FalconStor Cloud Clean Room enables validated recovery without dedicated infrastructure

FalconStor has announced FalconStor Cloud Clean Room, an on-demand infrastructure platform designed to let organizations perform validated recovery testing in a persistent secure enclave. Each test starts from a known state, reducing the risk of carrying issues over from previous recovery exercises.

Built on FalconStor’s patent-pending zero trust secure enclave (ZTSE) technology, the Cloud Clean Room is designed as a standalone infrastructure layer that can be deployed across multiple use cases and integrated by third-party software vendors and service providers.

FalconStor Habanero, the company’s existing managed offsite backup and archive vaulting solution for IBM i, IBM Power, and tape environments is the first solution to be combined with the Cloud Clean Room, giving organizations a complete backup-to-validated-recovery capability on IBM Cloud, without requiring IBM Cloud expertise from the customer.

The Problem: Recovery plans that haven’t been tested are not recovery plans

Analyst firm HyperFRAME Research has found that while cyber resilience is a priority for 91% of organizations, only 30% report being very confident in their recovery speed following a cyberattack or cloud-based data loss event. The gap is not in data capture, it’s in validated recovery. Building and maintaining a dedicated clean room infrastructure for periodic recovery testing has historically been cost-prohibitive and operationally complex, requiring months of planning and significant expertise.

FalconStor Cloud Clean Room enables the infrastructure to be created on-demand, eliminating the need to maintain a standing replica and its associated cost.

How it works: On-demand infrastructure, zero persistent risk

The FalconStor Cloud Clean Room runs in the IBM Cloud, utilizes global infrastructure within IBM’s PowerVS environments, and is orchestrated through FalconStor’s patent-pending Zero Trust Secure Enclave. The Secure Enclave itself is a persistent, hardened environment where recovery tests of the relevant IBM Power LPARs are created and destroyed as needed. This means each test starts from a known-clean state with no carried-forward configuration, malware exposure, or environmental drift.

The entire cycle requires no cloud expertise from the customer. FalconStor manages all infrastructure provisioning within the enclave, from LPAR creation through decommissioning.

This approach delivers three outcomes that regulated enterprises and security-conscious IT teams care about most:

  • Validated recovery confidence. Every test produces a verified, audit-ready proof of recovery, not a checkbox, but documented evidence that a specific recovery point is clean and restorable.
  • Zero persistent attack surface. IBM Power LPARs provisioned for each recovery test are decommissioned once the test is complete, ensuring no compromised or drift-affected components carry forward. The persistent Secure Enclave itself is hardened and isolated, with no exposure to production environments.
  • Audit-ready compliance documentation. Organizations subject to regulatory frameworks, such as DORA, have documented recovery proof on demand, without a separate compliance project.

First offering: Cloud Clean Room for Habanero customers

Habanero provides immutable offsite vaulting for IBM i and IBM Power environments and tape-based backup workflows. The Cloud Clean Room is available as an add-on to Habanero, giving Habanero customers the ability to perform their own validated recovery tests inside a secure, FalconStor-managed infrastructure environment on IBM PowerVS. FalconStor manages all underlying infrastructure provisioning and orchestration within the secure enclave. Customers initiate and manage their own recovery tests, without needing IBM Cloud expertise or dedicated clean room infrastructure of their own.

For IBM Power shops, particularly those still running tape, this combination represents the path to meeting cyber resilience and regulatory requirements without a rip-and-replace migration project. No dedicated cloud infrastructure, no specialized clean room expertise, and no changes to existing backup processes are required.

The Cloud Clean Room is available now as an add-on to Habanero, including all necessary infrastructure provisioning within the secure enclave. Customers use Habanero for immutable offsite vaulting and the Cloud Clean Room to perform on-demand recovery validation, giving IBM Power organizations the ability to confirm their backup data is recoverable, produce audit-ready documentation, and meet regulatory requirements such as DORA, FFIEC, and PCI-DSS on their own schedule.

ISVs and service providers looking to build managed recovery services, including quarterly or annual validated recovery as a managed offering, can license the Cloud Clean Room and Habanero to deliver these services to their customers.

“While most organizations have invested in backup and data protection, recovery confidence remains a significant challenge,” said Don Gentile, Analyst, Data Platforms and Resiliency, HyperFRAME Research. “FalconStor’s Cloud Clean Room focuses on enabling validated recovery through testing and documentation. The combination of documented proof and repeatable exercises can help organizations verify that their plans will perform as expected when needed.”

A licensable infrastructure platform

While the Habanero integration represents the commercial offering, FalconStor designed the Cloud Clean Room as a purpose-built infrastructure layer intended for broader deployment. The Cloud Clean Room can be licensed and embedded by ISVs and service providers who want to add on-demand clean room capabilities to their own offerings without building the underlying orchestration themselves. Active discussions are underway with multiple ISVs for applications that include cyber resilience augmentation, on-demand infrastructure enablement, and managed services onboarding.

FalconStor sees the Cloud Clean Room as a foundational infrastructure layer with potential well beyond cyber resilience, applicable wherever organizations need isolated, on-demand compute and storage environments that execute reliably and leave no carried-forward risk.

“As cyber resilience has moved from best practice to boardroom mandate, organizations can protect their data, but they have had no practical way to confirm those backups will actually recover under pressure. The Cloud Clean Room closes that gap, giving organizations the infrastructure to perform validated recovery testing on demand, without cloud expertise or dedicated DR infrastructure,” said Todd Brooks, CEO, FalconStor.

More about

Don't miss