Murrstock - stock.adobe.com
Zerto 10 is adding new ransomware detection capabilities in data backups while adding in the option to purchase a physical Cyber Resilience Vault to protect vital data from ransomware.
The Zerto 10 update, entering general availability June 18, shakes up Zerto's flagship software by requiring customers to migrate to a new Linux-based software appliance and offering a physical backup vault using technology components from HPE, its parent company. HPE purchased Zerto in 2021, but the latter has remained an independent division within the company.
Other new Zerto 10 capabilities include automated detection and logging of compromised data as well as protection updates for data stored in Microsoft Azure.
The vault may deepen Zerto's ties with HPE, but it also provides a hardpoint for enterprises that need to keep master copies of backups, according to Krista Macomber, an analyst at Futurum Group.
"Customers are looking to air gap or vault a portion of their backup data," Macomber said. "Many are still looking for that true physical air gap."
Enterprise Lazarus protocol
The new Zerto Cyber Resilience Vault, debuting alongside Zerto 10, provides an isolated, offline and air-gapped vault for the storage of immutable data copies "of last resort if everything else fails," according to Zerto executives.
The vault physically connects to data replication sites using a direct connect remote copy over IP. The vault, located in a customer's data center, contains immutable snapshots and other recovery components of the Zerto software should a ransomware infection or other disaster wipe out data.
Zerto typically provides replication and recovery services both on premises and in the cloud, enabling faster recoveries than what the disconnected vault provides, said Andrew Silva, technical marketing manager at Zerto.
"It's supposed to be extremely inconvenient to access," Silva said.
The Zerto 10 software update is free for existing customers. However, the vault requires an investment in new hardware, which is built on HPE's ProLiant servers with the vendor's Alletra storage and Aruba networking.
Krista MacomberAnalyst, Futurum Group
Zerto's technology is the basis of the backup and recovery tools within HPE GreenLake, the company's SaaS catalog. Dell Technologies also sells backup and recovery software while offering a hardware vault PowerProtect Cyber Recovery.
A vault located within a company's data center can almost guarantee faster and more secure recovery for vital applications even at the cost of some lock-in.
"With any physical lock-in, there will be some form of vendor lock-in," Macomber said.
Rather than get locked into HPE hardware, some enterprise customers may prefer to use the cloud as an air gapped vault as it can offer portability, Macomber said.
"We see that customers are considering and using the cloud more and more," Macomber said.
Even if a Zerto customer opts out of buying the physical vault, they'll still need to install a new Zerto Virtual Manager Appliance to use the software.
The appliance will be available to new customers. Existing customers will have access to a free migration utility to shift from Zerto Virtual Manager for Windows to the new Linux appliance.
Specific capabilities provided by the new appliance include multi-factor authentication and role-based access control with automated upgrade capabilities.
The Zerto 10 software adds new encryption detection and alerting capabilities to the software's Elastic Journal, a point-in-time backup and recovery log that serves as a core component of Zerto's capabilities.
They can identify changes in backups within seconds, enabling backup administrators to find files encrypted by a ransomware payload before a detonation occurs, according to the company. Suspicious changes are flagged in the management console as they occur with recovery checkpoints available as early as five seconds prior to infection.
Additional updates to the Zerto API enable other services to connect to Zerto's own flagging and alert system, giving security teams visibility into the backup environment with their own tools without affecting Elastic Journal policies or operations.
While backup tools may have previously focused on recovering from natural disasters or data corruption, enterprises now want to ensure their backups are hardened against cyberattacks, according to Christophe Bertrand, an analyst at TechTarget's Enterprise Strategy Group. Zerto's Elastic Journal and API connections can build stronger and faster recovery capabilities from ransomware without the need to go back hours or days.
"Everybody is focused on cyber resilience and cyber recovery," Bertrand said. "Everyone agrees it's not a matter of if [you face a cyberattack], it's a matter of when."
Rounding out Zerto 10 are updates to backup management within Microsoft Azure. The Zerto software now natively supports Azure Blob storage, enabling disaster recovery to, from or within Azure.
Zerto's software will be available in the Azure Marketplace at a future date. It is already available within AWS. The new Azure offerings will mirror its capabilities for customers looking for a native Azure product, according to Zerto executives.
Tim McCarthy is a journalist from the Merrimack Valley of Massachusetts. He covers cloud and data storage news.