What does Spectra Logic mean when the company says that a storage solution is “Attack Hardened”?

Download the White Paper

The process of hardening a material or substance is hardly new. The “fire-hardened” spear is one of the most iconic weapons of the Paleolithic era and dates back over 450,000 years.

Attack-hardened storage could be viewed in a similar light, in part based on Spectra’s ability to prevail against a May 2020 “Netwalker” ransomware attack against our internal IT systems. There are many different elements offered to protect storage. Spectra brings those elements together to offer a more solid solution capable of avoiding “give” when under attack. Some of the elements we work with in this approach are already known, some are enhanced, and some are new. By forging these features and approaches together, Spectra is able to offer storage that is made stronger, more efficient and better able to withstand the heat of attack from external threat actors, internal actors and even natural or manmade disasters.

Attack-Hardened Storage:

  • External cyber and insider attacks
  • Immutable storage
  • Multi-factor authentication
  • Multiple levels of air gap
  • Encryption at rest
  • Rapid recovery

Threat Protection Software:

  • Perimeter, network and endpoint security solutions — detect, analyze, block, and contain attacks in progress
  • Backup applications — Rubrik, Veeam, Commvault, Cohesity, etc.
  • Storage Lifecycle Management apps for reducing attack surface
  • SIEM for monitoring and reporting

Spectra is enriching its entire data management and data storage portfolio with Attack-Hardened features to help customers mitigate cyberthreats, whether they come inside or outside.

Vail

  • Data can be encrypted, single key per object, locked to your account
  • Database encrypted, metadata, object names and locations
  • Endpoints hidden behind firewalls
  • Object locking for ransomware protection
  • Self-healing and versioning for data corruption/malicious protection
  • Multi-site for physical security
  • Glacier to automated tape provides air gap protection

StorCycle

  • Encryption
  • Triggered snapshots on BlackPearl NAS
  • Works with disk, tape and cloud
  • Reduce attack footprint by moving data

BlackPearl

  • Triggered and time-based snapshots to immutable storage
  • Multi-factor authentication
  • Hooks into Commvault and Veeam for snapshots
  • Multiple replication options inside a single BlackPearl to:
    • Offsite to 2nd BlackPearl
    • StorCycle copy snapshots to disk, cloud
    • Self-healing for bit errors

Spectra Tape Libraries

  • Cold Storage: media isolation within the tape library
  • Encryption at rest for tape cartridges using Spectra’s no-charge, built-in key management system
  • WORM option for media
  • Ejectable media for air gap

BlackPearl Attack-Hardened Features

Immutable Snapshots:
Snapshots, or point-in-time copies of a volume, let you restore a volume to the state it was in when the snapshot was created. A snapshot only consumes the space of the changed blocks, which makes them very space efficient.		 Multiple Types of Air Gap:

  • Virtual Air Gap – Replication inside BlackPearl unit
  • Remote Air Gap – Replication to a remote BlackPearl
  • Offline Air Gap – Tape copy of data
Multi-Factor Authentication:
BlackPearl works with Google Authenticator to confirm the identity of any user trying to log into the BlackPearl system. 		Timed and Triggered Snapshots:
BlackPearl interfaces with backup software via pre and postscripts. After the snapshot is complete, Spectra provides code to be used to make the target volume read only. This can be done on a time or job basis.
Multi-Site Replication:
BlackPearl can replicate to another volume in the same BlackPearl system, a separate system located in the same onsite location, a different offsite location, or a remote cloud target.		 Self-Encryption:
BlackPearl can be configured with self- encrypting drives (SED). This is excellent protection of the data if a drive is being sent back for repair or being disposed of at end of life.

"When we set out on our search to find a storage solution capable of preserving Imperial War Museums’ substantial digital archive, there were specific criteria on which we were not willing to compromise. Spectra met all of our requirements and then some, and now continues to deliver with StorCycle’s storage lifecycle management capabilities."

– Ian Crawford, Chief Information Officer, Imperial War Museums

"We appreciate the collaborative relationship and Spectra’s attentiveness to incorporating our feedback and ideas into solution enhancements. Our continuing investment into Spectra technology on behalf of our organization has proven invaluable in helping us implement the next level architectural model taking us into the future."

– Eric Grau, Manager – Media Asset Management, Joyce Meyer Ministries

"The new library has just shy of 14,000 slots for tapes. We were able to easily move all 70 petabytes of existing data into the new system and have grown to 104 petabytes in size and have plenty of room for at least a year or two before we have to start thinking about expanding."

– HPC Linux Systems Engineer, OLCF

"We have to store a lot of data for long periods of time. A single microscope can capture 10TB of data in as little as a few hours, and a published breakthrough on cancer research can take anywhere from a few years to a couple of decades. The BlackPearl and tape solution from Spectra provides a scalable and cost-effective way to store multiple data workflows with varying retention requirements."

– Jeffrey McDonald, director of IT, Hormel Institute at University of Minnesota

Contact Us

USA/CAN: 1-800-833-1132
INT: 1-303-449-6400

    X
    Spectra Logic
    Follow Us