ExaGrid announced the release of software Version 6.0, which begins shipping on September 18, 2020.
New Retention Time-Lock for Ransomware Recovery
Retention Time-Lock is a revolutionary approach to protecting backup retention data to enable fast and easy recovery from ransomware.
- ExaGrid’s two-tier architecture includes a network-facing tier and a non-network-facing tier. ExaGrid alone controls the non-network-facing tier, creating a tiered air gap.
- Backups are written to the network-facing-tier for fast backup performance. The most recent backups are kept in their full undeduplicated form for fast restores.
- Data is adaptively deduplicated (for storage cost efficiency) into the non-network-facing tier for long-term retention data. Organizations can have as many days, weeks, months, or years of retention as they require. There is no limit to the number of version retention copies that can be saved.
- In addition to the long-term retention, ExaGrid offers a policy-driven approach allowing for any delete requests issued to the network-facing tier to be delayed in the non-network-facing tier for a specified number of days, so that backup data will not be deleted when a hacker takes control of the backup application or backup storage.
- If encrypted data is sent to the network-facing tier, or if any of its data is encrypted, ExaGrid’s repository is protected as all the deduplication objects are immutable because they are never modified.
ExaGrid assumes the hackers will take control of the backup application or the backup storage and will issue delete commands for all backups. ExaGrid has the only non-network-facing tiered backup storage solution (a tiered air gap) with delayed deletes and immutable deduplication objects.
This unique approach ensures when a ransomware attack occurs, data can be easily recovered or VMs booted from the ExaGrid Tiered Backup Storage system. Not only can the primary storage be restored, but all retained backups remain intact.
“ExaGrid’s Version 6.0 provides our customers with a new strategy for ransomware recovery: ExaGrid’s Retention Time-Lock, which prevents hackers from deleting data stored in our system’s repository tier as all deletes are delayed by a policy setting. This unique approach allows customers to recover data in the event that the primary storage has become compromised by ransomware or malware,” said Bill Andrews, ExaGrid’s President and CEO.
“Unlike other approaches, which require the purchase of an additional storage unit, our approach only requires that customers allocate 2% to 10% of additional repository storage in their existing system with an adjustable delay period, which is in line with our goal of offering the most cost-effective solutions to our customers.”
Security enhancements, new UI platform, and other highlights of version 6.0
Version 6.0 includes the following security enhancements:
- New security officer role governs any changes to the Retention Time-Lock policy.
- Optional Two-Factor authentication in web-based user interface using any OAUTH-TOTP app.
- Additional control over SSH access
- Utilize Active Directory credentials from trusted domains to control share and user interface access.
- New operator role for day to day operations reduces the need for administrator access.
- Security checklist for quick and easy implementation of best practices.
- Automatic user interface logout after a period of inactivity.
Version 6.0 includes the following additional features:
- User interface improvements provide intuitive details about how the ExaGrid system’s storage capacity is being utilized.
- Streamlined navigation experience.
- Deduplication and replication performance improvements across multiple backup applications.
ExaGrid’s unique approach: Tiered backup storage
Disk-cache Landing Zone (Performance Tier)
- ExaGrid writes directly to disk for the fastest backup performance
- ExaGrid restores directly from disk for the fastest restores and VM boots
Long-term Retention Repository (Retention Tier)
- ExaGrid tiers long-term retention to a deduplicated data repository to reduce storage and resulting storage costs
Backing up to low-cost disk is fast for backups and restores, however, with longer-term retention, the amount of disk required becomes extremely expensive.
To reduce the amount of disk for long-term retention, deduplication appliances reduce the amount of storage and cost, however the deduplication is performed inline on the way to the disk which slows down backups to about one-third the performance of disk.
Also, the data is only stored in deduplicated format resulting in extremely slow restores and VM boots as the data has to be reassembled, or rehydrated, for each request.
In addition, deduplication appliances are scale-up storage which only adds storage capacity as data grows, resulting in backup windows that continue to grow as data grows, expensive forklift upgrades, and forced product obsolescence.
ExaGrid Tiered Backup Storage writes directly to disk for the fastest backups, and restores directly from disk for the fastest restores and VM boots. ExaGrid then tiers the long-term retention data to a deduplicated data repository to reduce the amount of retention storage and resulting cost.
In addition, ExaGrid provides a scale-out architecture where appliances are simply added as data grows. Each appliance includes processor, memory, and network ports, so as data grows, all resources required are available to maintain a fixed-length backup window.
This scale-out storage approach eliminates expensive forklift upgrades, and allows for mixing appliances of different sizes and models in the same scale-out system which eliminates product obsolescence while protecting IT investments up front and over time.
ExaGrid offers the best of both worlds by offering low-cost disk for the fastest backup and restore performance tiered to a deduplicated data repository for the lowest cost retention storage. The scale-out storage architecture provides a fixed-length backup window and is low cost up front and over time.