Cohesity DataPlatform 6.5.1c LTS Is Here!

Posted on December 11, 2020 by Tim

Cohesity has just announced the (LTS) Long Term Supported release of their DataPlatform version 6.5.1c. It is now available for Cohesity customers to upgrade their clusters and gain all the added benefits of the new LTS version. Below is the list of the added features and enhancements for both (GA) Generally Available and Tech Preview features.

(GA) Generally Available Features:

Backup/Recover to secondary VMware network
VMware VM Recovery with Copy Recovery
File Level Recovery with VMware Tools
NetApp DataProtect Volume Backup
NFS/SMB Encryption Support for NAS Backups
Blacklist IPs for NAS Protection Groups
Download NAS Backup Error Logs
NAS Backup with File DataLock
NAS Exclusions – Regular Expression Patterns
MegaFile Restore Support for Physical Agents
Auto Upgrade Agents after Cluster Upgrade
Protect All Local Volumes
Parallel File/Folder Data Protection
Fault Tolerance – New 6:2/8:2 (EC) Erasure Coding Configurations
Account/Security Related:
- “Cohesity” User Account No Longer Used
- Removed Bash SSH Access to Accounts
- Both SSH/Remote Logins are Disabled by Default
- “root” User Access from the Physical Console Removed
- Support Account:
  - No User Account Anymore
  - Now Uses “User Security Token” Which Cohesity Support Needs to Connect to Your Cluster via the Remote Tunnel
  - Can be set to On/Off/Temporary for a Set Amount of Time
  - Only Cohesity Employees Can Access the Remote Tunnel
  - If Password Forgotten, Support Must be Contacted to Change Password
- (2) Person Rule:
  - Cohesity Administrator Enables It
  - Password Set by a Different Cohesity Administrator – The First Administrator Does Not Set the Password
  - Administrator Controls the “sudo ” Access
- a
Oracle:
- Backup with “sysbackup” Privilege
- Backup Support for TDE Databases
- Pfile Control via UI During Restore/Clone
- Log Backup Archival & PIT Restore from Archive
AWS:
- Specify VPC for Fleet on Source Registration
- AWS Cloud Edition – Deployment Using IAM Roles & Source/External Target Registration
Azure:
- Filter Users Based on Azure Attributes
- Use Incremental APIs for Managed Disk VMs
- Support for Hyper-V Gen2 VMs
Cohesity Cloud Edition – Cost Optimization with XL Node
Next Generation User Interface Enhancements:
- Quick Protect & Quick Policy
- One-Time Protect
- Dashboard Enhancements with Heat Maps
- Metrics on Data Transferred to External Targets
- A New Health Dashboard
- Password Management Enhancements
Multi-Tenancy:
- Enable “Restricted Access to Specific Object” Workflow for Organization User
- Guardrail for Supported Workload
- Protected Objects Heatmap Report for Tenants
- Restore to vCloud Director Storage Profile
- Support for VMware’s VCD version 10.1
- VMware’s VCD Plug-In – Cross Launch to Cohesity Web GUI
- Support for VMware’s vRealize Automation Workflows
SmartFiles (NAS):
- Intent Based Views
- SMB SuperUser Account
- Audit Log – Filer Tab
- NIS Support
- External NAS Tiering – Uptiering
Hardware:
- Cohesity C6055 with 16TB Drive Support
- Cohesity “Compute” Nodes – For Use With NoSQL & Hadoop Only
  - Cohesity (VE) Virtual Edition
  - Cisco UCS C220 M5
  - HPE DL360
  - Dell R640
  - (BYOH) Bring Your Own Hardware (check for hardware requirements)
- Cohesity CX8405 Nodes – Support for 15.3TB Drives
- Cisco UCS S3260 – 14TB Drive Integration
- Cisco UCS C220 M5 – 4TB Drive Integration
- Fujitsu RX2540 M5
- (ROBO) Remote Office Branch Office Node – Dell R640

Tech Preview Features:

Support for SAN transport (Fibre channel or iSCSI) for VMware backups
NAS Backup with File DataLock
SharePoint Online Backups
Oracle:
- VLAN Selection
- Backup Databases on Windows Servers
- SAP on Oracle Using BRTOOLs
SQL:
- Exclude a SQL DB from a Protection Group
- Resume Recovery After Fail
NoSQL & Hadoop Adapters
Automated Deployment of Cohesity Agent
DataProtection Continuity Across Cohesity Clusters

As always, we highly recommend that you lock down your Cohesity clusters using our Security Whitepaper and Hardening Guide to ensure you are protected as best as possible against Ransomware and other malicious attacks!

NOTE: The below links require you to have a Cohesity account to log into either the Cohesity Documents site.

Cohesity DataPlatform Security Whitepaper: https://docs.cohesity.com/HomePage/PDFs/Cohesity-White-Paper-Security-DataPlatform.pdf

Cohesity Security Hardening Guide: https://docs.cohesity.com/HomePage/PDFs/Cohesity-Best-Practice-Security-Hardening.pdf

6.5.1c Release Notes: https://docs.cohesity.com/6_5_1/Web/UserGuide/Content/ReleaseNotes/ReleaseNotesIntro.htm?mkt_tok=eyJpIjoiTVdWbE5tRTFOakkxWkdFeSIsInQiOiJGT25wdFUzSTY5QmRMaGk1VXozRDUreWJOZ0o4ZmZhbWg2NzhSeU5UNVpCR2lTUThEZFZLXC9XQ3BCdDhaRlR1V1VjSk1POHMrWlFGb2hvYWRSYkJ1akRnbmgwbjl5UE5wQm5hNlJjRU9vYWltNmdZS1I2RkdUb0wzT0V5Mko1dEgifQ%3D%3D

Release Notes (What’s New): https://docs.cohesity.com/6_5_1/Web/UserGuide/Content/ReleaseNotes/WhatsNew.htm?mkt_tok=eyJpIjoiTVdWbE5tRTFOakkxWkdFeSIsInQiOiJGT25wdFUzSTY5QmRMaGk1VXozRDUreWJOZ0o4ZmZhbWg2NzhSeU5UNVpCR2lTUThEZFZLXC9XQ3BCdDhaRlR1V1VjSk1POHMrWlFGb2hvYWRSYkJ1akRnbmgwbjl5UE5wQm5hNlJjRU9vYWltNmdZS1I2RkdUb0wzT0V5Mko1dEgifQ%3D%3D

Upgrading to 6.5.1c: https://docs.cohesity.com/6_5_1/Web/UserGuide/Content/ReleaseNotes/Upgrade.htm?mkt_tok=eyJpIjoiTVdWbE5tRTFOakkxWkdFeSIsInQiOiJGT25wdFUzSTY5QmRMaGk1VXozRDUreWJOZ0o4ZmZhbWg2NzhSeU5UNVpCR2lTUThEZFZLXC9XQ3BCdDhaRlR1V1VjSk1POHMrWlFGb2hvYWRSYkJ1akRnbmgwbjl5UE5wQm5hNlJjRU9vYWltNmdZS1I2RkdUb0wzT0V5Mko1dEgifQ%3D%3D

Upgrade Considerations: https://docs.cohesity.com/6_5_1/Web/UserGuide/Content/ReleaseNotes/Upgrade.htm?tocpath=Release%20Notes%7C_____3#UpgradeConsiderations

Cohesity Announces SiteContinuity (Automated DR)

Posted on September 29, 2020 by Tim

On September 28, 2020 Cohesity announced Cohesity SiteContinuity, an automated disaster recovery solution that is integrated with the company’s backup and continuous data protection capabilities — making it the only web-scale, converged solution to protect applications across tiers, service levels, and locations on a single platform.

NOTE: (GA) General Availability will be in version 6.6 which will be released potentially in December 2020.

Cohesity is making this announcement as organizations are concerned about losing data to ransomware attacks, natural disasters, or human error. This new integrated solution will help companies ensure data isn’t lost, applications are available, costs are reduced — by eliminating redundant or unnecessary infrastructure — and that strict service-level agreements (SLAs) are met.

SiteContinuity uses our existing (CDP) Continuous Data Protection feature to deliver near-zero (RPOs) Recovery Point Objectives for your mission-critical virtual machines. Near-zero RPOs means every change and every I/O is protected, and in the case of disaster, minimizing your data loss and downtime.

Leveraging vSphere APIs for I/O filtering (VAIO), Cohesity intercepts I/Os between the protected VM and its underlining storage. This approach captures changes and helps reconstructing a copy of your VM directly on
Cohesity. As a journal-based solution, Cohesity maintains a journal of all I/Os received from the VM. Built-in intelligence allows the periodic consolidation of log deltas and the foundational VMDK. The implication: fullyhydrated recovery points, at any point in time—ensuring near-zero RPOs and rapid RTOs.

Continuous Data Protection (CDP) ensures that you recover all of your data, not just most of it. CDP delivers real-time protection for VMware vSphere virtual machines, augmenting your existing snapshot-backups data
protection strategy.

The CDP Solution offers:

Enterprise-class data resiliency
Operational simplicity with high fault tolerance
Efficient flexibility

Cohesity’s SiteContinuity converged backup and disaster recovery solution provides:

Simplified Operations: Consolidate backup, continuous data protection and automated disaster recovery on a single platform, managed through one global UI and a unified policy framework, across application tiers, service levels, and environments.
Near-zero Application Downtime and Data Loss: With just a few clicks, automatically orchestrate failover and failback of a single application or an entire site, ensuring minimum data loss and downtime as business applications are rapidly recovered in a disaster scenario.
Flexible Recovery: Journal-based recovery helps to meet varying service levels across application tiers by restoring to any point in time — including days or even seconds before the disaster hit, on-premises or to the public cloud.
Machine Learning-Based Ransomware Detection and Recommendation: At the time of failover and/or restore, Cohesity Helios’ machine learning algorithm helps identify a clean point in time to restore. This helps protect the DR site from malware impact during the failover process.
Disaster Testing: Meet DR compliance objectives with confidence through end-to-end automated non-disruptive disaster recovery testing, including complete audit trail reporting.
Reduced TCO: Reduce costs by converging backup and DR, eliminating the need for separate point products and driving better storage efficiency. Further reduce data footprint and costs with global variable-length deduplication and compression across workloads. Additionally, there is no need to deploy dedicated virtual machines to support recovery of each ESXi host.
Limitless Scalability: The underlying web-scale architecture of the Cohesity platform enables organizations to scale BCDR capabilities limitlessly and painlessly.

Cohesity Version 6.5.1 Released!

Posted on August 24, 2020 by Tim

On August 17th, Cohesity announced the release of their new platform version 6.5.1! This release is packed with over 75 enhancements since the last release. Since there are so many, we can’t really go through them in any detail. However, below is a very long and distinguished bulleted list of most of the enhancements in the 6.5.1 release.

NOTE: The below list of enhancements in version 6.5.1 are (GA) Generally Available with the exception of the individual listed items marked with either BETA or TECH PREVIEW.

CLOUD:
- Microsoft 365 –
  - (TECH PREVIEW) SharePoint Online support
  - (TECH PREVIEW) SharePoint Online site documents
  - (GA) OneDrive
  - (GA) Exchange
  - (GA) Filter users based on Azure Active Directory Attributes
- Azure –
  - Incremental APIs for Managed Disk VMs
  - Support for Hyper-V GEN2 VMs
- AWS –
  - A backup admin can specify a VPC and Subnet for fleet instances at the source level for backup
- Helios On-Prem & Global Policies –
  - On-premise multi-cluster management: single pane of glass experience for customers with many dark sites (Tech Preview)
  - Global policies: Enable policies at a global level for global and standardized governance and data management
  - New storage impact simulation and enhanced ransomware detection

SOFTWARE INTEGRATIONS:
- (TECH PREVIEW) Exchange DAG Awareness –
  - Active/Active DAG configuration and automating DP for Exchange server mailboxes
  - Simplifies Server and Exchange DAG discovery and registration
  - Helps backup admins reorder backup priority of Exchange mailboxes base on their own requirements
- (TECH PREVIEW) Integrated NoSQL/Hadoop experience –
  - Strengthening our NoSQL and Hadoop solution by unifying the comprehensive backup and recovery solution into a single framework
  - Unified protection and experience for your traditional and modern NoSQL databases
  - All workflows of DataProtect apply to NoSQL and Hadoop: a simple and comprehensive solution that’s a differentiator
- Oracle –
  - Backup with “sysbackup” privilege
  - (TECH PREVIEW) Secondary VLAN for registration, backups, recovery, and cloning support
  - (TECH PREVIEW) Backup Oracle on Windows Servers support
  - Backup support for TDE databases
  - Pfile control during restore/clone functions
  - Log backup archival and PIT restore from archive
  - Enhanced Oracle pre-check utility
- SQL –
  - (GA) Error message handling framework
  - (TECH PREVIEW) Exclude a SQL DB from a protection group
  - (TECH PREVIEW) Resume recovery after fail
- SAP HANA 2.0 –
  - (GA) SAP HANA On Power
  - (BETA) Oracle on Linux
  - (GA) Uses native API for backup, recovery, enquiry, and delete
  - (GA) New RPM is downloadable from UI
- Secondary NetApp –
  - Back up data protection volumes from secondary NetApp
  - Save space and no impact to their primary by backing up from the snapmirror copy and help reduce TCO
- VMware Enhancements –
  - VMware SAN Transport via FC for better bandwidth/performance
  - File-level recovery with VMTools
  - Register vCenter on secondary network
  - VMware VM Recovery with Copy Recovery

PHYSICAL:
- Compute-Only Nodes –
  - Options –
    - Cisco UCS C220 M5
    - HPE DL360
    - Dell R640
    - Also some (BYOH) Bring-Your-Own-Hardware options with Cisco, HPE, Dell, Fujitsu, and Lenovo
  - Dedicated nodes for computing in a Cohesity cluster for running resource-intensive apps
  - Customers now have the flexibility to independently scale compute or storage resources
  - Experience better performance for resource intensive workloads
- New Cohesity C6055 Nodes –
  - C6055 Node –
    - High capacity 1U node
    - Cost competitive dense node for lower TCO for replication and archives
    - New expanded platform support: Fujitsu, Dell ROBO
  - CX8405 Node –
    - Dense All-Flash platform (92.16 TB RAW per node)
- New Fujitsu RX2540 M5 Node –
  - New OEM partner hardware
  - (2) Options –
    - 8TB RAW/5.3TB Usable
    - 16TB RAW/10.6TB Usable
- New Cisco Configurations –
  - Cisco UCS S3260 – 14TB drive integration
    - (2) Options –
      - Half-populated drives – 294TB RAW/194TB Usable
      - Fully-populated drives – 588TB RAW/388TB Usable
  - Cisco UCS C220 M5 –
    - 4TB drives – 12TB RAW/8TB Usable
- New Dell R640 ROBO Node –
  - (2) Options –
    - 46TB RAW/42TB Usable
    - 96TB RAW/64TB Usable
- Physical Agent –
  - Auto upgrade agent after cluster upgrade
  - Directive-file backup support
  - Protect all local volumes support option in protection group
  - Auto deployment of agent
  - Parallel file/folder data protection
  - Support registering physical server on (2) Cohesity clusters

PLATFORM:
- SmartFiles (NAS) –
  - Intent-Based views
  - New SMB SuperUser for share level permissions of SMB views
  - Audit Log – filter tab
  - Support for NIS environments
  - User mapping between Active Directory and NIS Provider
  - External NAS Tiering – Uptiering
- (TECH PREVIEW) MegaFile Restores for Physical Data Sources –
  - Backup/Restore large files faster, help meet SLAs
  - Support for AIX, Linux, Windows for files > 64GB
  - 3x faster restores for physical data source files > 64GB
- (TECH PREVIEW) Service Providers – Pay-Per-Use Consumption –
  - Introducing a consumption-based pricing model for service providers
  - Traditional licensing locks service providers into multi-year license cycles and flat-fee monthly subscriptions
  - Cohesity is the only vendor that allows SPs to choose their own monthly commit and pay only for the software they consume through metered pricing for multiple SP offerings
- Fault Tolerance –
  - New (EC) Erasure Coding configurations – EC 6:2/EC 8:2
- Next Gen User Interface –
  - Global dashboard view
  - Multi-Cluster Monitoring
  - Smart context aware click-throughs
  - Security Dashboard
  - Global Actionable Search
  - Single Cluster Dashboard
  - Physical Usage Reporting for Tenants
  - Physical Usage Reporting for Jobs
  - Dark Theme
  - Enhanced Reporting & Planning
  - Quick Protect
  - Quick Policy
  - One-time Protect
  - Dashboard Heatmaps
  - Reporting – Data Transferred to External Targets
  - Protection Group Run Details
  - Password management to force password changes

Blog Announcement: https://www.cohesity.com/blog/announcing-cohesity-pegasus-6-5-1-options-matter/

Cohesity Public Site: https://www.cohesity.com/

Protecting Against Ransomware with Cohesity

Posted on August 13, 2020 by Tim

Protecting Against Ransomware with Cohesity:

As most of you are aware, 2020 has been especially riddled with Ransomware attacks against large corporations. However, large corporations are not the only ones under attack. These attacks are against all types of businesses from the largest corporations all the way down to the small mom and pop businesses. Government agencies to include federal, state, and local are under constant attack as well.

The most notable ransomware attacks that most have heard about include Garmin, Travelex, University of California San Francisco, Honda, and Canon USA. Click on the appropriate company name to go to an article specific to that companies attack.

NOTE: For 2021 statistics on Ransomware attacks, see the first link at the bottom of this blog called “Ransomware Statistics“.

Most of the data protection solutions on the market (especially the legacy solutions) today have fallen pray to the above list of recent Ransomware attacks as well as many others.

To this day, not one Cohesity customer has had a successful ransomware attack to where they gained access to their Cohesity backups to delete or encrypt them and where they have followed our security hardening guidelines. That means that our customers have been able to detect, prevent, and/or recover and not have to pay any ransom whatsoever.

Here is an example of what can happen in your typical ransomware attack of today:

Employee clicks on link in an email and hackers gain access to your network.
Hacker then installs a key logger and gets an administrators credentials to systems (including your data protection system) on the network.
- Hackers delete your backups of systems to ensure you can’t recover from backups and have to pay them the ransom.
If they don’t get administrator credentials to backup solution, they encrypt the backs first to again make sure you can’t recover any systems from backups and force you to pay the ransom.
If the company has any CCPA, GDPR, or other compliance related requirements and associated data, they collect that data.
They then encrypt the systems on the network.
Hackers notify the company that they have encrypted their systems and tell them they must pay a ransom to get the encryption keys to decrypt their systems. If they obtained any compliance related data, they also tell the company that they will publicly post the private data. If they do that, the company by law then has to publicly announce that they had a data breach. They then can be fined a very large amount of money for breaking compliance itself. This is a separate cost from the ransom.
Hackers typically give the company a certain time frame to pay the ransom or lose everything after that date as well as post any compliance related information on the internet.
If the company pays the ransom, it typically requires payment in Bitcoin because it is private and untraceable. Most companies don’t have a Bitcoin account, so they will need to pay a 3rd party company to convert the payment to Bitcoin in which the hackers will accept.
Once the ransom is paid, the hackers will provide all the decryption keys for every system that was encrypted.
The customer then has to randomly associate each decryption key to each server which can take days to do. The hackers don’t tell them which key goes to what specific server. If you have thousands of servers, that is a painfully long process all while your IT systems are still down.
Each virtual machine has to have twice the size of space on it in order to decrypt the system. Otherwise if there is not enough room on drive, decryption will fail until additional drive space is added. The time to go through this process can be painfully long based on how many systems need to be configured with additional storage.
At this point, this entire process from start to finish could be from days to weeks or more for a company to fully recover IF they pay the ransom.

For the company that has been attacked, if they have to pay the ransom due to being unable to restore from backups, this could mean a huge revenue loss for the company long term.

There are numerous costs associated to the attack:

The ransom itself.
The cost for 3rd party company to convert payment to Bitcoin.
Potential fines for breaking compliance due to leaked data if ransom not paid.
The associated cost of lost revenue due to systems being down for days, weeks, or more due to attack and recovery time frame of IT internal and externally facing services.
The associated cost of lost revenue due to bad reputation after personal data leaked.
The associated cost of massive increased hours worked by IT staff and any other employees to recover systems until they are back to normal operations.
Cost of new hardware/software implementation and associated man hours to implement new security measure to keep from being attacked again.
Legal actions against company for personal data leaked and other various reasons.
NEW (10/5/20) – US Department of the Treasury’s Office fines!

There are numerous precautions that can be taken to minimize the risk of your organization being attacked as well as recover easily and quickly to get your IT services up and running again. With that, securing your data protection (backup) solution becomes critical to protecting yourself against ransomware attacks.

How Cohesity Protects You Against Ransomware:

Cohesity takes security very serious and has extensive integrated cybersecurity in our solution. Listed below are the ways in which we protect your backups in our platform with the below principles and capabilities.

Reduce Attack Surface –
- Zero trust architecture.
- Bank-grade encryption (FIPS 140-2, NIST certified).
- Single global platform.
- No Windows or Linux front-end server.
Assess Security Posture & Vulnerabilities –
- Vulnerability Management:
  - CyberScan App – Uncover cyber exposures and blind spots within your production environment by running on-demand and automated scans on backup snapshots against known vulnerabilities.
- Advanced Threat Detection:
  - SentinalOne App – AI-powered prevention engine to Cohesity storage clusters, delivering the highest efficacy, lowest false positives, and most performant prevention technology. 100% signature-free and relies on machine learning models to deliver next-generation prevention.
- ClamAV App – Scan the files stored in the Cohesity DataPlatform directly, without sending the files to an external scanner.
- Configuration analysis.
- Marketplace (Apps): https://marketplace.cohesity.com/
Access Management & Auditing –
- Web UI, CLI, REST API’s all use SSL with TLS 1.2 and above.
- Self-signed X509 certificates or company CA/certificates can be used.
- Microsoft Active Directory integration and (RBAC) Role-Based Access Control.
- (2FA) Two Factor Authentication (CAC / SAML).
- (SSO) Single Sign-On Integration with SAML-based standards:
  - Active Directory
  - LDAP
  - Azure Active Directory
  - Okta
  - Ping
  - Duo
  - Shibboleth
- Operational & file level accounting.
- System & product level auditing.
- Exportable granular audit logs.
- Send logs to external syslog server.
- Global whitelists network segments, individual IP’s, etc.
Data Governance / Compliance –
- SEC 17a-f (f)
  - (WORM) Write Once Read Many & Data Security
- FIPS 140-2 level 1
- PCI DSS
- Common Criteria EAL2+
- Secure Government Clouds
  - AWS Govcloud
  - Azure Govcloud
  - C2S
- (TAA) Trade Agreements Act
- (ATO) Authority to Operate
- GDPR / CCPA Governance –
  - Global actionable search.
  - We reduced copies of data on average from 8-10 copies to potentially 1-2 copies.
Defend –
- Immutable file system –
  - Inaccessible from outside Cohesity cluster
  - Back ups stored in Read-Only state
- DataLock / (WORM) Write-Once-Read-Many –
  - Unable to delete/modify snapshots until the set retention time has passed
- LegalHold –
  - Unable to delete snapshots until LegalHold removed only by Data Security role
- Provides a virtual “air gap”
Detect –
- Helios machine learning driven anomaly detection.
  - Daily change rate on Logical data.
  - Daily change rate on stored data.
  - Pattern based on historical data ingest.
Respond –
- Google-like global actionable search.
- Instant mass restore – Recover hundreds or more virtual machines and have services up and running in the matter of minutes.
- Salable file system to store years worth of backup copies.

Additional Resources – Cohesity & Ransomware Protection:

Ransomware Statistics:
- https://www.comparitech.com/antivirus/ransomware-statistics/
Counter Ransomware Attacks with Cohesity (Whitepaper):
- https://www.cohesity.com/resource-assets/solution-brief/Counter-Ransomware-Attacks-with-Cohesity.pdf
Comprehensive Anti-Ransomware Solution: Prevent, Detect and Respond (Video):
- https://www.youtube.com/watch?v=WnR4n4e_FaY
Guarding Against Ransomware Requires More Than Just Detection (Blog):
- https://www.cohesity.com/blog/guarding-against-ransomware-requires-more-than-just-detection/
Cohesity Public Site – Ransomware:
- https://www.cohesity.com/solution/ransomware-recovery/
Cohesity Technical Guides: https://docs.cohesity.com/HomePage/Content/TechGuides/TechnicalGuides.htm
Cohesity Documents – Ransomware:
- https://docs.cohesity.com/WebHelios/Content/Helios/RansomewareAlert.htm
Cohesity’s Solutions for Air-gap Data Protection (Whitepaper):
- https://info.cohesity.com/air-gap-data-protection-with-cohesity-dataplatform-wp.html
CyberScan App (Video):
- https://www.youtube.com/watch?v=R1upyfXRtbQ
CyberScan App (Blog):
- https://www.cohesity.com/blog/new-app-uses-backup-data-to-combat-cyber-threats/
(CCPA) California Consumer Privacy Act:
- https://oag.ca.gov/privacy/ccpa
Streamlining GDPR Compliance (Solution Brief):
- https://www.cohesity.com/resource-assets/solution-brief/Cohesity_GDPR-Solution-Brief.pdf
Cohesity DataPlatform Security Whitepaper:
- https://docs.cohesity.com/HomePage/PDFs/Cohesity-White-Paper-Security-DataPlatform.pdf

Cohesity & Pure Storage Partnership Announcement

Posted on August 12, 2020 by Tim

On August 12, 2020, Cohesity has officially announced the partnership with Pure Storage for their joint solution called Pure FlashRecover – Powered by Cohesity which is the industry’s first jointly-engineered all-flash modern data protection solution for rapid recovery, ransomware protection, and reuse of data.

Pure and Cohesity have formed this partnership based on strong customer demand for an integrated all-flash data protection solution that empowers customers to easily, quickly, and reliably back up and recover their data at scale. The companies have also formed this partnership at a time when more customers are embracing cloud services and are seeking ransomware protection.

Pure FlashRecover, Powered by Cohesity delivers all-flash data backup and recovery capabilities that enterprises require for restoring data rapidly in the face of a disaster or a ransomware attack. It enables flash-to-flash-to-cloud data protection and allows rapid, independent scaling of processing, throughput, and storage capacity for the most efficient use of all resources.

The solution also empowers organizations to future-proof data center investments and realize new levels of performance to meet growing petabyte-level recovery requirements. In addition, the solution enables backup data to be reused for analytics and DevOps, allowing multiple applications to leverage data stores on the high-performance, unified fast file and object FlashBlade^™ platform.

By combining Cohesity DataProtect software with Pure’s unified fast file and object FlashBlade platform, the integrated solution delivers:

Performance: up to 3x faster backup and restore throughput than disk-based alternatives, capable of recovering thousands of virtual machines and up to 1PB of data a day to meet large-scale disaster recovery needs.
Integration: single-point purchasing, deployment and support all delivered through Pure, eliminating the need for customers to go through two vendors. Pure is now a Cohesity Technology Partner and the companies have committed to joint innovation.
Scalability: disaggregated compute and storage to enable independent scaling for backup / recovery processing, throughput, and storage capacity for the most efficient use of resources.
Simplicity: ease of management provided by cloud integration that enables flash-to-flash-to-cloud backup and recovery, low-cost public cloud storage for long-term retention, and non-disruptive upgrades.

Availability
Pure FlashRecover, Powered by Cohesity is being tested by joint customers today and will be generally available in the United States in Q4 CY2020 and in countries outside the United States in the coming quarters.

For More Information
To find out how your organization can leverage the benefits of Pure FlashRecover, Powered by Cohesity, visit:

Pure Storage: Solution brief and blog post.
Cohesity: S olution brief.

For the full announcement on the Cohesity Blog page, see the below link.

Announcement (Blog): https://www.cohesity.com/press/pure-storage-and-cohesity-forge-strategic-partnership-to-deliver-rapid-recovery-at-scale/

Cohesity Data Protection DEMO (Short)

Posted on August 12, 2020 by Tim

Cohesity Data Protection DEMO (Short): https://youtu.be/PxT4zBS-L68

In this demo, I do a quick run through of the Cohesity 6.4.1 user interface related to the Data Protection use case specifically. This is not meant to be a complete demo of the entire interface and functionality, just a quick overview for the Data Protection use case only.

I start off by showing the types of sources you can connect to such as External Cloud Providers (AWS, Azure, GCP, etc.) as well as hypervisors, physical servers, databases, O365, Active Directory, NAS, etc.

Then I show how simple it is to create policies so that you can do local and long term retention, replication to other clusters, archive to the cloud, database logs, and much more.

The next step is to create a protection jobs for the various sources we mentioned above. We select the appropriate policy to associate to this protection job, and set various other settings such as QOA policy, SLA time frame, priority, etc.

If you would like to see a complete demo of the entire interface of our new 6.5.0 version, see my other video titled “Cohesity 6.5 User Interface Overview (DEMO)“…Click Here!

Cohesity 6.5 User Interface Overview (DEMO)

Posted on June 23, 2020 by Tim

Cohesity 6.5 User Interface Overview (DEMO): https://youtu.be/S-JfmpeUe7I

Want to know more about the new Cohesity 6.5 (UI) User Interface and all the core capabilities, watch the below video of the demo. Not all capabilities (old and new) are covered in this demo, it is meant to provide an overview of the core capabilities.

Topics covered in this demo:

Registering Sources
Registering External Sources
Creating Policies
Creating Protection Jobs
Restores (File & Virtual Machine)
Clone Virtual Machine
Creating Views/Shares (SMB/NFS/S3)
Cohesity Marketplace Apps
Reporting
System Information

What’s New in 6.5:

Comprehensive Protection for Kubernetes Namespaces
(CDP) Continuous Data Protection for Mission-Critical Virtual Machines
Heterogenous Cluster Support
ROBO Appliance Availability
Dramatically Faster SQL Database Migration
Higher Data Resiliency
Runbook Automation for VMware Failover (DR)
Helios Mobile App

For more detailed information on what’s new in Cohesity 6.5, see the below link.
https://www.cohesity.com/blog/cohesity-pegasus-6-5-innovation-doesnt-have-to-be-zero-sum-game/

Cohesity Public Website: https://www.cohesity.com/

Backing Up & Restoring Active Directory With Cohesity 6.5

Posted on June 23, 2020 by Tim

Backing Up & Restoring Active Directory With Cohesity 6.5: https://www.youtube.com/watch?v=azFuXXZpW68

In this video, I quickly run through how to connect to (AD) Active Directory as a source and register it as an Active Directory server using our latest software version 6.5. Then I show a Active Directory protection job I had already ran previously. And finally, I show how easy it is to perform a Active Directory restore of a user account in which I deleted at the beginning of the video.

Cohesity has an agent install that allows us to do granular backups and recoveries of Microsoft’s Active Directory objects. Anyone that has had to do an “Authoritative AD Restore” in their day knows how painful that can be after someone has deleted an entire (OU) Organizational Unit from Active Directory!

With Cohesity, you are able to backup the entire Active Directory database. Then do a granular restore of a single or multiple AD objects. The user interface presents you a comparison screen to show what AD objects are missing compared to a previous backup snapshot making it easy to see what has been deleted.

If you have enabled the AD Recycle Bin feature, we will restore it from there to ensure all the properties of the AD object are restored with it. If you do not have AD Recycling Bin enabled, we will restore the object but may be missing some properties in the same way it would with an Authoritative Restore after the Tombstone period has passed.

So system administrators can celebrate…no more are the days of doing an “Authoritative Restore” on your Domain Controllers! It is now quick and easy to restore an object.

Cohesity Public Website: https://www.cohesity.com/

Cohesity Documentation (Active Directory): https://docs.cohesity.com/6_5/Web/UserGuide/Content/Doc/ActiveDirectory.htm?tocpath=MS%20Active%20Directory%7C_____0

Backing Up, Restoring, & Cloning SQL Databases With Cohesity (v6.4.1)

Posted on June 23, 2020 by Tim

Backing Up, Restoring, & Cloning SQL Databases With Cohesity (v6.4.1): https://www.youtube.com/watch?v=oUfYxIuWhD8

In this video, I will show you how to register SQL servers as a source in the Cohesity version 6.4.1 user interface. Then I show how to create two protection jobs, one for a stand-alone SQL server and another for a SQL AAG.

Then we walk through how to recover the SQL (AAG) Always on Availability Groups database to the stand-alone SQL server as well as clone it. The we wrap up by taking a quick look at the SQL Dashboard.

Cohesity has an agent install that allows us to do more granular backups and restores to SQL databases. You can protect stand-alone, clustered and (AAG) Always on Availability Groups SQL servers. You can use our “Auto-Protect” feature so that when a new SQL server has been added to a SQL cluster or AAG, it automatically gets backed up as they are added. The agent also allows you to selectively pick which databases you want to protect.

Cohesity Public Website: https://www.cohesity.com/

Cohesity Documentation (SQL): https://docs.cohesity.com/6_4_1/Web/UserGuide/Content/MSSQL/SQLRequirements.htm?tocpath=MS%20SQL%7C_____1

Running ClamAV App on the Cohesity Platform 6.5

Posted on June 23, 2020 by Tim

Running ClamAV App on the Cohesity Platform 6.5.0a: https://www.youtube.com/watch?v=iXGJVCdIseY

In this video, I walk you through enabling the use of apps on the Cohesity platform, installing, configuring and running the Clam AV app to protect file shares located on the Cohesity platform.

The Cohesity platform can act as a File/Object store (NAS) to replace your existing NAS or Windows File Shares. We also run Cohesity and 3rd party applications as containers on our platform. See our Marketplace for a full list of the available apps.

ClamAV App Description:

Protecting data on your file storage against viruses is important but relying on antivirus sitting outside of your NAS environment is inefficient. Moving data over the network for antivirus scans outside of your NAS servers adds unnecessary overhead and makes data vulnerable.

Now, with the integrated Clam AV app offered by Cohesity, users can scan the files stored in the Cohesity DataPlatform directly, without sending the files to an external scanner.

Cohesity Marketplace: https://marketplace.cohesity.com/app-details/clamav

Cohesity Public Website: https://www.cohesity.com/

Running the Insight Application on the Cohesity Platform 6.5

Posted on June 23, 2020 by Tim

Running the Insight Application on the Cohesity Platform 6.5.0a: https://www.youtube.com/watch?v=u3-M_DV0RBI

In this video, I walk through the process of downloading, installing, configuring and running the Cohesity Insight application on the Cohesity platform. I show the power of the app and how it can search for text patterns in numerous file types. See below for additional information on the Cohesity Insight application.

Insight App Description:

As backup and unstructured data grows exponentially, customers are often unaware of what data is stored, who has access to it and for how long. Customers need to retrieve or take action on files that contain specific information to gain business insights or for compliance purposes.

The Cohesity Insight app can help you easily perform an interactive text search on data stored on the Cohesity DataPlatform. The file types covered include office, text, pdf’s and zipped folders of these file types. The app can be pointed to Cohesity file shares (Views) as well as backed up objects.

Marketplace – Insight App: https://marketplace.cohesity.com/app-…

Cohesity Public Website: https://www.cohesity.com/

Cohesity Initial Configuration – Basic Overview

Posted on October 10, 2019 by Tim

As of October 30th, 2019, I started a new professional journey as a pre-sales Sr systems engineer with Cohesity. After six years working for VMware doing the same thing, I decided I needed a change. So far I have been very impressed with the company and our solutions.

So here is my second enablement video with Cohesity content where I provide a basic overview of an initial configuration of a Cohesity environment (version 6.1.1).

Link: https://www.youtube.com/watch?v=sxTUPPh3Zps&feature=youtu.be

Cohesity (UI) User Interface – Overview Video

Posted on October 10, 2019 by Tim

So in true fashion, I have learned enough to be dangerous and have created my first set of enablement videos with Cohesity content. Check out my first official video I created with Cohesity where I provide an overview of the Cohesity (UI) User Interface (version 6.1.1).

Link: https://www.youtube.com/watch?v=sxTUPPh3Zps&feature=youtu.be

Project Pacific Technical Overview for New Users

Posted on September 10, 2019 by Tim Sandy

Project Pacific Technical Overview for New Users

VMware’s Project Pacific is a re-configuration of vSphere that integrates Kubernetes as it’s control plane to allow for a higher level of abstraction that dramatically simplifies how we build, deploy, and manage modern applications and streamlines IT Operations and Development in today’s cloud-native and hybrid cloud world.

Share this:

Like this:

Related Links:

Share this:

Like this:

Share this:

Like this:

Protecting Against Ransomware with Cohesity:

Here is an example of what can happen in your typical ransomware attack of today:

There are numerous costs associated to the attack:

How Cohesity Protects You Against Ransomware:

Additional Resources – Cohesity & Ransomware Protection:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this: