kantver - Fotolia
Nexsan launches cloud edition of Assureon immutable vault
Nexsan Assureon can now be deployed on Azure and private clouds, no longer tying its immutable storage and active archive capabilities to Unity appliances.
Nexsan has detached its Assureon data vault from its appliances with the release of Assureon Cloud Edition.
Assureon Cloud Edition became generally available today, enabling customers to deploy it on private or public clouds. It supports Azure on launch, with support for AWS coming next. Other public clouds will be added based on customer demand.
Assureon is Nexsan's data vaulting product. It is a long-term storage target for offloading data from primary storage. Assureon has features to ensure the integrity of the data housed within it, such as assigning serial numbers to files, time stamping using a global time source and putting multifactor authentication (MFA) on the data in order to access it.
Previously, Assureon was only sold on Nexsan appliances, such as its Unity series. Assureon Cloud Edition gives customers more deployment options, as it isn't bound to a physical device. This makes adding storage much easier, as customers don't have to wait for hardware to ship. The core software engine that powers Assureon's data vaulting capabilities is the same regardless if it's deployed on an appliance or in the cloud.
"We're modernizing the consumption model for our customers," said Surya Varanasi, CTO of Nexsan.
Assureon alone is just an immutable storage target, similar to AWS S3 Object Lock. When combined with Nexsan Unity appliances, it can be used to create backups that are difficult to penetrate. Customers would have to supply their own backup software such as Commvault and Veeam, both of which are certified to work on Unity appliances. Varanasi said making backups immutable is a common use case among Assureon customers.
Assureon Cloud Edition opens up new deployment options for these customers, Varanasi said. Instead of pointing backups stored on Unity to on-premises Assureon targets, customers can now send them to Assureon in the cloud and take advantage of their cloud storage. More importantly, apps running natively on Azure can send their data straight to Assureon for protection. This use case will open up further as Assureon supports more clouds, Varanasi said.
Although a large portion of Assureon's business is customers who use it for archival purposes, the company gained a significant increase in customers who were hit by ransomware, paid the ransom and have then turned to Assureon to ensure they will always have a copy of their data, Varanasi said. Assureon was positioned as a powerful tool for meeting compliance for customers in heavily regulated verticals, but the anti-ransomware use case has grown 71% over the past year just from Assureon's hospital customers, he added.
Discouraging the enemy
No IT system is truly unbreakable, said Marc Staimer, president of Dragon Slayer Consulting. There is no silver bullet against ransomware, there is no perfect defense and there's no way to stop cybercriminals that are truly, unshakably determined to hack a particular organization.
The best defense is to install layers upon layers of extra hoops for the bad guys to jump through and make them determine that a customer's business is not worth their time, Staimer said.
"It goes back to that old adage: You don't need to be faster than the bear, just faster than your friends," Staimer said.
Assureon can still be defeated by a criminal that has stolen admin credentials and uses them to change retention rate settings, Staimer noted. And unlike some other anti-ransomware tools such as Index Engines' CyberSense, Assureon doesn't have a method of detecting ransomware hiding inside backups.
Assureon isn't the perfect ransomware defense, and that's OK, Staimer said. It brings immutability and MFA to the equation, which are two more hoops for the bad guys to jump through. Organizations looking to bolster their defenses should be combining multiple tools, which can include reliable backup and recovery, security software and unauthorized encryption detection.
"The ultimate goal is to make it more difficult for the bad guys to get to you, " Staimer said.