Maxim_Kazmin - Fotolia
Dell EMC has built a software vault to hold critical data.
The vendor last week added Dell EMC Cyber Recovery software and Cyber Recovery Services to orchestrate and automate the isolation and recovery of data into and out of a Cyber Recovery Vault. CR Vault keeps data separate and air-gapped from the production environment, but within reach for recovery if an attack occurs.
Dell EMC Cyber Recovery integrates with security analytics tools, which run on the data in the CR Vault without having to restore it. The Dell EMC product itself does not have any analytics code, but it integrates security analytics software packages.
The Dell EMC Cyber Recovery software is integrated with the vendor's Data Domain appliances. Dell EMC Cyber Recovery Services include deployment, implementation and consultation for the software.
Alex Almeida, consultant for product marketing at Dell EMC, said Cyber Recovery's main differentiator from other cyberattack defense methods is the CR Vault.
"When you do normal backup infrastructure, you typically have to have it as close as possible to the production environment, because you are doing it for operational recovery, disaster recovery, such that you want the fastest recovery possible. But the problem is that's on the same network, the same access point," Almeida said. "When you remove that copy of the data from the surface of attack, you now have data isolation, which means that particular backup copy is not susceptible to the same type of vulnerabilities that your production environment is."
The CR Vault serves as a clean-room environment for security analytics to run without restoring the data to a production environment, which can potentially trigger certain types of sophisticated malware that hides in backup data. The software can also limit the potential of insider attacks by reducing the number of IT personnel who have access to the CR Vault.
Almeida said Dell EMC chose not to integrate an analytics component to Cyber Recovery.
"Rather than encapsulating and limiting the solution down to one analytics package and then enhancing that over releases, it was much better and more flexible to the architecture to put in place the REST API framework and then be able to open it up to the industry to allow customers to leverage whatever analytics tool they're comfortable with," he said.
Christophe Bertrand, senior analyst at Enterprise Strategy Group in Milford, Mass., said while Dell EMC Cyber Recovery bears similarities to creating a disaster recovery environment process, it is more purpose-built for cyberattack recovery.
"I believe it really augments the disaster recovery environment, but it has a slightly different objective," Bertrand said.
Serving that different objective is why the CR Vault is focused on creating a truly isolated, fully air-gapped environment and recovering quickly from that environment. According to Bertrand, this is relatively unique among products that similarly defend data through isolation.
"It's a complement to disaster recovery. It gives you that extra layer of certainty," he said.