Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Ransomeware Recovery by Veeam
1. Ransomware Recovery
By Veeam
Any App, Any Data , Across any Cloud
The Hyper-Availability solutions
Tanawit Chansuchai
System Engineer, Thailand
Tanawit.chansuchai@veeam.com
2. Ransomware – The Big Picture
Agenda
How you Get Attacked
Prevention
3-2-1 Rule
Endpoints Protection
1
2
3
4
5
6. Malware Disrupts Your Business
• Halts productivity and service
delivery
• Loss of data on customers and
core competencies that is critical
to your competitiveness
• Damage to your brand and
reputation
• Legal and regulatory implications
11. Ransomware Attack Entry Points
79% tied to email with
malicious
attachment/URLs
20% tied to malicious
websites and/or dropped
by exploit kits
1% are actual
ransomware files
12. How it Works
Multiple Attack Vectors Data Encrypted
Ransom Note Pay Ransom
Data Decrypted – ??
Restore from Backup
OR
Trend Micro research has
found 99% of ransomware in
email and web traffic
19. Identity Theft
• Stealing Your username/password
• Corporate, Personal, Email, Social Networking
• Personal Information – birthdate, home city, etc…
22. Veeam
Gateway
Immunize your backup repository against virus
The best backup is useless if a ransomware can access your backup repository!
22
E:Backup>dir
Volume in drive C is Veeam
Volume Serial Number is 6AE5-29
Directory of E:Backup
2016-07-27 16:04 <DIR> .
2016-07-27 16:04 <DIR> ..
2016-07-27 16:05 <DIR> Job-Oracle
2015-11-18 18:19 <DIR> Job-SQL
2015-11-18 18:19 <DIR> VeeamConfigBackup
0 File(s) 0 bytes
4 Dir(s) 17,381,437,440 bytes free
Backup Repositories
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
All restore points are HEALTHY !
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
Production Virtual
Infrastructure
Windows Server
Access denied to Virus. Repository
visible only using 3 Party API
Benefit: Your backup repository is protected against Virus
NAS Share
Local Disk Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
All restore points are lost !
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
All restore points are lost !
Oracle.VM.vbk
SQL.VM.vbk
DC.VM.vbk
All restore points
are HEALTHY !
VM
Hypervisor
VM VM VM
Veeam
Server
Veeam
Proxy
NASBackup
H/W Duduplication
23. Immunize your backup repository against virus
The best backup is useless if a ransomware can access your backup repository!
24. 2Different media
3Different copies
of data
1of which is off-site
cloud
0No errors after
backup recoverability
verification
1Is offline
3-2-1 Rule
3 Different copies , 2 Different media , 1 air-gapped from network
25. 3–2–1 Rule with Veeam
Enables complete data Availability
Tape
Device
Storage
To insure data recoverability against ransomware:
Have three copies
of your data
Store on two
different media types
Keep one copy
off site
Veeam Cloud
Connect
Database, Applications,
Files & Data
Backup copy
Production Storage
32. Disaster Recovery Plan
Sure Replica report
You can schedule automatic report delivery for result of sure replica, you can to receive
report by email, Note that you can schedule report after sure replica job done.
36. NEW Veeam Windows and Linux
agents deliver Availability to public
cloud workloads, as well as physical
endpoints, workstations and servers:
• Enable workload mobility
by allowing workloads
to move from on-premises to the cloud
• Streamline operations with one trusted solution
for virtual,
physical and cloud
EndPoint Protection
37. Veeam Agent for Windows 2.0
NEW Veeam® Agents for Microsoft Windows and Linux work alongside Veeam Backup & Replication™ to extend Availability to Microsoft
Windows and Linux workloads.
- To avoid downtime and data loss for Windows and Linux-based physical or public cloud-based servers, workstations and endpoints quickly and
easily!
38. NAT SWITCH
• Test update patch
• Troubleshoot issues
• Train IT Staff
• Provision dev application
Verified Protection & Leverage Data
SureReplica & On Demand Sandbox