoyed the evening with their families and an otherwise normal weekend.
Leverage the Pure Storage API for Automation and Recovery-focused Test/Dev/QA Workflows
Another option where Pure Storage can assist our customers is with strategies and solutions that address these events through the use of our rich, simple API for data management. This API can be used to create tooling for test/dev/QA workflows and easily be repurposed for recovery needs.
For example, our PowerShell SDK can be leveraged to write scripts automating snapshots to instantly create consistent, point-in-time copies of application data and present those copies to environments for testing and validation purposes on the fly.
Very similar methodologies could be used to recover from any large scale outage events. A slightly modified version of the script can instantly create precautionary rollback snapshots of the operating system volumes, then, temporarily present the original copy of those volumes to proxy recovery hosts, perform cleanup on the filesystem, and then unmount and power back on the affected systems. This type of automation can dramatically reduce the time required for such operations at scale.
Orchestrated Recovery with Pure Protect //DRaaS
Pure1 Manage (login required) rounds out the strategy with tools that help you assess risk, decide on actions to take, and execute on some of those plans. Pure1® is now able to assess your environment based on phone home telemetry and provide a Data Resiliency Score and a Security Assessment. This compares your configuration against best practices and will help ensure your storage platform is well-prepared to weather an attack.
Pure Protect™ //DRaaS is now available to provide an orchestrated recovery service where you can bring application stacks online in native AWS (EC2). Bringing together orchestration, conversion, and your security policies, you maintain custody with an indelible copy of your data, and Pure Protect //DRaaS provides a service to restore applications when disaster strikes.
Finally, Pure Storage customers who utilize our products with our partners Veeam, Commvault, Cohesity, or others can leverage Rapid Restore or Instant Recovery with FlashBlade® or FlashArray. These integrations allow you to recover from the best available copy of data in the shortest amount of time.
Hacker’s Guide to Ransomware Mitigation and Recovery
We Are Here to Help
A data-resilient architecture delivers the ability to rapidly recover your critical applications from an outage, regardless of the reason or cause. These foundational design principles of snapshots as your fastest first line of defense, privileged attacker protection with SafeMode, automation and simplification with APIs and plugins, and orchestration with as-a-service offerings, provide a foundation to deliver operational data resilience in the face of any event.
For Pure Storage customers that are concerned about recovering from an outage, whether that is from a failed update, accidental deletion, or ransomware attack, we are here to help! Please reach out to your support team or to your local sales team and ask to speak with your Cyber Resilience Field Solutions Architect or Principal Technologist.
Written By:
Protect Your Data
Learn more about SafeMode.