Book demo
20 July 2022

In the world of containerization, who will be the new Veeam?

Few people today question the rationale for the deployment of backup and recovery tools for VMware workloads. It’s this which propelled backup specialist Veeam to the top division of data protection. VMware has dominated the on-premises hypervisor platform market for the last fifteen years, but change is coming quickly.

Businesses have gained little by migrating VMware workloads to public cloud – leading to faster adoption of ready-made SaaS applications and the rise of refactoring existing applications using microservices. What is not clear is whether a new backup vendor will emerge to dominate this new cloud-native computing era. This post looks at the likelihood of history repeating itself.

The container explosion

Business leaders and developers have embraced containerization. Extreme modularization shortens development time and speeds up innovation. Container-built applications are easier to scale up or scale down, making it much easier for businesses to match customer demand and respond quickly to market opportunities. The inherent portability of tools like IBM’s Red Hat OpenShift is driving the phenomenal growth of hybrid-cloud.

The same but different

For backup professionals, the microservices revolution brings similar challenges to the virtualization boom of the 2010s. Questions about who is responsible for backup, to whether a backup is even necessary are reminiscent of the early days of VMware.

Container projects start small, and at the early stages, infrastructure specialists are often unaware of developer-led projects. Kubernetes YAML files, from which the configuration of a container environment can be rebuilt, can be exported to a PC or server. Source code can be stored in cloud repositories such as GitHub. With a small number of microservices, most developers can feel confident of restoring projects manually.

Veeam appealed directly to the VMware administrator who wanted to take  control of backup. The vendors vying for a share of the container backup market will likewise need to appeal to developers by giving them a seamless experience.

Containers are ephemeral. They get created or destroyed depending on the load. Persistent information such as container image registries, logs, and files uploaded by users should be stored on external storage. This can be storage hosted on public cloud providers like AWS and Azure, or on more traditional storage in the datacentre. As with VMware, if you lose data on external storage, you would not be able to get your projects back. It is also still the case that microservices architecture recommends having separate databases for each microservice hosted on one or more database servers. If these are not managed SQL instances offered as a cloud-hosted PaaS solution, you will need to back them up separately.

The rise of security

In the last era, backup was for computer malfunction, user error, or for disaster recovery. Not anymore. Backup systems now play a vital role in cyber threat detection and response. The unprecedented growth of microservices and hybrid cloud opens up a new front for cyber security professionals. Backup specialists, developers, cloud architects and security professionals will need to come together to choose the best backup and recovery strategy for the future.

As well as Veeam, the traditional backup vendors such as Commvault, Dell, Veritas and IBM will be throwing their hat into the ring – as will the big cloud providers. Google purchased Actifio in December 2020 and Microsoft purchased a chunk of equity in Rubrik in November 2021.

So, who will emerge as the dominant force?

Predicting the future

The fact is, in such a fragmented market, it’s impossible to predict. And actually, our money says, there won’t be a single vendor that wins the day in the same way that Veeam did in the first wave of virtualization.

Even in this uncertain landscape there’s a few things you can be sure of….
1. Containerization is coming fast,
2. Businesses need to be ready,
3. Legacy workloads will not disappear anytime soon.

Just as Veeam co-exists with other backup solutions in many enterprises today, tomorrow’s backup solution for containers will become another part of an ever-growing infrastructure ecosystem.

You could sit tight and see if a leader does emerge before adding another backup solution to the stack . Or you could act now to prepare for the container revolution that’s coming by future-proofing and consolidating your infrastructure with a backup provider that can protect all of your workloads.

Our 2 cents? For most large enterprises looking to unify modern, future, and legacy workloads; IBM’s Storage Protect Suite – with support for containers built on Redhat OpenShift – will be hard to beat.

Are you using containers yet?

Where are  you are on your container journey? Drop us a line and tell us about your approach to backup and recovery of these shiny new workloads.

Learn more about
Predatar recovery assurance

08 July 2022

Boosting administrator security controls in Storage Protect 8.1.15

Last week saw the release of the latest IBM Storage Protect update. Predatar technology is built to work exclusively with IBM storage software, so naturally we stay very close to the development of what is already an incredibly powerful backup and recovery platform. In fact, Predatar’s Technical Director, Steve Miller is something of an authority on the Storage Protect Suite.
   
Here’s his take-aways on the version 8.1.15 release.

A few months back, I talked about Multi-Factor Authentication in Storage Protect, and how it would be a fundamental way to secure Storage Protect environments from now on.

With the release of 8.1.15, IBM have further beefed-up security access for Storage Protect with some relatively simple changes that we tend to take for granted on many other systems that we use.

Complex passwords
Firstly, Storage Protect admins can now establish complex passwords requirements. Up until now, it would have been possible for administrator IDs to have simple words as a password. I can’t help but wonder how many installations remain out there with the default userID and password setup still in place since the day it was implemented.

Although Storage Protect still doesn’t distinguish between upper and lower case, it’s now possible to set a requirement for passwords to have a set number of alphabetic, numeric and special characters.

Invalid logons
There has also been a refresh with the settings allowed for invalid logon attempts. Previously, the lowest value for this was 0. As it was the default, it effectively meant that invalid logon attempts were not being checked.

As of the new release, the default value for this is changed to 1, and the range is changed from 1 to 10. Again – it’s a sensible, if overdue update, making administrator access more secure.

TLS certificate loophole
Finally, the default behaviour for a new Admin ID is to require a TLS connection. Previously, the default was that the first connection was an enabling session, allowing the administrator ID to download the TLS certificate from the Storage Protect server. That’s been recognised as a security loophole and closed off.


In summary

Making data secure has always been the top priority of the Storage Protect development team. Encryption, both at rest and in transit was always fundamental, but administrator access had remained relatively open for a long time.

Looking at the pattern of these updates, it’s clear that IBM has recognised the risks of rogue administrator access, and it’s a critical threat to close-down. According to a 2021 report published by Verizon, 36% of data breaches are caused by internal bad actors. The changes that have arrived in 2022 are designed to remove weaknesses and will help to reduce risk in this area, and as a result any organisation using Storage Protect will benefit from the updates.

There are lots of ways you can leverage the power of IBM Storage Protect and Storage Protect Plus to boost cyber resiliency in your organisation. Predatar cyber recovery orchestration works hand-in-hand with IBM storage software to ensure your backups are infection-free and ready for quick, clean and complete recovery when you need it. You can see in this 5 minute demo video, or contact our team with questions.

Learn more about
Predatar recovery assurance