kras99 -

Veritas NetBackup sets up ransomware defenses in new update

Veritas NetBackup is combating ransomware with data immutability for AWS S3 environments, anomaly detection, container backup and a next-gen Flex appliance.

Veritas this week pushed out a hefty NetBackup update that includes anti-ransomware features along with improvements to its Kubernetes backup capability.

The bulk of the NetBackup update focused on defending against and recovering from ransomware attacks. A new feature using AI and machine learning uses backup data history to detect anomalous pattern changes that could indicate ransomware intrusion. NetBackup could already do after-the-fact anomaly and malware detection to determine how an intrusion started. By introducing the capability into the backup data set, it could help detect ransomware much earlier. This update detects only anomalies, but Veritas said it will develop the feature into malware detection in the future.

NetBackup Write Once Read Many -- or WORM -- storage was extended to include AWS S3, preventing ransomware from changing anything stored there. This update also introduced continuous data protection and instant rollback features for VMware users, allowing for very granular recovery points and fast recoveries.

Lastly, Veritas launched the next generation of its NetBackup Flex appliances, which have built-in intrusion detection and immutable storage. The Flex 5350 has a maximum useable capacity of 1.92 petabytes and a maximum throughput of 200 TB per hour, and represents a 30% performance improvement over the previous 5340 model.

Photo of NetBackup Flex 5350 appliance
The NetBackup Flex 5350 promises 30% faster performance than the previous generation of Flex appliances.

With this update, NetBackup's Kubernetes backup now integrates directly into a Kubernetes environment as a controller with a Kubernetes operator. With this approach, NetBackup can gain a better understanding of a customer's Kubernetes environment and perform granular recovery within it. Previously, NetBackup Kubernetes protection was delivered as a sidecar container.

"Our team gets inquiries every day about Kubernetes protection," said Lisa Erickson, senior director of product management at Veritas.

The various ways customers have implemented Kubernetes drove NetBackup's distribution-agnostic strategy, Erickson added. NetBackup currently supports Red Hat OpenShift, VMware Tanzu and Google Kubernetes Engine, and will support Azure Kubernetes Service and Amazon Elastic Kubernetes Service in the future.

COVID-19 led to a lot of customers re-platforming to the cloud and adopting Kubernetes, and both are environments in which data protection hasn't matured, said Christophe Bertrand, senior analyst at Enterprise Strategy Group, a division of TechTarget. Veritas' focus on both bolstering its anti-ransomware features and extending that protection to Kubernetes environments is helpful to customers because this is an area where they continue to struggle.

Ransomware is still top of mind. You need to be able to protect your containers just the same as data in any other environment.
Christophe BertrandSenior analyst, Enterprise Strategy Group

"Ransomware is still top of mind. You need to be able to protect your containers just the same as data in any other environment," Bertrand said.

Like with data protection for SaaS applications, Kubernetes backup still has "significant gaps," Bertrand said. Customers have moved quickly to push Kubernetes applications into production without necessarily thinking about how to protect them, and some organizations are still working out whether protecting Kubernetes applications and the data they generate should be in the hands of the developers working most closely with Kubernetes or the administrators who handle backup for the rest of the organization.

The criminals using ransomware are getting smarter as well, Bertrand said. Attackers are paying attention to how their victims react so they can figure out weak points for their next attempt. Kubernetes environments have a less mature set of backup and recovery tools, protocols and strategies than the on-premises world, and cybercriminals are certain to find a way to exploit that, Bertrand said.

Dig Deeper on Data backup and recovery software

Disaster Recovery