Secure Snapshots
Overview
Recovery plans must include data protection and retrievability. Cyberattacks of any kind can cost companies immense value in lost revenue, reputation and client trust. DXi Secure Snapshots is a simple-to-use, cost-effective feature that allows you to retain and restore complete, secure, incorruptible point-in-time copies of data on your system. This process begins with enabling snapshots for your entire system, then enabling them individually for specific shares, partitions or LSUs, and setting retention periods.
Tasks
The processes for enabling and scheduling secure snapshots is detailed in the following topics:
What is Ransomware?
Ransomware is a category of cyberattack malware that infects a computer system and restricts access, demanding a ransom to be paid to the malware's creator. Some ransomware encrypts hard drive files. Other types lock the system and display messages requesting payment.
What are Secure Snapshots?
DXi Secure Snapshots enable users to create point-in-time physical copies, or snapshots, of the shares, partitions, or LSUs. Each snapshot is timestamped, secured and isolated in a non-network-addressable blockpool located in the DXi system, enabling fast recovery from ransomware attacks.
How do Secure Snapshots Ensure Security?
Snapshots cannot be deleted or changed. There is no datapath access to a snapshot. Attackers cannot use generic attacks on the mounted backup file system, nor can they use the DXi GUI or RestAPI to access and delete snapshots. There are no referenceable pointers or links to the snapshots or their location to be discovered or otherwise obtained by malware attackers. Data retention is set by the user. Snapshots are only deleted on their set expiration date, which can be individually selected and extended. No interface is provided to access or delete the shares, partitions, or LSUs in the snapshot.
With DXi Secure Snapshots users are always in control of their data security and retrieveability.
How do DXi Systems Create Secure Snapshots?
After they are enabled for the system then for individual shares, partitions, or LSUs, snapshots are created manually using Command Line Interface (CLI) commands or in the DXi GUI, using the Scheduler. The DXi makes a copy of the enabled shares, VTL partitions, or OST LSUs, to be retained for a set period of time.
See Enabling Secure Snapshots for instructions on how to get started enabling the feature and scheduling snapshots in the DXi User Interface (UI), for specific shares, VTLs or OST LSUs.
How do Users Recover Snapshot Data?
A point-in-time snapshot is identified and restored from the GUI, restoring the share, partition, or LSU to its state before the attack. This latest uncorrupted snapshot is unpacked into a new share, partition, or LSU, with either the original name or a new name. Snapshots to be recovered are selected by the customer per their analysis of the attack on their business.
You can restore snapshots in the DXi User Interface (UI) on specific shares, VTL partitions or OST LSUs.