apinan - Fotolia

Arcserve UDP 8.0 update focuses on ransomware protection

After its latest update, Arcserve's flagship data protection software has integrated Sophos security and supports AWS S3 Object Lock to make backups immutable.

Arcserve updated its Unified Data Protection software to version 8.0 today with anti-ransomware features.

Arcserve UDP 8.0 comes with Sophos Intercept X security software. Sophos is integrated with UDP and protects the recovery infrastructure from viruses and malware. Similar to using security software to set up a perimeter and prevent intrusion to sensitive IT infrastructure, Sophos prevents unauthorized access and changes to Arcserve UDP. This will help prevent ransomware from encrypting the backups and making them useless, as well as intruders from stealing the backup data.

Ransomware has surged during the COVID-19 pandemic. Bad actors are increasingly going after backups, either to disable them and increase the impact of a future attack on production systems, to hold the data hostage or to steal and distribute the data for profit, said Sam Roguine, backup, DR and ransomware prevention evangelist at Arcserve. Backup infrastructure has a high concentration of valuable data, making it a prime target for criminals.

"When hackers want to steal all the company's data, backups is the place to go after. It's a treasure trove," Roguine said.

Sophos software already comes with Arcserve's appliance and cloud services products, so it was a "logical extension" to deliver it with UDP standalone software, Roguine said. He added that Arcserve's channel partners reported that 90% of their customers asking for data protection specifically ask about defending against ransomware, compared with other use cases such as protecting against natural disasters or accidental deletions. Roguine said that because ransomware defense requires both a backup and recovery component and a security component, Arcserve will deliver both in all its data protection products going forward.

Sophos Intercept X is free with UDP 8.0, including for customers upgrading from an earlier version. Customers who want to use their own security software to protect Arcserve UDP can opt not to install Sophos.

Arcserve UDP 8.0 also added support for AWS S3 Object Lock, allowing customers to make their backup copies immutable. Customers will need to supply their own AWS S3 storage for this feature.

Ransomware's so profitable for crime organizations that it's now simply a part of the landscape, like a hurricane or a flood.
Phil GoodwinResearch director, IDC

Rubrik and Cohesity also provide immutability for their backups, but according to IDC research director Phil Goodwin, criminals have already developed methods for circumventing it. Immutability is commonly defeated by stealing backup admins' credentials and changing a few settings, such as retention dates or system clocks. Arcserve provides security on top of the immutability, making it a more potent combination, Goodwin said. The extra layers of defense should hopefully convince criminals to move on to easier targets.

Recent IDC surveys have shown that ransomware continues to be a top concern for IT organizations, Goodwin said, and the "good guys" are always on the defensive. How a data protection vendor addresses ransomware has become a key differentiator in the market, enough to sway customers' purchasing decisions.

"Ransomware's so profitable for crime organizations that it's now simply a part of the landscape, like a hurricane or a flood," Goodwin said.

Goodwin said Arcserve isn't the only one to combine data protection and security, calling out Acronis, IBM and Dell as vendors that have done the same. As the threat of ransomware continues to rise, end users are looking to address it in a more holistic way. He said he wouldn't be surprised if more data protection vendors partner with or acquire cybersecurity companies to gain the technology they're missing.

"It is the direction of the industry. End users want to protect the front door and the back door," Goodwin said.

Expanded Nutanix and Oracle support

Outside of its ransomware-focused capabilities, Arcserve UDP's 8.0 update expanded support for Nutanix and Oracle databases.

For Nutanix, Arcserve UDP added the ability to back up Nutanix Files and to use Nutanix Objects as a backup target. UDP previously supported Nutanix Hyperconverged Infrastructure, but initial backups would go to disk. This update lets customers store initial backups in a deduped form in Nutanix's native object storage, streamlining the management of those backups.

For Oracle, Arcserve UDP now integrates with Oracle Recovery Manager (RMAN), leading to more granular recoveries. Previously, UDP could back up Oracle databases by backing up the server they lived on, which meant restores would bring back the entire server. Integration with RMAN allows individual tables and databases to be restored through UDP's interface and allows UDP to test and validate recoveries through RMAN's native BACKUP VALIDATE command.

Goodwin said it's clear Arcserve wanted to focus on ransomware with UDP 8.0, but it's important to continually update and refine its features for its supported platforms. It's not enough to just "tick off a box" and claim to be able to back up particular platforms.

"It's incremental, but it's important to support Nutanix the correct way and keep up with Oracle's latest updates," Goodwin said.

Dig Deeper on Data backup security