News

VMware Details New Ransomware, Disaster Recovery Protections

• By David Ramel
• 08/22/2023

VMware detailed its latest protections against ransomware -- along with disaster recovery improvements -- as its big VMware Explore 2023 conference kicked off in Las Vegas, citing moves across several properties.

The big show's focus on ransomware (at least seven specific sessions -- see below) reflects just how much of a plague it has become for enterprises and organizations of all types and sizes over the past few years, cementing itself as today's biggest cybersecurity problem.

One big ransomware-related announcement is that VMware Ransomware Recovery coverage has been expanded to the company's Google Cloud offerings. "We are pleased to announce that VMware Ransomware Recovery and VMware Cloud DR now protect Google Cloud VMware Engine workloads," the company said in an Aug. 22 blog post.

That announcement and other news fall under the company's vision for multi-cloud data protection, extended to any cloud platform.

"Google Cloud VMware Engine customers can take advantage of VMware's industry-leading ransomware recovery-as-a-service solution to confidently and quickly recover from modern ransomware," the company said. "Once the identification and validation processes have been completed, customers can restore their workloads back to their original Google Cloud VMware Engine site."

The extended coverage helps VMware's solutions meet the challenges presented when trying to safeguard critical data against ransomware attacks, with the company listing three such main challenges:

• Growing attack surface: Multi-cloud environments often lead to data fragmentation, as data becomes dispersed across distributed data centers, public clouds, and edge devices. This dispersion makes it challenging to maintain centralized visibility and exposes the data to various vulnerabilities.
• Increasing sophistication of attacks: The attacks themselves have become more sophisticated. Most attacks today exclusively use fileless techniques. These forms of attacks work in-memory and use legitimate protocols to to evade detection, exploit vulnerabilities, and gain stronger footholds in compromised systems.
• Inconsistent operating models: Each cloud provider has its own operating model and services, creating a complex landscape. The lack of consistency across clouds forces companies to protect their multi-cloud environments using disjointed tools and processes. When a ransomware attack occurs, recovery is long and unpredictable due to the many tools and manual processes involved.

Those challenges are also being addressed on several other fronts, as the company also announced:

• Multi-VM Ransomware Recovery: This introduces bulk VM processing for VMware Ransomware Recovery, enabling streamlined, automated recovery of multiple VMware VMs simultaneously while also enhancing speed and efficiency through bulk processing and concurrent analysis for quicker restoration after ransomware attacks.
• Cybersecure Storage: This is a technology preview that enhances recovery speed by integrating VMware Ransomware Recovery's workflow with vSAN snapshots for efficient delta-based transfers, while offering simplified operations through cloud auto-replication and intelligent baseline snapshot recovery.

  

• Run Production Workloads in the Cloud: VMware Ransomware Recovery enables running production VMs in the cloud during site reinforcement and forensics, set to launch in the third quarter of fiscal 2024.
• Multi-Cloud Recovery: In addition to VMware Cloud DR and Ransomware Recovery now protecting Google Cloud VMware Engine workloads, which is now generally available, VMware also announced similar protections for AWS Outposts workloads -- though in the "technology preview" stage -- to further multi-cloud workload recovery after disasters, including ransomware attacks.

Further illustrating VMware's focus on ransomware is the full slate of related sessions for this week, which includes:

• 10 Exciting Things To Know About VMware Ransomware and Disaster Recovery [CEIB2561LV]
• 5 Steps to A Strong Ransomware Defense [CEIB2562LV]
• Ransomware Recovery Customer and Partner Panel [CEIB2560LV]
• Cyber Secure Storage and Data: VMware's Next Storage Frontier? [CEIB2594LV]
• Ransomware Recovery: What Comes After XDR? [CEIB2583LV]
• Meet The Expert: VMware Ransomware and Disaster Recovery [CEIM2582LV]
• Architecting VMware DR Solutions for Ransomware and Disaster Recovery [CEIT2584LV]

Stay tuned for more ransomware news and other announcements from the show, which concludes on Thursday.