Analyst(s): Krista Case
Publication Date: January 14, 2025
Commvault introduces automated recovery and the ability to obtain a visual topology view for Active Directory forests. The capability will speed time-to-recovery for Active Directory environments, which is important because cyber attackers are increasingly targeting compromised user credentials, as opposed to brute force hacking.
What is Covered in this Article:
- Commvault adds the ability to automatically recover Active Directory forests to Commvault Cloud Backup and Recovery.
- In addition to speeding time-to-recovery, the announcement allows for the protection of multi-hybrid cloud environments, and of modern and legacy applications alike, via integration with Microsoft Entra ID protection.
- Identity-based attacks are on the rise, rendering Active Directory protection more important than ever.
The News: Commvault has added the ability to automatically recover Active Directory forests to Commvault Cloud Backup and Recovery. The announcement squarely targets the rise of identity-based attacks by allowing customers to more quickly recover their Active Directory environments, which control cross-enterprise permissions-based access.
Commvault Streamlines Active Directory Recovery
Analyst Take: For many enterprises, Active Directory is the centralized hub for user authentication and access control. As a result, attackers are increasingly targeting Active Directory environments, because they can facilitate widespread access to critical data, IT systems, and other organization resources. When successful, this lateral movement causes significant disruption. Active Directory forests may be of particular interest, because they are collections of one or more domains sharing a common configuration and structure, as well as a global catalog. The problem is so notable that Microsoft, the creator of Active Directory, emphasizes the increasing sophistication of Active Directory attacks, and the resulting precedence of implementing robust cyber-resiliency for Active Directory environments.
Active Directory manages authentication for more than 610 million users worldwide, according to Microsoft, and as such it is the gatekeeper controlling access to a host of critical assets, ranging from physical buildings to key IT systems. The problem is that, when they are breached, recovering Active Directory environments is typically highly complicated and manual. The process spans domain controllers, groups, permissions, and users, rendering it time-intensive, slow, and prone to human error.
In response, Commvault has added the ability to automatically recover complete Active Directory forest environments to its Commvault Cloud platform. The objective here is maximizing business continuity – part of which requires getting back up and running as quickly as possible following a breach. Implementing automated runbooks automates the variety of multi-step processes involved in recovering Active Directory forests. As an additional benefit, these runbooks can be applied in non-production environments from a testing perspective, in order to validate and prove resilience. Downtime is mitigated, the risk for human error is reduced, and administrators can be elevated to more strategic tasks.
Also notable is the integration of Active Directory protection with Commvault’s other critical enterprise workloads – with Entra ID, Microsoft’s cloud-hosted identity service, being especially valuable. This allows for multi-hybrid cloud environments to be protected; for example, allowing modern SaaS applications to be protected alongside more legacy on-premises applications and infrastructure.
What to Watch:
- Customers do have a number of options for protecting Active Directory. Commvault’s message in facilitating not only granularity of recovery, but also speed of recovery through automated workbooks, will resonate with today’s cyber-resilience-focused buyers.
- Futurum expects a growing emphasis on Entra ID protection in 2025 and beyond, as adoption of the service grows in tandem with the adoption of public cloud-hosted applications and infrastructures. As a result, Commvault’s ability to protect Active Directory and Entra ID will be of increasing value to customers.
- Competition in this space will intensify in 2025. For further differentiation, Futurum sees opportunity for Commvault to differentiate on the integration of its Azure Directory and Entra ID protection capabilities with those of partners such as Palo Alto Networks, Splunk, and Wiz, especially from the standpoint of augmenting threat detection and incident response.
Additional detail is available in Commvault’s press release.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other insights from The Futurum Group:
Commvault Continues to Beat Guidance, Driven by Multi-Hybrid Cloud Cyber Resilience
Commvault’s Shift to Cloud-First Resilience: A Strategic Move
Commvault Acquires Clumio to Strengthen AWS Cyber Resilience Capabilities
Author Information
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
