What does Spectra Logic mean when the company says that a storage solution is “Attack Hardened”?

Download the White Paper

The process of hardening a material or substance is hardly new. The “fire-hardened” spear is one of the most iconic weapons of the Paleolithic era and dates back over 450,000 years.

Attack-hardened storage could be viewed in a similar light, in part based on Spectra’s ability to prevail against a May 2020 “Netwalker” ransomware attack against our internal IT systems. There are many different elements offered to protect storage. Spectra brings those elements together to offer a more solid solution capable of avoiding “give” when under attack. Some of the elements we work with in this approach are already known, some are enhanced, and some are new. By forging these features and approaches together, Spectra is able to offer storage that is made stronger, more efficient and better able to withstand the heat of attack from external threat actors, internal actors and even natural or manmade disasters.

Attack-Hardened Storage:

  • External cyber and insider attacks
  • Immutable storage
  • Multi-factor authentication
  • Multiple levels of air gap
  • Encryption at rest
  • Rapid recovery

Threat Protection Software:

  • Perimeter, network and endpoint security solutions — detect, analyze, block, and contain attacks in progress
  • Backup applications — Rubrik, Veeam, Commvault, Cohesity, etc.
  • Storage Lifecycle Management apps for reducing attack surface
  • SIEM for monitoring and reporting

Spectra is enriching its entire data management and data storage portfolio with Attack-Hardened features to help customers mitigate cyberthreats, whether they come inside or outside.


  • Data can be encrypted, single key per object, locked to your account
  • Database encrypted, metadata, object names and locations
  • Endpoints hidden behind firewalls
  • Object locking for ransomware protection
  • Self-healing and versioning for data corruption/malicious protection
  • Multi-site for physical security
  • Glacier to automated tape provides air gap protection


  • Encryption
  • Triggered snapshots on BlackPearl NAS
  • Works with disk, tape and cloud
  • Reduce attack footprint by moving data


  • Triggered and time-based snapshots to immutable storage
  • Multi-factor authentication
  • Hooks into Commvault and Veeam for snapshots
  • Multiple replication options inside a single BlackPearl to:
    • Offsite to 2nd BlackPearl
    • StorCycle copy snapshots to disk, cloud
    • Self-healing for bit errors

Spectra Tape Libraries

  • Cold Storage: media isolation within the tape library
  • Encryption at rest for tape cartridges using Spectra’s no-charge, built-in key management system
  • WORM option for media
  • Ejectable media for air gap

BlackPearl Attack-Hardened Features

Immutable Snapshots:
Snapshots, or point-in-time copies of a volume, let you restore a volume to the state it was in when the snapshot was created. A snapshot only consumes the space of the changed blocks, which makes them very space efficient.
Multiple Types of Air Gap:

  • Virtual Air Gap – Replication inside BlackPearl unit
  • Remote Air Gap – Replication to a remote BlackPearl
  • Offline Air Gap – Tape copy of data
Multi-Factor Authentication:
BlackPearl works with Google Authenticator to confirm the identity of any user trying to log into the BlackPearl system.
Timed and Triggered Snapshots:
BlackPearl interfaces with backup software via pre and postscripts. After the snapshot is complete, Spectra provides code to be used to make the target volume read only. This can be done on a time or job basis.
Multi-Site Replication:
BlackPearl can replicate to another volume in the same BlackPearl system, a separate system located in the same onsite location, a different offsite location, or a remote cloud target.
BlackPearl can be configured with self- encrypting drives (SED). This is excellent protection of the data if a drive is being sent back for repair or being disposed of at end of life.
Spectra Logic
Follow Us