Skip to main content

ONTAP cyber vault overview

What is a cyber vault?

A cyber vault is a specific data protection technique that involves storing critical data in an isolated environment, separate from the primary IT infrastructure.

"Air-gapped", immutable and indelible data repository that is immune to threats affecting the main network, such as malware, ransomware, or even insider threats. A cyber vault can be achieved with immutable and indelible snapshots.

Air-gapping backups that use traditional methods involve creating space and physically separating the primary and secondary media. By moving the media offsite and/or severing connectivity, bad actors have no access to the data. This protects the data but can lead to slower recovery times.

NetApp's approach to cyber vault

Key features of NetApp reference architecture for a cyber vault include:


  • Secure, isolated storage infrastructure (e.g., air-gapped storage systems)

  • Copies of the data must be both immutable and indelible without exception

  • Strict access controls and multi-factor authentication

  • Rapid data restoration capabilities


You can use NetApp storage with ONTAP as an air-gapped cyber vault by leveraging SnapLock Compliance to WORM-protect Snapshot copies. You can perform all the basic SnapLock Compliance tasks on the Cyber vault. Once configured, Cyber vault volumes are automatically protected, eliminating the need to manually commit the Snapshot copies to WORM. More information on logical air-gapping can be found in this blog

image.png

 

Back to top