What is CyberVR?
CyberVR is the industry leading digital operational resilience software platform used for ransomware recovery as well as cyber control validation and vulnerability remediation testing.
It integrates natively with certified storage solutions to provide instant no-data-copy recovery of data from immutable snapshots with production grade performance; and with vCenter, vSphere, and NSX to recover compute and network elements of an application stack. This unique capability enables fully automated, single-click, end-to-end recovery of a full application stack with its dependencies. If necessary, CyberVR can automatically create the virtual-air-gaps on NSX and/or directly on vSphere port groups leveraging standard VLAN tags to provide as much isolation of these environments as required.
In previous versions, CyberVR was only able to work with VMs, but with version 4, we have extended this ability beyond just virtualized environments. CyberVR is now able to recover x86 bare-metal-servers and hybrid bare-metal and virtualized environments, integrating their recovery within the single-click CyberVR recovery blueprint for any application stack.
Why is this important?
Unfortunately, some workloads just can’t be virtualized, and many others are just better left physical/non-virtualized because of decreased efficiencies, increased licensing costs, application limitations, and other factors. These workloads are typically each installed onto their own servers or groups of servers without a virtualization layer, hence the term Bare Metal Servers.
Recovering bare-metal-servers, let alone the entire application stack that depends on these servers, is far more difficult than recovering virtualized servers. Traditionally this recovery has been accomplished by mirroring the underlying production infrastructure in the recovery environment, keeping OS, application, and patches all in sync between production and recovery, and eventually restoring the underlying data from backups, replicated volumes, or application data copies.
Bare metal environments are already complex to operate and maintain, and enabling recovery by the above methods makes it even more so. For useful recovery, the hardware, OS, application, patches, and data must all be consistent. Maintaining all of these levels of consistency between even a few servers is difficult at best, imagine doing so manually across dozens or even hundreds of servers and it becomes a monumental task.
During a ransomware attack the situation is even more complex: existing physical servers may be quarantined for forensics and a vast amount of new physical servers may have to be acquired and configured before the manual recovery can start. In addition, the recovered servers need to go through a triage and hidden eradication cycles once recovered which can become impossible to execute at scale.
CyberVR is now able to blueprint and recover not only Virtualized application stacks, but now can also recover Bare-Metal stacks, and better yet, hybrid virtualized and Bare-Metal stacks. Not only does CyberVR enable this capability, but also allows recovery of these environments incredibly quickly, saving you countless minutes, hours, possibly even days and weeks that might have been spent trying to recover/test/verify by traditional methods.
Volumes for Bare Metal Servers vs VMs
Boot Volumes:
Virtualized servers (VMs) boot from virtualized disks managed by and within the virtualization hypervisor. This makes it easy to protect these disks and the VMs that use them.
Bare Metal Servers boot from either internal physical disks, or SAN-attached disks (boot-from-SAN). Patches to the OS and other changes can require frequent updates to the content of these drives, so any recovery must include these updates. These disks are completely separate from and outside of the control of the hypervisor. Because of this separation, boot volumes for these Bare Metal Servers cannot be protected in the same ways that virtualized servers (VMs) are protected.
Data Volumes:
Data volumes for either VMs or for Bare Metal Servers can easily be located on shared storage devices, so their data can be protected by array based immutable backups.
How does CyberVR protect VMs and Bare Metal Servers?
CyberVR integrates natively with storage arrays and utilizes volume snapshot, retention limits, and replication schedules set by the storage management software. CyberVR is replication aware and is able to find the data it needs in the primary datacenter, or at a bunker/DR site. This works great for completely virtualized environments that store both the virtualized boot disks and the data disks for all of the VMs on the storage array.
This gets a little (ALOT!) more complicated when we try to protect and recover Bare Metal Servers from destructive ransomware attacks. To ensure that the OS, applications, and patches on these servers are consistent between the production and recovery environments, all of the contents of the boot disks for these servers must be replicated. Array replication can be used to accomplish this for servers that boot from SAN, but an extra step needs to be taken for those with internal boot disks. In this case, these volumes are periodically mirrored to protected copies within the array, which are then added to the CyberVR blueprints.
The diagrams below show how the data flows for the 4 kinds of environments CyberVR can protect and recover:
1. Virtualized Servers:
2. Boot from SAN Bare Metal Servers:
3. Internal boot Bare Metal Servers:
4. Hybrid of all 3 other environments:
CyberVR v4 recovers Bare Metal Servers in the “digital twin” of production by allowing each of these physical servers to be brought up as a VM within a VMWare cluster in the recovery/test environment. Bare Metal server recovery can be done for servers that boot from SAN as well as those booting from local disk.
The main advantage of this instant P2V recovery of large amounts of Bare Metal Servers and their workloads is to dramatically accelerate triage, reconciliation, hardening, reprotection and forensics in the virtual world – an effort that is titanic and unpredictable in the physical world and is never tested at scale.
Once the workloads are clean and deemed ready for production they can be temporarily run in the virtual world before scheduling a fail-back to bare metal. Operating as VMs is not meant to be a long-term solution, as it does not eliminate the reasons that these workloads were not virtualized in the production environment, but recovery of these Bare Metal Servers into VMs does allow them to be part of the CyberVR automated recovery process.
You can bring up your ENTIRE environment including the Bare Metal servers in your recovery/test cluster. There is no need to provide additional bare metal servers in the recovery site, just deploy or spin-up additional VMs within the recovery cluster(s).
In recent testing, a client was able to recover a mission critical 12TB database residing on a physical server in 5 minutes. In another test 10 physical servers AND 1000 VMs were recovered in 45 minutes.
If you’re ready to prove the impact your cyber initiatives are having in a business context through evidence-based solutions, we’re ready show you.
Request Demo