Spectra Logic takes the Vail – raises attack defences to repel malware boarders

Spectra Logic has made managing petabytes and exabytes of distributed data easier by placing it in a single virtual pool, making its BlackPearl and StorCycle systems more resistant to attack, and introducing a new tape library. Phew!

The two-pronged idea is to make it easier to manage massive populations of files and objects spread across on-premises and public cloud storage, and to make Spectra’s own products harder for criminals and malcontents to attack.

CEO Nathan Thompson said Spectra has developed: ”a new generation of data management and storage solutions for multi-cloud environments so that customers can take full advantage of the best aspects of on-premises applications and multiple cloud services with a single easy-to-use interface. With the increase in global ransomware attacks, as well as Spectra’s [own] success in prevailing against a malicious attack, we have added a host of Attack-Hardened features into our entire suite of solutions to enhance ransomware resiliency for our customers.”

Read about a ransomware attack on Spectra Logic and its recovery, without paying a ransom, here.

Vail

Spectra said its Vail software centralises data management across on-premises and multi-cloud architectures, enabling dynamic on-demand data access, placement and storage within a single global namespace. Its mantra for Vail is “Any User, Any Data, Any Site, Any Cloud” — as long as it’s AWS, Azure or Google.

Vail dashboard shot.

The Vail software, covered by multiple awarded and pending patents, features policy-based data orchestration that presents all data stored anywhere in a customer’s IT environment as a single pool of storage. All files appear in their native format and are both accessible and protected. The software features include:

  • Objects in the namespace may be located in multiple locations on varying storage types;
  • Multi-directional data synchronisation across cloud(s) and on-premises;
  • Serverless cloud-based management and configurable policy engine to manage data across multiple clouds and on-premises sites with full consistency;
  • Ability to migrate to the cloud or move between clouds to use the services of particular clouds without vendor lock-in;
  • Egress optimisation for lowest cost and fastest data accessibility independent of data’s physical location;
  • Secure, central repository for long-term data preservation and disaster recovery;
  • On-Premises Glacier-style storage using automated tape libraries.

BlackPearl and StorCycle Attack Hardening

The BlackPearl hybrid (flash/disk) storage systems, which support on-board secondary NAS data and sending S3-formatted data to tape, now support direct S3 object storage with bi-directional synchronisation of data to/from the public cloud.

BlackPearl has been given triggered snapshots, multi-factor authentication, encryption and a virtual air gap for ransomware mitigation as part of an attack-hardening exercise. It already has support for on-premises Glacier-class storage, including spin-down object storage disk and connectivity to automated tape libraries.

The StorCycle file lifecycle management system and Spectra tape libraries both get ”patent pending Attack-Hardened features that help protect customers from cyberattacks, and offer them improved business continuity through rapid restore of clean data after an attack.“

StorCycle v3.6 provides:

  • Ransomware Snapshots via Integration with BlackPearl snapshot feature. StorCycle can initiate snapshots of BlackPearl volumes at the end of migrate jobs, and optionally maintains immutable read-only status of volumes.
  • BlackPearl Bucket Adoption with which allows users to configure an existing BlackPearl object storage system as a storage location, and automatically adopt the contents of the bucket into the StorCycle database. The objects remain in the bucket, but are available for StorCycle restorations. 
Spectra Stack library graphic.

Spectra Stack tape library

This expandable library was introduced in 2018 and now supports LTO-9 tapes. It starts from a 6U chassis with one to six LTO-9 drives and 10 to 80 LTO-9 tape cartridge slots. It can grow eightfold, by stacking the chassis module, to 560 slots and 42 drives. As well as having the traditional physical air gap between cartridges and drives, this library now has a cold partition that locks tapes so that they cannot be overwritten or loaded into a drive if ransomware takes control of the tape library itself. This is, we believe, a unique feature.

Availability

Vail and BlackPearl Platform enhancements will be available in November 2021. StorCycle 3.6 will be available in October 2021. Spectra Stack enhancements are currently available. Spectra’s full line of tape libraries will be adopting Attack-Hardened features in early 2022.