1

1 CONFIDENTIAL

Ransomware Jail How Rubrik Cloud Data Management Can Help

Andrew Miller | Rubrik

@andriven

Andrew Miller, @andriven

Ransomware Jail How Rubrik Cloud Data Management Can Help

3

3 CONFIDENTIAL

The Threat!

Exploring the Threat – New Developments

The Theory!

The Theory vs. The Reality

New Hope!

Architectural Principles

How Rubrik Can Help with Real World Examples

1

2

3

Agenda

4

4 CONFIDENTIAL

A bit about me…

Tweet

Blogger

I have a job!

Background

Certs

@ andriven

@ thinkmeta.net

@ Rubrik.com (Technical Marketing)

7 years customer +

8 years partner.

Lots of Random Ones

5

5 CONFIDENTIAL

1. The Threat! Exploring the Threat – New Developments

6

6 CONFIDENTIAL

ran · som · ware /`ransəm , we(ə)r/

noun

a type of malicious software designed to block access to a computer system

until a sum of money is paid.

7

7 CONFIDENTIAL

Base Definition

We’ll make it fast.

• Malware that typically infects endpoints (laptops, etc.)

• Spread via browser vulnerabilities (malicious pages), e-mail attachments

• Encrypts local filesystems and attached network mounts

• Targeted attacks on individual storage vendors plausible – immutability will come

into play over time.

• (Previous) Best known name = Cryptolocker

8

8 CONFIDENTIAL

Can’t ignore this…

9

9 CONFIDENTIAL

10

10 CONFIDENTIAL

The world has gotten scarier. And it’s not slowing down…

11

11 CONFIDENTIAL

What’s New…

• ZDNet – 2016 = $1B Cost

• 2015 = $24M

• Confusion – FBI Recommendation & About Face

• High Profile Targets – SF Muni, Education, Healthcare, many more.

• Challenges are not just 1) Data Accessibility but 2) Speed of Restore.

• Not If but When – Why?

12

12 CONFIDENTIAL

What’s New…

Maturing Market

• RaaS Kits – Ransomware as a Service Kits

• Market Segmentation

• Customer Service Improvements

• Reliable Payment Model – Bitcoin Impact

13

13 CONFIDENTIAL

This is a maturing business that competes with YOU.

14

14 CONFIDENTIAL

Classic Defense Recommendations

Operational Overhead?

1. Education

2. Antivirus, Patching, Filtering

3. Insurance

4. Data Protection - Backups

15

15 CONFIDENTIAL

2. The Theory! The Theory vs. The Reality

16

16 CONFIDENTIAL

“Backups are a must.” FBI, HIPAA, Sophos, Kaspersky, etc.

17

17 CONFIDENTIAL

“Conducting frequent backups and ensuring the ability to recover data from backups is crucial to recovering from a

ransomware attack and ensuring the integrity of PHI affected by ransomware.”

http://www.hhs.gov/sites/default/files/RansomwareFactSheet.pdf

18

18 CONFIDENTIAL

Easy, right?

19

19 CONFIDENTIAL

Traditional Architecture

1990s – Present

Backup &

Replication

Software

Backup Storage

Backup

Software

Backup

Servers

Backup

Proxies

Replication Catalog

Database

Tape Off-site Archive

20

20 CONFIDENTIAL

Let’s Be Fair There have been a few incremental improvements

21

21 CONFIDENTIAL

Improvements!

1990s – Present

Backup &

Replication

Software

Backup Storage

Backup

Software

Backup

Servers

Backup

Proxies

Replication Catalog

Database

Tape Off-site Archive Backup Storage

a

Dedupe

Metadata

2000s – Present

22

22 CONFIDENTIAL

In Two Words

Sad Panda

23

23 CONFIDENTIAL Results may vary

24

24 CONFIDENTIAL

It Starts Easy Enough …

Win VM

Hypervisor

Production Servers

SAN

Backup Proxy

Backup Server

Tape Archive

Offsite Tape Archive

25

25 CONFIDENTIAL

… But Quickly Becomes Complex

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxy

Backup Server

Database Server

Tape Archive

Search Server

VM DB VM Lin Win VM

Offsite Tape Archive

26

26 CONFIDENTIAL

Multiple Scale and Touch Points

Win DB

Lin DB

VM

VM

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxies

Backup Server

Tape Archive

VM VM

VM VM

Win

Lin

Database Server

Search Server

Offsite Tape Archive

27

27 CONFIDENTIAL

Availability Bandages for SPOFs

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxies

Backup Server

Tape Archive

Database Server

Search Server

Win DB

Lin DB

VM

VM

VM VM

VM VM

Win

Lin

Offsite Tape Archive

28

28 CONFIDENTIAL

Master Server – Control & Manage SPOF

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxies

Backup Server

Tape Archive

Database Server

Search Server

Win DB

Lin DB

VM

VM

VM VM

VM VM

Win

Lin

Offsite Tape Archive

29

29 CONFIDENTIAL

Database – Catalog / Metadata SPOF

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxies

Backup Server

Tape Archive

Database Server

Search Server

Win DB

Lin DB

VM

VM

VM VM

VM VM

Win

Lin

Offsite Tape Archive

30

30 CONFIDENTIAL

30

31

31 CONFIDENTIAL

Today’s Recovery Landscape Challenges

1. Reliability of Data Recovery

2. Speed of Data Recovery

32

32 CONFIDENTIAL

Risk, Threats, and Vulnerabilities

Risk is a function of the likelihood of a given threat acting upon

a particular potential vulnerability, and the resulting impact of

that adverse event on the organization.

33

33 CONFIDENTIAL

Complexity

Hypervisor

Production Servers

SAN Disk-based

Backup

Backup Proxies

Backup Server

Tape Archive

Database Server

Search Server

Win DB

Lin DB

VM

VM

VM VM

VM VM

Win

Lin

Offsite Tape Archive

34

34 CONFIDENTIAL

3. New Hope! Practical Solution + Real World Examples

35

35 CONFIDENTIAL

Complexity is the Enemy of Reliability

Whatever you do. Whatever you buy.

Simplify your Architecture & Expect More.

36

36 CONFIDENTIAL

Key Solution Concepts

What we’ve seen that makes a difference…

1. Reliability of Data Recovery

a. Simplicity of Setup + Day to Day Operation

37

37 CONFIDENTIAL

“We have already gone through two deployments with Rubrik, and have been really pleased with the ease of set-up. It takes

about twenty minutes to rack the appliance, and four minutes to setup. We input our configuration details, the Rubrik system

maps our VM environment, and we’re ready to start protecting our data”

Nathan Bach, Senior Systems Engineer @ Driscoll’s

38

38 CONFIDENTIAL

“We were using two leading Gartner Magic Quadrant vendors for backup software and backup storage. Just deploying backup

software took a week, but with Rubrik’s turnkey appliance, the system was running and protecting our virtual environment

within 30 minutes.

Unboxing and racking the appliance was the hardest part”

Jake Warren, Systems Administrator @ Red Hawk Casino

39

39 CONFIDENTIAL

Software fabric for orchestrating data across clouds. No forklift upgrades.

Converges Backup Software &

Globally Deduplicated Storage

Meet Rubrik Cloud Data Management

Backup

Software

Backup

Servers

Backup

Proxies

Replication Catalog

Database

Tape Off-site Archive Backup Storage

a

Dedupe

Metadata Private Public

40

40 CONFIDENTIAL

The hardware is simple.

The Smartest Dense Machine • 2U Supermicro appliance – “Brik”

• 4 nodes per appliance

• Unlimited scale-out fabric

• Distributed file system

• Shared-nothing architecture

• Global deduplication

• Inherent data protection

• Cloud Providers for archive

• Can run in AWS & Azure

41

41 CONFIDENTIAL

SLA

ENGINE

Simple is hard.

CLOUD DATA MANAGEMENT PLATFORM

DISTRIBUTED

METADATA

DISTRIBUTED

TASK

FRAMEWORK

CLUSTER

MANAGEMENT SECURITY FILE SYSTEM

Backup

Recovery

Search

Replication

Archival

42

42 CONFIDENTIAL

42

43

43 CONFIDENTIAL

Rack, Stack, Configure

20 Minutes

44

44 CONFIDENTIAL

Example - VMware

vCenter Server

vCenter Server

45

45 CONFIDENTIAL

vSphere Connectivity – Inventory Collection via API

vCenter Server

VM VM VM VM

VM VM VM VM

46

46 CONFIDENTIAL

Data Protection Policies with SLA Domains

vCenter Server

Lin Win VM VM

DB Win VM VM

Silver SLA

Gold SLA

Bronze SLA

47

47 CONFIDENTIAL

Recovery Point Objective (RPO) Availability Duration (Retention) When to Archive (RTO) Replication Schedule (DR)

{ SLA

48

48 CONFIDENTIAL

48

RPOs Availability

49

49 CONFIDENTIAL

49

50

50 CONFIDENTIAL

“The system is simple to implement, allowing us to think about the things you really care about, such as the SLA policies to

apply for protection.”

Nathan Bach, Senior Systems Engineer @ Driscoll’s

51

51 CONFIDENTIAL

There’s More! It’s not just VMware.

Physical Linux Physical SQL

Simplify protection of

Linux servers with policy-

driven automation and

granular protection.

Erasure Coding

Deliver forever

incremental, point-in-time

recovery, intelligent log

management with single

SLA policy engine.

Rubrik Edge

Increase storage

utilization and efficiency

while delivering industry

leading fault tolerance

and performance.

Extend data management

to all business locations

with full-featured software

appliance.

RBAC

Secure management

plane with granular

control of user access to

data across hybrid cloud.

d0 d1 d2 d3

c0 c1

Physical Windows Encryption Custom Reporting Oracle

52

52 CONFIDENTIAL

Your Data Center Today

Backup Proxy

SAN

Production Servers

Backup Server

Search Server

Disk-Based

Backup

Tape Archive Offsite

Tape Vault

53

53 CONFIDENTIAL

Scale Out

Scale Out

Simplification via Rubrik

VM VM

VM VM

VM

VM

Hypervisor

Production Servers

SAN

Rubrik

Replication + Long Term

Retention + Search

Private

54

54 CONFIDENTIAL

Key Solution Concepts

What we’ve seen that makes a difference…

1. Reliability of Data Recovery

a. Simplicity of Setup + Day to Day Operation

b. Immutability of Snapshots

55

55 CONFIDENTIAL

Key Solution Concepts

What we’ve seen that makes a difference…

1. Reliability of Data Recovery

a. Simplicity of Setup + Day to Day Operation

b. Immutability of Snapshots

2. Speed of Data Recovery

a. Speed of restore via live mount

56

56 CONFIDENTIAL

Live Mount

Quick Start: Rack and go. Auto-discovery. Rapid Ingest: Flash-optimized, parallel ingest accelerates snapshots. Scale-out dedupe and compress. Automate: SLA policy engine for hands-free management. Recover: Instant and point-in-time recovery. Search and restore files. Recover from Ransomware. Customer Example #1 Secure: End-to-end encryption. Cloud: Secure “CloudOut” instantly accessible with global search.

Primary Environment

SLA Policy Engine

Log Management

NAS

Private Public

57

57 CONFIDENTIAL

Key Solution Concepts

What we’ve seen that makes a difference…

1. Reliability of Data Recovery

a. Simplicity of Setup + Day to Day Operation

b. Immutability of Snapshots

2. Speed of Data Recovery

a. Speed of restore via live mount

b. Automation/API to enhance Restore Capabilities

58

58 CONFIDENTIAL

Automation & API’s

Your App Now OpenAPI

59

59 CONFIDENTIAL

In their own words… Lang’s Video Case Study

60

60 CONFIDENTIAL

61

61 CONFIDENTIAL

Today’s Recovery Landscape

• Reliability of Data Recovery

• Speed of Data Recovery

62

62 CONFIDENTIAL

Rubrik Manages All Your Data - Anywhere

NAS

Production Rubrik Cloud Data Management Platform

Backup &

Recovery

Disaster

Recovery

Archival &

Compliance

Search

Copy Data

Management

Analytics

Automated,

secured data

management

anywhere.

EDGE

63

63 CONFIDENTIAL

Q & A Come to our booth!

64

64 CONFIDENTIAL

Don’t Backup. Go Forward.

Please fill out your survey. Take a survey and enter a drawing

for a VMware company store gift card.

Thank You