Home > Storage > PowerScale (Isilon) > Product Documentation > Security and Compliance > PowerScale Cyber Protection Suite Reference Architecture > PowerProtect Cyber Recovery vs PowerScale Cyber Protection Suite
The primary objective of the PowerProtect Cyber Recovery and the PowerScale Cyber Protection Suite differs in key areas. Although the primary focus of this paper is the PowerScale Cyber Protection Suite, it is important to understand the data protection impacts offered by each solution.
The PowerProtect Cyber Recovery solution requires a full PowerScale cluster backup, which may be a time-consuming process depending on the overall cluster size. By contrast, the PowerScale Cyber Protection Suite does not require a full backup of the cluster, allowing administrators to define a business continuity dataset. The business continuity dataset is composed of specific directories, shares, exports, or snapshots. A smaller dataset, rather than a full cluster backup, also allows for quick recovery times, because only impacted datasets are restored.
The PowerScale Cyber Protection Suite uses an audit trail, integration with 3rd party devices, and real-time monitoring for access anomalies to quickly disrupt a ransomware event. AI powered threat detection monitors the production clusters and sends alerts of any suspicious activity. The ransomware event interceptions include protection against data exfiltration early in the lifecycle, minimizing ransomware attack vectors and impacts.
The PowerScale Cyber Protection Suite offers replication of the business continuity datasets to a PowerScale cluster in a cyber vault. Because the cyber vault PowerScale cluster is a complete cluster, rather than a singular storage array, it offers all the options of a full PowerScale cluster. In the event of a ransomware attack, administrators have two options for restoring data:
Converting the cyber vault cluster to a production cluster offers minimal downtime rather than waiting for datasets to copy from the vault cluster to production cluster, providing a powerful last resort option.
If a ransomware attack occurs in which data is exfiltrated, administrators must restore data quickly to ensure minimal business impacts. Because the PowerProtect solution requires a full cluster backup, there is no option to selectively restore data. During the data exfiltration process, the malicious parties attempt to steal an organization’s most sensitive data. If only some of the data has been exfiltrated, restoring an entire cluster is a time-consuming process. The Cyber Protection Suite allows administrators to restore only the datasets that were exfiltrated, minimizing down time.