Cohesity Version 6.5.1 Released!

On August 17th, Cohesity announced the release of their new platform version 6.5.1! This release is packed with over 75 enhancements since the last release. Since there are so many, we can’t really go through them in any detail. However, below is a very long and distinguished bulleted list of most of the enhancements in the 6.5.1 release.

NOTE:  The below list of enhancements in version 6.5.1 are (GA) Generally Available with the exception of the individual listed items marked with either BETA or TECH PREVIEW.

  • CLOUD: 
    • Microsoft 365 –
      • (TECH PREVIEW) SharePoint Online support
      • (TECH PREVIEW) SharePoint Online site documents
      • (GA) OneDrive
      • (GA) Exchange
      • (GA) Filter users based on Azure Active Directory Attributes
    • Azure –
      • Incremental APIs for Managed Disk VMs
      • Support for Hyper-V GEN2 VMs
    • AWS –
      • A backup admin can specify a VPC and Subnet for fleet instances at the source level for backup
    • Helios On-Prem & Global Policies –
      • On-premise multi-cluster management: single pane of glass experience for customers with many dark sites (Tech Preview)
      • Global policies: Enable policies at a global level for global and standardized governance and data management
      • New storage impact simulation and enhanced ransomware detection
    • (TECH PREVIEW) Exchange DAG Awareness –
      • Active/Active DAG configuration and automating DP for Exchange server mailboxes
      • Simplifies Server and Exchange DAG discovery and registration
      • Helps backup admins reorder backup priority of Exchange mailboxes base on their own requirements
    • (TECH PREVIEW) Integrated NoSQL/Hadoop experience –
      • Strengthening our NoSQL and Hadoop solution by unifying the comprehensive backup and recovery solution into a single framework
      • Unified protection and experience for your traditional and modern NoSQL databases
      • All workflows of DataProtect apply to NoSQL and Hadoop: a simple and comprehensive solution that’s a differentiator
    • Oracle –
      • Backup with “sysbackup” privilege
      • (TECH PREVIEW) Secondary VLAN for registration, backups, recovery, and cloning support
      • (TECH PREVIEW) Backup Oracle on Windows Servers support
      • Backup support for TDE databases
      • Pfile control during restore/clone functions
      • Log backup archival and PIT restore from archive
      • Enhanced Oracle pre-check utility
    • SQL –
      • (GA) Error message handling framework
      • (TECH PREVIEW) Exclude a SQL DB from a protection group
      • (TECH PREVIEW) Resume recovery after fail
    • SAP HANA 2.0 –
      • (GA) SAP HANA On Power
      • (BETA) Oracle on Linux
      • (GA) Uses native API for backup, recovery, enquiry, and delete
      • (GA) New RPM is downloadable from UI
    • Secondary NetApp –
      • Back up data protection volumes from secondary NetApp
      • Save space and no impact to their primary by backing up from the snapmirror copy and help reduce TCO
    • VMware Enhancements –
      • VMware SAN Transport via FC for better bandwidth/performance
      • File-level recovery with VMTools
      • Register vCenter on secondary network
      • VMware VM Recovery with Copy Recovery
    • Compute-Only Nodes –
      • Options –
        • Cisco UCS C220 M5
        • HPE DL360
        • Dell R640
        • Also some (BYOH) Bring-Your-Own-Hardware options with Cisco, HPE, Dell, Fujitsu, and Lenovo
      • Dedicated nodes for computing in a Cohesity cluster for running resource-intensive apps
      • Customers now have the flexibility to independently scale compute or storage resources
      • Experience better performance for resource intensive workloads
    • New Cohesity C6055 Nodes –
      • C6055 Node –
        • High capacity 1U node
        • Cost competitive dense node for lower TCO for replication and archives
        • New expanded platform support: Fujitsu, Dell ROBO
      • CX8405 Node –
        • Dense All-Flash platform (92.16 TB RAW per node)
    • New Fujitsu RX2540 M5 Node –
      • New OEM partner hardware
      • (2) Options –
        • 8TB RAW/5.3TB Usable
        • 16TB RAW/10.6TB Usable
    • New Cisco Configurations –
      • Cisco UCS S3260 – 14TB drive integration
        • (2) Options –
          • Half-populated drives – 294TB RAW/194TB Usable
          • Fully-populated drives – 588TB RAW/388TB Usable
      • Cisco UCS C220 M5 –
        • 4TB drives – 12TB RAW/8TB Usable
    • New Dell R640 ROBO Node –
      • (2) Options –
        • 46TB RAW/42TB Usable
        • 96TB RAW/64TB Usable
    • Physical Agent –
      • Auto upgrade agent after cluster upgrade
      • Directive-file backup support
      • Protect all local volumes support option in protection group
      • Auto deployment of agent
      • Parallel file/folder data protection
      • Support registering physical server on (2) Cohesity clusters
    • SmartFiles (NAS) –
      • Intent-Based views
      • New SMB SuperUser for share level permissions of SMB views
      • Audit Log – filter tab
      • Support for NIS environments
      • User mapping between Active Directory and NIS Provider
      • External NAS Tiering – Uptiering
    • (TECH PREVIEW) MegaFile Restores for Physical Data Sources –
      • Backup/Restore large files faster, help meet SLAs
      • Support for AIX, Linux, Windows for files > 64GB
      • 3x faster restores for physical data source files > 64GB
    • (TECH PREVIEW) Service Providers – Pay-Per-Use Consumption –
      • Introducing a consumption-based pricing model for service providers
      • Traditional licensing locks service providers into multi-year license cycles and flat-fee monthly subscriptions
      • Cohesity is the only vendor that allows SPs to choose their own monthly commit and pay only for the software they consume through metered pricing for multiple SP offerings
    • Fault Tolerance –
      • New (EC) Erasure Coding configurations – EC 6:2/EC 8:2
    • Next Gen User Interface –
      • Global dashboard view
      • Multi-Cluster Monitoring
      • Smart context aware click-throughs
      •  Security Dashboard
      • Global Actionable Search
      • Single Cluster Dashboard
      • Physical Usage Reporting for Tenants
      • Physical Usage Reporting for Jobs
      • Dark Theme
      • Enhanced Reporting & Planning
      • Quick Protect
      • Quick Policy
      • One-time Protect
      • Dashboard Heatmaps
      • Reporting – Data Transferred to External Targets
      • Protection Group Run Details
      • Password management to force password changes

Blog Announcement:

Cohesity Public Site:

Protecting Against Ransomware with Cohesity

Protecting Against Ransomware with Cohesity:

As most of you are aware, 2020 has been especially riddled with Ransomware attacks against large corporations. However, large corporations are not the only ones under attack. These attacks are against all types of businesses from the largest corporations all the way down to the small mom and pop businesses. Government agencies to include federal, state, and local are under constant attack as well.

The most notable ransomware attacks that most have heard about include Garmin, Travelex, University of California San Francisco, Honda, and Canon USA. Click on the appropriate company name to go to an article specific to that companies attack.

Most of the data protection solutions on the market (especially the legacy solutions) today have fallen pray to the above list of recent Ransomware attacks as well as many others.

To this day, not one Cohesity customer has had a successful ransomware attack to where they gained access to their Cohesity backups to delete or encrypt them and where they have followed our security hardening guidelines. That means that our customers have been able to detect, prevent, and/or recover and not have to pay any ransom whatsoever.

Here is an example of what can happen in your typical ransomware attack of today:

  • Employee clicks on link in an email and hackers gain access to your network.
  • Hacker then installs a key logger and gets an administrators credentials to systems (including your data protection system) on the network.
    • Hackers delete your backups of systems to ensure you can’t recover from backups and have to pay them the ransom.
  • If they don’t get administrator credentials to backup solution, they encrypt the backs first to again make sure you can’t recover any systems from backups and force you to pay the ransom.
  • If the company has any CCPA, GDPR, or other compliance related requirements and associated data, they collect that data.
  • They then encrypt the systems on the network.
  • Hackers notify the company that they have encrypted their systems and tell them they must pay a ransom to get the encryption keys to decrypt their systems. If they obtained any compliance related data, they also tell the company that they will publicly post the private data. If they do that, the company by law then has to publicly announce that they had a data breach. They then can be fined a very large amount of money for breaking compliance itself. This is a separate cost from the ransom.
  • Hackers typically give the company a certain time frame to pay the ransom or lose everything after that date as well as post any compliance related information on the internet.
  • If the company pays the ransom, it typically requires payment in Bitcoin because it is private and untraceable. Most companies don’t have a Bitcoin account, so they will need to pay a 3rd party company to convert the payment to Bitcoin in which the hackers will accept.
  • Once the ransom is paid, the hackers will provide all the decryption keys for every system that was encrypted.
  • The customer then has to randomly associate each decryption key to each server which can take days to do. The hackers don’t tell them which key goes to what specific server. If you have thousands of servers, that is a painfully long process all while your IT systems are still down.
  • Each virtual machine has to have twice the size of space on it in order to decrypt the system. Otherwise if there is not enough room on drive, decryption will fail until additional drive space is added. The time to go through this process can be painfully long based on how many systems need to be configured with additional storage.
  • At this point, this entire process from start to finish could be from days to weeks or more for a company to fully recover IF they pay the ransom.

For the company that has been attacked, if they have to pay the ransom due to being unable to restore from backups, this could mean a huge revenue loss for the company long term.

There are numerous costs associated to the attack:

  • The ransom itself.
  • The cost for 3rd party company to convert payment to Bitcoin.
  • Potential fines for breaking compliance due to leaked data if ransom not paid.
  • The associated cost of lost revenue due to systems being down for days, weeks, or more due to attack and recovery time frame of IT internal and externally facing services.
  • The associated cost of lost revenue due to bad reputation after personal data leaked.
  • The associated cost of massive increased hours worked by IT staff and any other employees to recover systems until they are back to normal operations.
  • Cost of new hardware/software implementation and associated man hours to implement new security measure to keep from being attacked again.
  • Legal actions against company for personal data leaked and other various reasons.

There are numerous precautions that can be taken to minimize the risk of your organization being attacked as well as recover easily and quickly to get your IT services up and running again. With that, securing your data protection (backup) solution becomes critical to protecting yourself against ransomware attacks.

How Cohesity Protects You Against Ransomware:

Cohesity takes security very serious and has extensive integrated cybersecurity in our solution. Listed below are the ways in which we protect your backups in our platform with the below principles and capabilities.

  • Reduce Attack Surface –
    • Zero trust architecture.
    • Bank-grade encryption (FIPS 140-2, NIST certified).
    • Single global platform.
    • No Windows or Linux front-end server.
  • Assess Security Posture & Vulnerabilities –
    • Vulnerability Management:
      • CyberScan App – Uncover cyber exposures and blind spots within your production environment by running on-demand and automated scans on backup snapshots against known vulnerabilities.
    • Advanced Threat Detection:
      • SentinalOne App – AI-powered prevention engine to Cohesity storage clusters, delivering the highest efficacy, lowest false positives, and most performant prevention technology. 100% signature-free and relies on machine learning models to deliver next-generation prevention. 
    • ClamAV App – Scan the files stored in the Cohesity DataPlatform directly, without sending the files to an external scanner.
    • Configuration analysis.
  • Access Management & Auditing –
    • Web UI, CLI, REST API’s all use SSL with TLS 1.2 and above.
    • Self-signed X509 certificates or company CA/certificates can be used.
    • (2FA) Two Factor Authentication (CAC / SAML).
    • Microsoft Active Directory integration and (RBAC) Role-Based Access Control.
    • Operational & file level accounting.
    • System & product level auditing.
    • Exportable granular audit logs.
    • Send logs to external syslog server.
    • Global whitelists network segments, individual IP’s, etc.
  • Data Governance / Compliance –
    • SEC 17a-f (f) certified.
    • FIPS 140-2 certified.
    • Common Criteria EAL2+ certification.
    • TAA certification.
    • (ATO) Authority to Operate.
    • Certified for AWS Govcloud, C2S, and Azure Govcloud.
    • GDPR / CCPA Governance –
      • Global actionable search.
      • We reduced copies of data on average from 8-10 copies to potentially 1-2 copies.
  • Defend –
    • Immutable file system.
    • DataLock / (WORM) Write-Once-Read-Many.
    • Provides a virtual “air gap”.
  • Detect –
    • Helios machine learning driven anomaly detection.
      • Daily change rate on Logical data.
      • Daily change rate on stored data.
      • Pattern based on historical data ingest.
  • Respond –
    • Google-like global actionable search.
    • Instant mass restore – Recover hundreds or more virtual machines and have services up and running in the matter of minutes.
    • Salable file system to store years worth of backup copies.

Additional Resources – Cohesity & Ransomware Protection:

Cohesity & Pure Storage Partnership Announcement

On August 12, 2020, Cohesity has officially announced the partnership with Pure Storage for their joint solution called Pure FlashRecover – Powered by Cohesity which is the industry’s first jointly-engineered all-flash modern data protection solution for rapid recovery, ransomware protection, and reuse of data.

Pure and Cohesity have formed this partnership based on strong customer demand for an integrated all-flash data protection solution that empowers customers to easily, quickly, and reliably back up and recover their data at scale. The companies have also formed this partnership at a time when more customers are embracing cloud services and are seeking ransomware protection.

Pure FlashRecover, Powered by Cohesity delivers all-flash data backup and recovery capabilities that enterprises require for restoring data rapidly in the face of a disaster or a ransomware attack. It enables flash-to-flash-to-cloud data protection and allows rapid, independent scaling of processing, throughput, and storage capacity for the most efficient use of all resources.

The solution also empowers organizations to future-proof data center investments and realize new levels of performance to meet growing petabyte-level recovery requirements. In addition, the solution enables backup data to be reused for analytics and DevOps, allowing multiple applications to leverage data stores on the high-performance, unified fast file and object FlashBlade platform.

By combining Cohesity DataProtect software with Pure’s unified fast file and object FlashBlade platform, the integrated solution delivers:

  • Performance: up to 3x faster backup and restore throughput than disk-based alternatives, capable of recovering thousands of virtual machines and up to 1PB of data a day to meet large-scale disaster recovery needs.
  • Integration: single-point purchasing, deployment and support all delivered through Pure, eliminating the need for customers to go through two vendors. Pure is now a Cohesity Technology Partner and the companies have committed to joint innovation.
  • Scalability: disaggregated compute and storage to enable independent scaling for backup / recovery processing, throughput, and storage capacity for the most efficient use of resources.
  • Simplicity: ease of management provided by cloud integration that enables flash-to-flash-to-cloud backup and recovery, low-cost public cloud storage for long-term retention, and non-disruptive upgrades.

Pure FlashRecover, Powered by Cohesity is being tested by joint customers today and will be generally available in the United States in Q4 CY2020 and in countries outside the United States in the coming quarters.

For More Information
To find out how your organization can leverage the benefits of Pure FlashRecover, Powered by Cohesity, visit:

For the full announcement on the Cohesity Blog page, see the below link.

Announcement (Blog):

Cohesity Data Protection DEMO (Short)

Cohesity Data Protection DEMO (Short):

In this demo, I do a quick run through of the Cohesity 6.4.1 user interface related to the Data Protection use case specifically. This is not meant to be a complete demo of the entire interface and functionality, just a quick overview for the Data Protection use case only.

I start off by showing the types of sources you can connect to such as External Cloud Providers (AWS, Azure, GCP, etc.) as well as hypervisors, physical servers, databases, O365, Active Directory, NAS, etc.

Then I show how simple it is to create policies so that you can do local and long term retention, replication to other clusters, archive to the cloud, database logs, and much more.

The next step is to create a protection jobs for the various sources we mentioned above. We select the appropriate policy to associate to this protection job, and set various other settings such as QOA policy, SLA time frame, priority, etc.

If you would like to see a complete demo of the entire interface of our new 6.5.0 version, see my other video titled “Cohesity 6.5 User Interface Overview (DEMO)“…Click Here!

Cohesity 6.5 User Interface Overview (DEMO)

Cohesity 6.5 User Interface

Cohesity 6.5 User Interface Overview (DEMO):

Want to know more about the new Cohesity 6.5 (UI) User Interface and all the core capabilities, watch the below video of the demo. Not all capabilities (old and new) are covered in this demo, it is meant to provide an overview of the core capabilities.

Topics covered in this demo:

  • Registering Sources
  • Registering External Sources
  • Creating Policies
  • Creating Protection Jobs
  • Restores (File & Virtual Machine)
  • Clone Virtual Machine
  • Creating Views/Shares (SMB/NFS/S3)
  • Cohesity Marketplace Apps
  • Reporting
  • System Information

What’s New in 6.5:

  • Comprehensive Protection for Kubernetes Namespaces
  • (CDP) Continuous Data Protection for Mission-Critical Virtual Machines
  • Heterogenous Cluster Support
  • ROBO Appliance Availability
  • Dramatically Faster SQL Database Migration
  • Higher Data Resiliency
  • Runbook Automation for VMware Failover (DR)
  • Helios Mobile App

For more detailed information on what’s new in Cohesity 6.5, see the below link.

Cohesity Public Website:

Backing Up & Restoring Active Directory With Cohesity 6.5

Backing Up & Restoring Active Directory With Cohesity 6.5:

In this video, I quickly run through how to connect to (AD) Active Directory as a source and register it as an Active Directory server using our latest software version 6.5. Then I show a Active Directory protection job I had already ran previously. And finally, I show how easy it is to perform a Active Directory restore of a user account in which I deleted at the beginning of the video.

Cohesity has an agent install that allows us to do granular backups and recoveries of Microsoft’s Active Directory objects. Anyone that has had to do an “Authoritative AD Restore” in their day knows how painful that can be after someone has deleted an entire (OU) Organizational Unit from Active Directory!

With Cohesity, you are able to backup the entire Active Directory database. Then do a granular restore of a single or multiple AD objects. The user interface presents you a comparison screen to show what AD objects are missing compared to a previous backup snapshot making it easy to see what has been deleted.

If you have enabled the AD Recycle Bin feature, we will restore it from there to ensure all the properties of the AD object are restored with it. If you do not have AD Recycling Bin enabled, we will restore the object but may be missing some properties in the same way it would with an Authoritative Restore after the Tombstone period has passed.

So system administrators can celebrate…no more are the days of doing an “Authoritative Restore” on your Domain Controllers! It is now quick and easy to restore an object.

Cohesity Public Website:

Cohesity Documentation (Active Directory):

Backing Up, Restoring, & Cloning SQL Databases With Cohesity (v6.4.1)

Backing Up, Restoring, & Cloning SQL Databases With Cohesity (v6.4.1):

In this video, I will show you how to register SQL servers as a source in the Cohesity version 6.4.1 user interface. Then I show how to create two protection jobs, one for a stand-alone SQL server and another for a SQL AAG.

Then we walk through how to recover the SQL (AAG) Always on Availability Groups database to the stand-alone SQL server as well as clone it. The we wrap up by taking a quick look at the SQL Dashboard.

Cohesity has an agent install that allows us to do more granular backups and restores to SQL databases. You can protect stand-alone, clustered and (AAG) Always on Availability Groups SQL servers. You can use our “Auto-Protect” feature so that when a new SQL server has been added to a SQL cluster or AAG, it automatically gets backed up as they are added. The agent also allows you to selectively pick which databases you want to protect.

Cohesity Public Website:

Cohesity Documentation (SQL):

Running ClamAV App on the Cohesity Platform 6.5

Running ClamAV App on the Cohesity Platform 6.5.0a:

In this video, I walk you through enabling the use of apps on the Cohesity platform, installing, configuring and running the Clam AV app to protect file shares located on the Cohesity platform.

The Cohesity platform can act as a File/Object store (NAS) to replace your existing NAS or Windows File Shares. We also run Cohesity and 3rd party applications as containers on our platform. See our Marketplace for a full list of the available apps.

ClamAV App Description:

Protecting data on your file storage against viruses is important but relying on antivirus sitting outside of your NAS environment is inefficient. Moving data over the network for antivirus scans outside of your NAS servers adds unnecessary overhead and makes data vulnerable.

Now, with the integrated Clam AV app offered by Cohesity, users can scan the files stored in the Cohesity DataPlatform directly, without sending the files to an external scanner.

Cohesity Marketplace:

Cohesity Public Website:

Running the Insight Application on the Cohesity Platform 6.5

Running the Insight Application on the Cohesity Platform 6.5.0a:

In this video, I walk through the process of downloading, installing, configuring and running the Cohesity Insight application on the Cohesity platform. I show the power of the app and how it can search for text patterns in numerous file types. See below for additional information on the Cohesity Insight application.

Insight App Description:

As backup and unstructured data grows exponentially, customers are often unaware of what data is stored, who has access to it and for how long. Customers need to retrieve or take action on files that contain specific information to gain business insights or for compliance purposes.

The Cohesity Insight app can help you easily perform an interactive text search on data stored on the Cohesity DataPlatform. The file types covered include office, text, pdf’s and zipped folders of these file types. The app can be pointed to Cohesity file shares (Views) as well as backed up objects.

Marketplace – Insight App:…

Cohesity Public Website:

Cohesity Initial Configuration – Basic Overview

As of October 30th, 2019, I started a new professional journey as a pre-sales Sr systems engineer with Cohesity. After six years working for VMware doing the same thing, I decided I needed a change. So far I have been very impressed with the company and our solutions.

So here is my second enablement video with Cohesity content where I provide a basic overview of an initial configuration of a Cohesity environment (version 6.1.1).


Cohesity (UI) User Interface – Overview Video

As of October 30th, 2019, I started a new professional journey as a pre-sales Sr systems engineer with Cohesity. After six years working for VMware doing the same thing, I decided I needed a change. So far I have been very impressed with the company and our solutions.

So in true fashion, I have learned enough to be dangerous and have created my first set of enablement videos with Cohesity content. Check out my first official video I created with Cohesity where I provide an overview of the Cohesity (UI) User Interface (version 6.1.1).