Every year, we see the percentage of organizations' victims of ransomware rising. But we also see the rise in the rate of organizations paying ransoms. However, the percentage that lost data by refusing (or agreeing) to pay ransoms is also up. No matter what, ransomware is a new business model and it is here to stay. How do you protect your data and your backups?
Back in the day, organizations did not have offsite protection so when the fire hits the building with the main office, all was lost. If by chance, some smart admins had their backups on tapes offsite, it took a few days/weeks to restore to a spare infrastructure and continue the production in degraded mode. The interest in tapes has never faded actually. It's because you can transport them off-site, put them into a locker in your bank etc. Yes, this is like 20 years ago, but now you can use VTL and cloud storage for the same result!
Today when you get hit by ransomware that encrypts the data on your network, including the backups you store on-site, you are cooked. The last line of defense has been breached and your company will most likely have a hard time to re-build all this from scratch. Unless you have a VTL software and cloud storage account. Let's have a look at two solutions that together can integrate within your backup architecture. No, you don't have to buy new hardware to use tapes. It's all virtual.
StarWind Cloud VTL
With Starwind Cloud VTL is the same as having a physical tape library without the hassle of changing tapes. The whole process is automated and we have the option of choosing between multiple cloud storage providers such as Amazon, Wasabi, Azure, etc. We chose Wasabi because it's one of the cheapest cloud storage providers.
The cost is also much lower, as uploading to cloud storage providers such as Wasabi is very cheap. This is unlike physical tape libraries which can cost thousands of dollars in addition to tape costs. The virtual tapes themselves are also in linear tape-open (LTO) format, which means they are air-gapped.
It's possible to deploy StarWind Cloud VTL on the same machine as your backup server.
Note: You should, for DR reasons, separate Veeam and StarWind VTL. Why? Because of 3-2-1 rule. 3 copies of data, 2 different location, 1 copy offsite.
We have a detailed write-up where we install Veeam Backup and Replication and StarWind Cloud VTL on the same machine. The blog post is here.
Immutability to the rescue – Wasabi is the best
Many cloud storage providers offer immutability that makes the backups undeletable (even for the admin) during a certain period. Many organizations have started using cloud object storage as part of their 3-2-1 backup strategy. Storing data in the cloud is less expensive than on-prem, gives you near-instant access to your data, and adds an additional level of protection.
Wasabi provides storage capabilities S3-compliant with a speed up to 6x faster than Amazon S3. Wasabi is 80% cheaper and 6x faster than Amazon S3, with 100% data immutability protection and no data egress fees.
When you create a Wasabi storage bucket you have the option of making it immutable for a configurable retention period (in increments of days, weeks, months, or years). “Immutable” means that any data written to that bucket cannot be deleted or altered in any way, by anyone.
Your Backup software that works normally and has proceeded with 3-2-1 rules where you have:
- 3: Create one primary backup and two copies of your data.
- 2: Save your backups to two different types of media.
- 1: Keep at least one backup file offsite.
Veeam Backup and Replication Screenshot showing the option of the tape job where you can also specify (it's ON by default) the tape ejection after the job is done.
Links:
- A solution brief can be found here
- Download the StarWind Storage Gateway for Wasabi from StarWind website
- Blog post on use case can be found here
- Veeam Backup and Replication Trial (Latest ISO) is here.
- Wasabi Website here.
Wrap Up:
Ransomware fight is not over however the technology of protection is here and not expensive. The configuration and setup takes some time, but once everything done, it's just runs without issues. Note that you must setup the immutability within Wasabi during the bucket creation and not after. It's impossible to make bucket immutable once it's already created.
More posts about StarWind on ESX Virtualization:
- StarWind SAN & NAS software details for VMware and Hyper-V
- Free StarWind iSCSI accelerator download
- VMware vSphere and HyperConverged 2-Node Scenario from StarWind – Step By Step(Opens in a new browser tab)
- StarWind Storage Gateway for Wasabi Released
- How To Create NVMe-Of Target With StarWind VSAN
- Veeam 3-2-1 Backup Rule Now With Starwind VTL
- StarWind and Highly Available NFS
- StarWind VVOLS Support and details of integration with VMware vSphere
- StarWind VSAN on 3 ESXi Nodes detailed setup
- VMware VSAN Ready Nodes in StarWind HyperConverged Appliance
More posts from ESX Virtualization:
- VMware EXPLORE 2022
- vSphere 8.0 Page (NEW)
- Patch your ESXi 7.x again
- VMware vCenter Server 7.03 U3g – Download and patch (NEW)
- Upgrade VMware ESXi to 7.0 U3 via command line
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- VMware vCenter Converter Discontinued – what’s your options?
- How to upgrade VMware VCSA 7 Offline via patch ISO
- vSphere 7.0 U3C Released
- vSphere 7.0 Page[All details about vSphere and related products here]
- VMware vSphere 7.0 Announced – vCenter Server Details
- VMware vSphere 7.0 DRS Improvements – What's New
- How to Patch vCenter Server Appliance (VCSA) – [Guide]
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster
Stay tuned through RSS, and social media channels (Twitter, FB, YouTube)
