This document proposes a system that provides high availability and rapid recovery from attacks through redundant components and isolation techniques. It isolates user data and applications in virtual machines that can rollback if attacked or unstable. It uses network intrusion detection to find incoming and outgoing attacks, and novel file system monitoring to enforce data protection contracts for each application. The system aims to defend against viruses, worms, patches, and zero-days through these four key techniques.