Data resilience and data portability

Sponsored Feature Considering it has such a large share of the data protection market, Veeam doesn't talk much about backups in meetings with enterprise customers these days.

Instead, the company focuses on two other terms: data resilience, and data portability. This is a response to new threats that are emerging for enterprise customers - including some from vendors themselves.

You'd be forgiven for thinking that data resilience was just another term for what we used to call business continuity. However, it goes further than that, explains Brad Linch, director of technical strategy at Veeam. It's a response to a shift in the data protection landscape over the last few years.

"Business continuity plans were designed for fires and power outages and natural disasters. But in this next evolution of the data protection industry focused on data resilience, you're dealing with a subcategory of disaster, which is cyberattacks," he says. "Dealing with cyber recoveries is a whole different ball of wax. It's much more common than a natural disaster. For one thing, it's going to happen more often than an accidental fire, or a power outage, or even a hurricane."

Disasters of this type carry different challenges. For example, when hit by ransomware, which often focuses on encrypting backups, it's more difficult to identify your last clean backup copy. That makes it inadvisable to automatically restore a backup directly to production without doing some further analysis. The whole backup and restoration process changes.

From VMware……to everywhere

Natural disasters and cyberattacks aren't the only modern threats to data resilience. Another threat is commercial. Many enterprises' natural data habitat has become VMware, which was Veeam's original focal point for backup solutions. They happily processed their data in VMware virtual machines, but now, commercial changes from VMware's new owner are threatening that situation.

Broadcom's licensing changes eliminated stand-alone support services for perpetual license holders and shifted them to per-core subscription-based support packages. In October, the company backtracked, reintroducing its vSphere Enterprise Bundle so that enterprise customers could use the software without upgrading to the full VMware Cloud Foundation suite.

Experts fret that Broadcom's capitulation wasn't enough. In November Gartner VP analyst Michael Warrilow said that VMware enterprise customers were "all miserable" because of the Broadcom changes, adding that licensing costs have risen by 200-500 percent on average. A migration away from the platform hasn't happened yet, he said - but it's likely coming, given that IT procurement often moves in multi-year cycles.

This tense situation highlights the need for something that Veeam has been investing in heavily for years; broad cross-platform support that goes well beyond VMware. Enterprise customers need a data resilience solution that can protect them across all of the platforms they use, enabling them to make technical and commercial decisions that easily support their business decisions. That includes expanding out from - or away from – VMware, or any hypervisor or cloud platform, should they need to.

This concept of cross-platform support for backups underpins a central tenet of Veeam's: 'data portability'. The company is an advocate for platform-agnostic backup, enabling people to store or recover copies of their data wherever they wish. It has built data portability into its products to satisfy long-term strategic reasons such as a Broadcom-driven migration along with shorter-term technical ones such as system outages.

"It's about making sure you can run your data not so much where you want, but sometimes where you need to," explains Matt Crape, senior technical product marketer at Veeam. "Say you get ransomware, and you lose access to all your hardware as the insurance company investigates. If you do it right, you can restore to the cloud and get things back up and running very quickly."

To do this, Veeam embarked on a multi-year effort to provide extensive cross-platform options. This began in 2011, when it rolled out support for Microsoft's Hyper-V. In 2016, it launched a direct restore to Azure service.

Since then, it has gone much further. Today, it supports Nutanix's AHV open-source enterprise hypervisor platform, along with both Red Hat Virtualization (which Red Hat will sunset in 2026) and the newer Red Hat OpenShift Virtualization. It has also delivered support for Oracle Linux Virtualization Manager, and for the Proxmox Virtual Environment (VE) virtualization management platform. On the cloud side, it now supports AWS and Google Cloud alongside Azure.

Support for these platforms enables it to offer an instant cross-platform virtual machine recovery feature that mounts your best available backup to whichever target - or targets - that you choose - including Kubernetes container environments.

Building deep data resilience

Veeam has a dual-pronged strategy to support its data resilience mission. Alongside its focus on breadth of platform support, it has also spent the last few years building out a deep set of features to protect enterprise customer data and assist with migration.

The company provides support for both single, multi-cloud, and hybrid environments (including its own Veeam Data Cloud Vault storage service). Scalability is a critical factor here, as the larger and more complex your data backup infrastructure becomes the more complex it is to manage. The company's Scale-out Backup Repository feature provides a layer of abstraction across an enterprise customer's entire data landscape, virtualizing it into a single pool for ease of management. This, combined with support for backup policies, enables administrators to keep sprawling data collections in line.

Alongside support for multiple cloud and virtualization platforms, Veeam has built out a variety of tool integrations. These are especially strong in the cybersecurity and incident response realm that forms such a big part of the data resilience proposition. Alongside SIEM integrations with the likes of Splunk and Sophos, it also offers SIEM and SOAR integrations with Palo Alto. Its SOAR partnerships extend to other companies including ServiceNow and Cisco, with more reportedly on the way.

Veeam has built a quite expansive set of threat detection capabilities covering before, during, and after attacks which can help users achieve even greater protection across their environments. The firm has also partnered with various companies across other functions, including cybersecurity readiness, incident response, ransomware detection and reconnaissance, and encryption.

These partnerships have helped the data resilience company to enhance its Data Platform tool with various security protections that spot and squash cyberattacks including ransomware. They enable it to take a multi-faceted approach that includes scanning during the backup process. It will watch for file extensions and tools such as NMAP or Filezilla which are known to be used by bad actors, enabling it to detect attackers that 'live off the land' by using generic tools to fly under the radar.

Immutability is another key part of ransomware protection, as this type of malware is known to attempt encryption of backups in many cases. Veeam offers immutability protections for its backups, enabling administrators to set time periods during which data cannot be altered. Administrators can use its immutability workload monitoring feature to spot any changes made to that time window. This immutable backup works across a wide range of enterprise technology platforms, including all of the usual cloud suspects, alongside those from a tranche of hardware and software partners.

Confidence in reporting and restoration

Immutable data is only useful if you're confident that you can restore it. The US Department of Homeland Security's CISA advocates for testing of backup restoration in its CPG Cross-Sector Cybersecurity Performance Goals guidance. Veeam achieves this via its SureBackup feature, which stands up virtual machines from backup data and then tests them to ensure they're healthy.

Data restoration must be more than quick, explains Linch - it must also be flexible so that victims of a cyberattack can work around whatever damage the attacker has done. This is a critical part of the data resilience proposition.

"You have to be able to recover from multiple layers, such as backups, snapshots and replicas," he says. "When you look at Veeam, we're the only one in the industry that allows you to do those three things in any license of Veeam you bought." The company also offers restoration of full VMs, individual files, and application-specific data such as database content.

In many industries, it isn't enough to backup and test your data; you have to prove that you're doing it well. That's where the final element of data resilience - compliance - comes into play.

Veeam offers various compliance tools, including policy-driven automation for tasks like retention management and the storage of tagged data in specific areas, along with constant compliance monitoring through its Security and Compliance Analyzer. Its reporting capabilities give you something to satisfy the auditors, streamlining the compliance process so that you - and the regulators - can be sure you're protecting data properly.

Tools like these are just one part of data resilience. Enterprises that don't prepare a strategy to orchestrate all of this properly run the risk of 'all the gear and no idea' syndrome. "Organizations fall to the level of their preparation," says Rick Vanover, who is on the product strategy team in Veeam's Office of the CTO.

At a strategic level, data resilience requires good risk management, which means sitting down with the rest of the business to understand what kinds of data it wants to protect and why.

There are also considerations at the technical level. "Performance management is a big one," warns Vanover. And enterprises must also consider the full spectrum of technical and commercial challenges. "If people move to the cloud, they must assess networking, security and billing. All three of those bite different, and hard."

Data resilience is a far-reaching discipline that includes data portability. The option to migrate your backup data quickly between backup platforms is critical in an industry where an attack can knock infrastructure out of action - or where your costs can balloon on a vendor's whim. Veeam is building a solid tool set to support a strategic move for data resilience. That looks set to become more important for enterprise users of VMware and other platforms alike in the future.

Sponsored by Veeam.