Rubrik Goes Deep On Ransomware Protection, Recovery
‘We think we are in such a great place to be able to offer this kind of [anti-ransomware] service. The perimeter piece of security has been failing. The bad guys are getting through. So we had this idea of, what if you could start from the point of data to help with the recovery process. And that‘s really where Rubrik comes into its own,’ says Rubrik President Dan Rogers.
Data protection and management technology developer Rubrik Tuesday used its Rubrik Forward conference to introduce wide-ranging tools aimed at helping businesses protect against ransomware and help recover from successful ransomware attacks.
Rubrik also introduced new custom blueprints for protecting data, the ability to protect billions of files, and new Microsoft 365-focused SaaS data protection tools, said Dan Rogers, president of the Palo Alto, Calif.-based company.
Rubrik is expecting over 15,000 attendees, which Rogers said is likely the biggest conference anywhere dedicated to data management. About 20 percent to 25 percent of the attendees are channel partners, he said.
[Related: 2021 Storage 100: The Data Conversation Starts Here]
Rubrik Forward is all about getting more out of data, Rogers told CRN.
“Moving data management forward is the big idea,” he said. “And we‘re going to do that across all of the vectors of things that people care about vis-a-vis their data.“
The news from Rubrik Forward is focused primarily in four areas, Rogers said.
The first is ransomware discovery, assessment, and recovery, he said.
The prevalence of ransomware is increasing, with the number of incidents in 2020 growing by 700 percent over 2021, Rogers said, citing data from Bitdefender. Rubrik, he said, can help combat ransomware primarily with what he termed orchestrated ransomware recovery.
“At the end of the day, the protection of your data is your last line of defense,” he said.
Rubrik is responding with what Rogers called Rubrik‘s quadruple play, starting with the immutability of the backup built into the company’s own Atlas file system that creates a logical airgap of protected data.
“It‘s really important that there’s a data firewall there, that it’s logically separated from the rest of the organization,” he said. ”So your data is safe.”
The second ransomware play is to understand the scope of the attack, that is, which bits were affected and which were not, Rogers said. Rubrik does this via a very precise anomaly detection engine.
“This is a real piece of machine learning capability where we‘re scanning through all the data that’s protected,” he said. ”Because we have all the metadata associated with that data, we can understand if there are any unusual things going on with deletions, encryptions, or people moving files. So we have this scoped understanding of anomalies.”
The third play is an understanding of users and what they are doing, Rogers said. This includes looking for aberrant behaviors as users try to get access to sensitive data.
The third play is a data classification engine that helps understand whether data under attack is sensitive data, personal data, or regulated data.
The fourth is an orchestration engine.
“Orchestrated ransomware recovery is a big theme for us, and we think we‘ve moved the game forward,” he said. ”We think this is a massive release, and is super-appropriate for what’s going on in the industry right now.”
Preventing ransomware with Rubrik is a game changer, Rogers said.
“We think we are in such a great place to be able to offer this kind of service,” he said. ”The perimeter piece of security has been failing. The bad guys are getting through. So we had this idea of, what if you could start from the point of data to help with the recovery process. And that‘s really where Rubrik comes into its own.”
Rubrik’s ransomware-focused moves are welcome news, said Ned Engelke, chief technology officer at Evotek, a San Diego-based solution provider and Rubrik channel partner.
Evotek works with Rubrik and other storage vendors including Cohesity and NetApp which looks at data from the point of view of how it is being used, and not just in terms of something to manage, Engelke told CRN.
“Those companies know that others will want to steal that data,” he said. “And they know that current data protection technologies are no longer adequate.”
The fact that Rubrik separates the metadata from where the data is stored makes it possible to use the metadata to analyze and protect the data and more easily protect it against ransomware, Engelke said.
“When Rubrik first came out with its Atlas file system, I thought it was perfect for anti-ransomware technology,” he said.
Providing orchestrated ransomware recovery is also an important move for Rubrik, Engelke said.
“It’s important to orchestrate the most critical data at scale,” he said. “That lets companies see what data is critical, and what has been compromised. That makes it a very useful toolkit when building a ransomware response.”
The ransomware protection technology from Rubrik comes at a time when interest in the technology on the part of customers is growing, Engelke said.
“Customers need more tools to help protect the data and respond to ransomware,” he said. “All I want is happy users. It’s great that Rubrik is going at this with this level of attention.”
The second big introduction from Rubrik is AppFlows, which Rogers said integrates traditional disaster recovery with ransomware recovery into a single offering to handle sit-to-site failover and failover in the cloud.
“One of the challenges of ransomware recoveries is, how do you orchestrate all of the pieces,” he said. ”How you understand, of course, which workloads it pertains to. But then how to make sure that, when you‘re trying to recover to say, a secondary site, that you can do so, but you can also get that [virtual machine] back up and working with all of its underlying dependencies, its configurations, the boot order, where the failovers should land, and what is your method of orchestrated recovery.”
AppFlows provides a way for businesses to develop custom, pre-defined blueprints for recovering various workloads on-site or to the Microsoft Azure cloud, Rogers said.
“So now you‘re going to be able to say, in the event that you do need to recover, you can use AppFlows, basically the ’Easy Button,’ to do the orchestrated recovery,” he said. ”So we’re taking all the guesswork out of recovery with these pre-defined blueprints. ... Think of it as having a very sophisticated disaster recovery solution, but as a service offered by Rubrik pertaining to the backups you already own. And you can literally turn it on with the slide of a slider.”
This is a game changer, Rogers said. “Today, it‘s a very heavy infrastructure process,” he said. ”And we’re solving this all through software.”
The third primary new product introduction at Rubrik Forward is NAS Cloud Direct, which leverages technology Rubrik received with its acquisition late last year of Igneous, a developer of unstructured data management software for petabyte scale environments.
Rubrik‘s NAS Cloud Direct integrates the Igneous technology with its own Polaris SaaS management platform to index and archive billions of files to the cloud with high performance, Rogers said.
Unstructured data including video and photo files, machine data, IoT data, and so on, and a modern enterprise can create billions of these files, he said.
“With NAS Cloud Direct, you can easily index all of those files, search and discover across all of those files, [and] easily archive those files straight from your production environment to the cloud based on any of the data lifecycle management policies you want to put in place,” he said.
This has traditionally been a difficult area to manage, and can easily slow down a business‘ production environment, and can be costly from a primary storage perspective because the complexity may keep that data from being moved elsewhere, Rogers said.
“Companies can take all this unstructured data and put it into a data lifecycle policy,” he said. ”So, for example, you might say any of these video files that have not been accessed for 30 days, can we just push them off to AWS Deep Glacier Storage.”
The fourth big news from Rubrik Forward is Microsoft 365 protection, Rogers said.
“Microsoft 365 data from most companies is not protected, and you‘re going to have data loss,” he said. ”Microsoft is responsible for the service, but as it pertains to the data, it’s a shared responsibility model, which basically means the customer is responsible for their data loss.”
Rubrik is helping with Microsoft 365 Protection-as-a-Service, which covers all the core services within Microsoft 365 including Teams, Exchange, SharePoint, and OneDrive, he said.
Rubrik allows customers to easily define new policies with a set of “sliders” to get granular search and recovery and super-fast restores, Rogers said. It will be offered as a SaaS subscription via channel partners, he said.