kras99 - stock.adobe.com

VergeIO's new IOfortify halts ransomware spread

Diminutive snapshots, a new alert system and code improvements empower the software of HCI vendor VergeIO against ransomware attacks in its latest release.

A new backup and recovery capability from VergeIO brings ransomware protection into the HCI platform.

IOfortify enables the vendor's HCI software to alert users of abnormalities within snapshots created in the production environment and recover to a safe restore point. Updates to the VergeOS platform, which provides virtualized networking, storage and compute for data centers that run on commodity hardware, further protect HCI infrastructure by limiting the potential surface area for attacks.

HCI products, like other enterprise IT hardware and software, need a form of ransomware response even if they're not considered security products, according to Dave Raffo, an analyst at Futurum Research. The numerous ways IT software can be infected has security teams now taking a more active IT buying role.

"If you're selling any IT products today, you better have a good ransomware story," Raffo said. "[CISOs] want to make sure anything their company buys has security."

Hyperconverged infiltration

IOfortify's new capabilities build on the vendor's IOclone snapshot capability released earlier this year, which added administrator alerts and security upgrades to the OS.

IOfortify creates clones of the VergeOS instance and uses deduping capabilities to eliminate additional storage overhead and avoid performance slowdowns, according to Yan Ness, CEO at VergeIO.

Clones can be created by the second and number into the thousands, with deduping eliminating 80% to 90% of the data's original size, according to Ness, as the cloning technology carries over only changes to data and infrastructure configurations from the HCI environment. Given that snapshots are small, they can be maintained for longer periods. Initial clones imported from a VMware HCI environment or larger data sets like video and audio may not have as dramatic a size reduction, Ness added.

"It's not like you have to stick these clones into your production environment," Ness said. "It is your production environment."

IOfortify's anomaly detection capabilities scan and detect abnormalities in the VergeOS clones, alerting administrators to abnormalities outside specified parameters within the OS. The cloning process also helps the software track clones. Users can set alerts to flag data that isn't hitting certain deduplication thresholds, as this may indicate ongoing ransomware encryption.

If you're selling any IT products today, you better have a good ransomware story.
Dave RaffoAnalyst, Futurum Group

The snapshot process tends to slow down application performance for HCI configurations. But VergeIO's cloning methods aren't as impactful, according to Marc Staimer, president and founder of Dragon Slayer Consulting. Detecting snapshot abnormalities early can prevent ransomware for nesting a future detonation into the system.

While similar in function to other HCI platforms offered by Nutanix or VMware, VergeOS is better protected against ransomware attacks due to how segregated it keeps each virtual instance, which runs in memory separate from the others, Staimer added.

That means potential attacks against the larger clusters are difficult to spread if shut down early, he said.

"[VergeIO] severely limits the attack surface," Staimer said. "They stop the damage immediately and you can start the recovery."

Other features differentiating VergeOS include easy deletion of unwanted snapshots, storage management capabilities and OS scaling capabilities for larger data centers, according to Staimer. He noted VergeIO's anti-ransomware capabilities are reactive for stopping threats and that a combination of security software and policies are needed to halt intrusions.

All around me are familiar faces

HCI infrastructure, built off the virtualization technologies pioneered by VMware, is typically implemented at enterprise organizations that manage dispersed data centers.

Major HCI companies within the market include Nutanix and VMware as well as the open-source Linux Kernel-based Virtual Machines, according to Raffo and Staimer.

There are few competing directly with HCI vendors the way VergeIO is. VergeIO was originally known as Yottabyte and founded in 2010.

Broadcom Software Group's acquisition of VMware has introduced some uncertainty in the market, Raffo said.

"We don't see a lot of new HCI players coming into the market," he said. "[HCI] companies are positing themselves as VMware alternatives and I assume that's growing."

Enterprises utilizing HCI are commonly service providers competing against cloud hyperscalers for customers, Staimer said.

"The only way to grow as a cloud provider is to take market share from other cloud providers," he said. "Most people have never heard of [VergeIO]. They will."

Tim McCarthy is a journalist from the Merrimack Valley of Massachusetts. He covers cloud and data storage news.

Dig Deeper on Data center hardware and strategy