Keep the Lights on with FlexPod

We recently wrapped NetApp INSIGHT^® 2023 in Las Vegas. In case you missed any of the sessions, you can still catch up at NetApp TV™. We unveiled our latest products and provided some great insights into our current developments and future plans. A major theme was data center security. NetApp President Cesar Cernuda observed that Netapp provides the most secure storage on the planet.

Ransomware can affect hospitals, banks, restaurants, opera, and even some private defence contractors. The wide range of their victim industries, and the ease and commodification in the ransomware creator industry, mean that none of us can stay protected in a bubble isolated from a ransomware attack. When the animated series Samurai Jack showed the concept of Dial a Henchman in 2003, I doubt if they anticipated that the real world would ever imitate them. But now ransomware creators are offering ransomware as a service! Ransomware attacks had abated in 2022, but they have been reported on the rise again in 2023. ☹

Ransomware can affect not just you as a business; it ultimately affects your end customers too. And when it affects critical services such as healthcare, government, or defense, it can mean significant hardships, reduction in quality of healthcare, or even security lapses in our lives.

In Hype Cycle for Data Protection Storage and Technologies 2023, Gartner states that immutable data vaults have almost peaked to the inflated expectations in 2023. And that’s rightly so. Immutable copies of data can help you achieve a good recovery point objective (RPO) when the data is backed up asynchronously and can even deliver a perfect RPO when the data is backed up synchronously. However, recovering the data is only half the job for disaster recovery. You’ll still need to recover your virtual machines and applications before you can achieve a functional business continuity and allow your end customers to experience "business as usual.”

NetApp SnapCenter^® is a simple, centralized, scalable platform that provides application-consistent data protection for applications, databases, host file systems, and VMs running on ONTAP systems anywhere in the hybrid cloud. You can make fast, space-efficient, application-consistent, disk-based backups and clones using SnapCenter, either ad hoc or as scheduled tasks. And you can perform fast, granular, and app-consistent restores whenever you need to. SnapCenter enabled us to announce at INSIGHT 2023 that we’re extending our ransomware recovery guarantee to all our on-premises ONTAP-based storage systems, including NetApp AFF, ASA, and FAS.

SnapCenter leverages the NetApp SnapLock® solution for making immutable, write once, read many (WORM) NetApp Snapshot™ copies of data. With SnapLock, you can create special-purpose volumes in which files can be stored and committed to an uneditable (ransomware proof) state temporarily or indefinitely. You can use SnapLock for SnapVault^® to store the WORM files on secondary storage. And with NetApp SnapMirror^®, you can even store WORM files off site. After all, you need to secure your data and applications not only from ransomware attack, but also from physical harm to the data center.

SnapCenter is compatible with various plug-ins that are tailored to communicate with various mission-critical apps. This means that you can quiesce, take backups, and unquiesce the app, so that you can use the backup to restore the app to a meaningful state. SnapCenter natively supports plug-ins for VMWare, Oracle, SAP, SQL, Exchange, Unix, and Windows. SnapCenter can also work with custom plug-ins that you create for any other application that you want to back up or clone. Without such app-specific plug-ins, other backup solutions will merely restore your data, but they will still require your IT admins to spend hours manually recovering your VMs and respawning your application pool, your K8 clusters, and so on. In other words, SnapCenter plug-ins can significantly reduce your recovery time objective (RTO).

You already know that FlexPod^® is our flagship converged infrastructure, jointly offered by NetApp and Cisco. Kris Cornwall announced in her FlexPod INSIGHT 2023 launch blog that FlexPod is soon going to release three security-centered reference architectures. One of them was to be about how FlexPod makes it simple to recover workloads after a data loss incident such as a ransomware attack. I’m delighted that we’ve achieved a milestone by publishing a validated design for that! My colleague Roney Daniel has now validated the SnapCenter plugin for VMWare on FlexPod in showcasing how FlexPod makes it easy to recover not just your data, but also your VMs.

TR 4961: FlexPod ransomware protection & recovery with NetApp Cloud Insights and SnapCenter showcases the layered defense approach that FlexPod takes for comprehensively preventing, detecting, mitigating, and auditing and reporting security incidents using a host of complementary security features from Cisco and NetApp. We have published an updated version of the TR by validating the SnapCenter plug-in for VMWare. The updated TR 4961 confirms that you can use FlexPod for end-to-end disaster recovery and business continuity with significantly less RTO. Your IT staff can automate the task of recovering your VMs or respawning your application pools after a downtime, by using the SnapCenter plug-ins for VMWare, Oracle, SAP, SQL, Exchange, Unix, and Windows.

You can read about FlexPod cybersecurity architecture in Cisco’s blog How FlexPod Cybersecure Architecture Helps You Protect, Detect, and Recover Your Precious Data. Please contact me to find out more about the security features that FlexPod offers. And stay tuned for announcements about many more security features for FlexPod soon.