The News: NetApp introduces its Cyber Vault Reference Architecture for logical air gapping for recovery from cyberattacks. Additional detail is available in the press release on the NetApp website.
NetApp Cyber Vault Balances Snapshot Recovery with Logical Air Gapping
Analyst Take: NetApp’s approach to cyber-resiliency remains grounded in storage. It is the only storage vendor to be added to the Commercial Solutions for Classified Components List (CSfC Components List), which is a resource provided by the US National Security Agency (NSA) to guide US government agencies in the selection of pre-approved commercial products that have been evaluated and meet the security requirements for protecting classified data (Secret and Top Secret) on national security systems (NSSs). This follows work it has done since the early 2000s, when it became the first storage solution to be added to the US Department of Defense Information Network (DoDIN) Approved Products List (APL).
Building from this stance, NetApp is releasing a reference architecture for a cyber vault implementation that offers logical air gapping to facilitate recovery from a cyberattack. The reference architecture allows two on-premises performance flash deployments to effectively serve as a recovery site for each other.
Immutable, indelible snapshots that carry strict access controls are created using NetApp’s native SnapLock capability. The latter is an important point; the solution utilizes integration with the same API and orchestration suite as ONTAP systems, which avoids the creation of an additional infrastructure silo and helps to avoid the introduction of additional manual processes.
These snapshots can then be tiered to a hybrid or capacity flash implementation that is logically air gapped from the main production environment and that is lower cost while maintaining performance levels that are sufficient for the cyber-recovery operations. To further control costs, the data remains deduplicated and compressed. Some customers go a step further and create a tertiary backup copy of the data that is pushed automatically to an even lower cost, cold StorageGRID object storage implementation. In addition to checking “3-2-1” best practices, this approach has the value of indexing the backup copies for data cataloging and search capabilities.
Per NetApp, its Cyber Vault solution will coexist alongside, rather than replace, similar offerings from its data protection partners such as Commvault. The Futurum Group notes that NetApp’s solution carries the distinction of being snapshot-based, which presumably offers a faster recovery time when compared with recovering from a backup copy. This approach aligns with best practices that The Futurum Group advises to practitioners—that is, assess the data and infrastructure environment from the standpoint of the level of risk that the business can tolerate and align investment dollars and the technology implementations for cyber-resiliency accordingly.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other Insights from The Futurum Group:
NetApp Gets Insightful on Generative AI, Cyber Recovery
NetApp Bolsters Cybersecurity Posture with Enhanced Solutions
NetApp Analyst Summit: Building a Moat Around Data Services
Author Information
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
