How Mars 400 Ceph Storage Protects Enterprise Data Against Ransomware | Cost-effective Ceph storage management | Ambedded

How Ceph Storage Protects Enterprise Data Against Ransomware by using S3 and RBD snapshot | Mars 400 - High-Density Ceph Storage

How Ceph Storage Protects Enterprise Data Against Ransomware by using S3 and RBD snapshot

How Mars 400 Ceph Storage Protects Enterprise Data Against Ransomware

Recently we heard many hackers hijacked enterprise storage by encrypting their data and asking ransom payment to decrypt them.
By 2021, ransomware will attack a business every 11 seconds, and the global damage caused by ransomware will reach $20 billion. (ref. Cybersecurity Ventures research)
Besides enhancing network security, enterprises shall have a solution to restore their data from the backup storage if you are hijacked by ransomware.


Mars 400 Ceph Appliance For Enterprise Storage Data Protection

Data stored in the Ceph storage is protected by replication or erasure code to prevent data lost against hardware failure. IT users can use the Ceph distribution algorithm CRUSH rule to tell Ceph to store your data and its replications in different storage nodes or nodes installed in different racks. This smart algorithm controls the data failure domain and avoids residing more than one replicated data in the same failure domain. The CRUSH rule provides a data protection mechanism that can protect data against host failure and rack failure.The ceph storage cluster can't avoid your data from being attacked by hackers. However, you can use some Mars 400 ceph appliance advanced features to recover your data when data has been encrypted by ransomware.

Mars 400 Ceph Features to Protect Enterprise Storage Data from Ransomware
Object Storage supports WORM on S3

Starting from Ceph Nautilus 14.2.5 release, Ceph supports the Object Lock for its S3 compatible object storage to allow for a WORM (Write Once Read Many) model. You can create an object lock enabled bucket with a specified retention period. Users can not delete and make any change to data put in the bucket.

The object lock provides two retention modes:

  • Governance mode: users can only delete or overwrite an object version or change the lock setting when they have special permission.
  • Compliance mode: Users include the root user, can not delete or overwrite an object before the retention period. The retention period can't be shortened in any situation.

You can use Mars 400 Ceph storage appliance to create the immutable S3 buckets and use it as the Veeam backup capacity tier. Veeam Backup & Replication utilizes the S3 object lock and versioning to make the backup data temporarily immutable. All backup data stored in the immutable bucket can not be modified and deleted without a special authentication. Thus Mars 400 protects your data from malware attacks. If your primary data is encrypted, you have a backup to restore your primary storage.

Block and File System supports Copy-On-Write Snapshot
Ceph block storage and file system support copy-on-write snapshot. When you take a snapshot on a volume or image, ceph uses that point in time as the recovery point reference. If users overwrite data later, Ceph will mark the original data as the snapshot data before ceph update the data. Ceph will preserve the original state of that data as read-only. 
Someday, if malware encrypts your storage, you can easily roll back your data to the state of previous snapshots point in time.

*Note: The copy-on-write operation happens only for the first time data is changed.

Figure 1 is an example of the ceph snapshot and rollback.

Figure 1

Ceph block storage and file system support copy-on-write snapshot. When IT users take a snapshot on a volume or image, ceph uses that point in time as the recovery point reference.

Conclusion

Data Protect Solution supported by Mars 400 ceph appliance for Ransomware

Object Storage: Object Lock (WORM)
Block Storage: Snapshot
Filesystem: Snapshot

Related Products
Mars 400PRO Ceph storage appliance - Ceph Storage Appliance Mars 400 front.
Mars 400PRO Ceph storage appliance
Mars 400PRO

Mars 400 Ceph Appliance is designed to meet high capacity cloud-native data storage needs. It utilizes HDD to benefit from low cost per TB. Mars 400 provides...

Details
Related Technology
Ceph Block Storage

Ambedded Ceph appliance is a scalable storage platform that enables you to get high available block devices with disaster recovery and snapshot capabilities....

Object Storage and Amazon S3 Compatible Storage

Ceph Object Storage is an object storage interface built on top of librados and provides a RESTful gateway for applications to the Ceph Storage Cluster....


How Mars 400 Ceph Storage Protects Enterprise Data Against Ransomware | ARM microserver Ceph storage solutions | Ambedded

Located in Taiwan since 2013, Ambedded Technology Co., LTD. has been a block and object storage solutions provider. Their major data storage management include, Ceph storage technology, ARM server integration, Software-defined storage, Enterprise storage optimization, Ceph appliance cost savings, storage management software and block and object storage solutions. They provider professional Ceph support, scalable storage systems with high storage efficiency in the data center.

Ambedded offers cutting-edge Ceph storage solutions on ARM microservers, tailored for B2B buyers seeking to optimize their enterprise storage systems. Our turnkey Ceph appliances reduce total cost of ownership (TCO) and simplify storage management, supporting block, file system, and object storage in a unified platform. With a commitment to innovation and customer support, Ambedded is your trusted partner for scalable and efficient SUSE Enterprise Storage Appliance solutions. Experience seamless integration and professional support to leverage the full potential of Ceph technology in your business.

Ambedded has been providing customers with scalable storage systems and cost-effective Ceph storage management since 2013, and with both advanced technology and 20 years of experience, Ambedded ensures that each customer's needs are met.