Getty Images


Zerto tips and tricks for ransomware recovery

Ransomware recovery is a major concern for disaster recovery teams. For businesses using Zerto, there are a variety of ransomware protection and recovery features that can help.

Disaster recovery teams that use Zerto have numerous features available to them to combat ransomware threats. Recent updates to the DR platform have made it a reliable tool for data protection and recovery, when used properly.

The key feature Zerto offers is the ability to implement a DR failover at extremely short notice to make essential revenue-generating services available to the business.

Like most virtual DR platforms, Zerto works by keeping track of block-level changes and coalescing them approximately every 10 seconds. This creates a restore point that the platform tracks on both sides of the service, source and destination. An administrator can then choose many points in time to restore from. These restore points are essentially application-level consistent snapshots.

This gives DR teams several dozen chances to get a good point in time to recover to, prior to the ransomware attack.

Don't miss out on helpful features
What a lot of disaster recovery teams may overlook is how to get back to normal production after they initiate a disaster recovery operation. Zerto calls this "reverse protection" between on-premises sites. This enables DR admins to fail back to production with all the data that changed during the recovery, taking only a few minutes to put it back into service. It is possible to do this manually, but it would require more support and time.

Sometimes an administrator just wants to restore a VM in place. With Zerto 9, admins can provide DR to the local environment quickly.

Sometimes an administrator just wants to restore a VM in place. With Zerto 9, admins can provide DR to the local environment quickly. It cuts down the potential work and expense of having to do a full DR if just a handful of VMs are affected.

If SQL Server is terminally corrupted or compromised by ransomware, users can conduct a Zerto failover as normal, but just do it locally. This will keep the IP details and other configuration data and take the place of the failed SQL Server.

This feature can remediate a potential business interruption in minutes without having to do major DR activities.

Zerto immutability for long-term retention

One of the biggest and more recent changes in Zerto disaster recovery is the immutability function for long-term retention (LTR). This feature can particularly aid Zerto users against ransomware, since it prevents deletion or intentional corruption of recovery data by essentially freezing the block changes.

Immutability can help assure businesses who run LTR in the cloud that they will have a reliable setup and allow them to recover quickly with the LTR data. It's worth noting that it is possible to have more than one destination for immutable LTR as well. The larger degree of data diversity (copies in different clouds/sites) only enhances the recovery capabilities.

The ability to restore key files and folders or even full VMs from the LTR over traditional backups can take seconds and minutes, rather than the hours that tape requires.

Dig Deeper on Disaster recovery planning and management

Data Backup