Storage
Mobility
Protection
Analysis and control
TOPICShare
Ransomware attacks have become a real threat in the IT landscape, putting organizations at risk of losing control of their data. Immutable storage has been one tool that organizations have used to defend against such attacks. As your backup data could be your only ticket to safety during an attack, it has become even more important to enable critical ransomware recovery capabilities for your backups.
Now the incremental-forever, block-based backup capabilities of NetApp Cloud Backup are available for use with NetApp SnapLock® volumes. Your immutable, Write Once, Read Many (WORM) ONTAP and Cloud Volumes ONTAP volumes can now be backed up automatically to object storage on-premises or in the cloud.
In this blog we will explore the benefits of Cloud Backup support for SnapLock and how it enables enhanced protection for your most critical data.
Read on as we cover:
- What Is WORM Storage?
- What Is NetApp SnapLock?
- The New SnapLock Integration with Cloud Backup
- Cloud Backup and SnapLock-Enabled Use Cases
- Conclusion
What Is WORM Storage?
Write Once, Read Many (WORM) storage technology allows data to be written to a storage medium only once, protecting it against further modification or erasure. Data in WORM storage is rendered immutable, meaning that while authorized users can still read that data, there is no way to modify it. Storage media that support WORM are intentionally non-rewritable in order to prevent deletion or modification of data—whether intentional or accidental—after its initial save.
This immutability is why WORM storage is considered the gold standard for ensuring data integrity and compliance, especially when it comes to protecting data from ransomware attacks and other similar security threats.
What Is NetApp SnapLock?
NetApp SnapLock is an industry-standard WORM data solution built into ONTAP storage systems that helps to meet the security and compliance requirements of even the most highly regulated industries. The NetApp Cloud WORM storage feature extended SnapLock’s capabilities to the cloud.
Now there is a new way to keep SnapLock volumes safe: NetApp Cloud Backup can store backups of your SnapLock volumes in cost-effective object storage, either on-prem or in the cloud.
The New SnapLock Integration with Cloud Backup
Cloud Backup provides comprehensive backup solutions for data stored in ONTAP systems on-premises as well as in the cloud. With the new integration with SnapLock, you can use Cloud Backup to replicate WORM volumes created by SnapLock, ensuring an additional data protection measure.
The Cloud Backup destination for WORM volumes can be cloud object storage in AWS, Azure, or Google Cloud, or on-premises using NetApp StorageGRID® appliances.
SnapLock integration with Cloud Backup provides an air-gapped solution that offers enhanced ransomware protection. Together, they provide the following benefits:
-
Object-based copies
Before storing the data in the destination, Cloud Backup converts the data's format to object storage. This provides an additional layer of protection, as the access methods along with the data medium are changed, which can prevent lateral infiltrations. -
3-2-1 strategy
NetApp Cloud backup aligns with 3-2-1 backup strategy, which requires three copies of the data, utilizing two different formats, with one copy stored in a separate location. Cloud Backup can help meet this strategy in two ways: it stores backup data in a different media (object format) and in offsite locations, either in the cloud or in a disparately located StorageGRID appliance. -
Immutable protection
The source WORM volumes being backed up are immutable by nature. While the backup copies from the source are immutable via SnapLock, it’s also possible to make the destination storage environment itself WORM through the use of the new DataLock feature. By storing these copies offsite, Cloud Backup and SnapLock guarantee faster business recovery in the case of a ransomware attack. -
Multi-account, cross-region, cross-cloud operability
Cloud Backup makes it possible to store your data in multiple accounts, across regions, or in different clouds. Each of these independent repositories presents an additional security barrier against intruders and cyber attacks, giving you extra defensive layers to keep your backup SnapLock volumes safe.
WORM Volume Restores with Cloud Backup
You can perform the following SnapLock-related restore operations in Cloud Backup:
- Full volume or single file restores from SnapLock WORM volume backup snapshots.
- Data from SnapLock WORM volume backup snapshots can be restored to SnapLock WORM destination volumes.
- Data from SnapLock WORM volume backup snapshots can be restored to regular destination volumes.
Cloud Backup and SnapLock Compatibility
Cloud Backup support for SnapLock extends to SnapLock Enterprise type volumes. SnapLock Enterprise volumes are immutable, but allow a trusted administrator to have deletion privileges.
SnapLock integration with Cloud Backup was launched with ONTAP 9.11.1. Restoring backup SnapLock volumes using Cloud Backup is possible for backup copies created from ONTAP 9.11.1 and onward.
Cloud Backup and SnapLock-Enabled Use Cases
Cloud Backup provides comprehensive malware protection via SnapLock in the following scenarios:
- SaaS and dark site deployments: Cloud Backup provides a software-only mode, where data backup can be done without any outbound internet connectivity requirements. The control plane for the backup is also deployed locally, making it ideal for dark site deployments.
- NetApp-native support: Cloud Backup provides block-level incremental forever backup for your WORM volumes in ONTAP, storing the backup copy also on-premises in StorageGRID. As a result, comprehensive malware protection is enabled using all-native NetApp backup solutions, reducing risk by limiting vendors.
- On-premises and cloud-based backup: NetApp Cloud Backup supports backing up Cloud Volumes ONTAP volumes on AWS, Azure, or GCP as well as ONTAP volumes hosted in on-premises data centers. That makes Cloud Backup the ideal solution for multicloud and hybrid cloud architectures, since it provides a single pane visibility and management for your backup and restore processes no matter where the data is stored.
- Multiple backup destinations: Along with support for multiple backup sources, Cloud Backup also supports multiple backup destinations. The backup copy can be stored either in the cloud or in on-premises StorageGRID appliances.
Conclusion
Support for SnapLock-enabled WORM volumes in Cloud Backup provides an extra layer of security for your most sensitive data. The new integration provides the flexibility required by modern day enterprises, with both cloud and on-premises systems as possible backup destinations.
The immutable data in the WORM-enabled backup helps organizations meet the RTO and SLA requirements and restore business back to a working state without data loss in the event of a ransomware attack. Read more on how to increase cyber resilience here.
Watch the NetApp Cloud Backup group demo.
