Home > Data Protection > PowerProtect Cyber Recovery > Dell PowerProtect Cyber Recovery: Reference Architecture > Cyber Recovery solution components
The Cyber Recovery solution includes the following components:
Production DD series—The source DD series contains the production data that the Cyber Recovery solution protects.
Vault DD series—The DD series system in the Cyber Recovery vault is the replication target for the source DD series.
Cyber Recovery software—The Cyber Recovery software orchestrates synchronization, manages, locks the multiple data copies that are stored on the DD series in the Cyber Recovery vault, and orchestrates recovery. The software also governs the optional process of performing analytics on data that is stored on the DD series in the Cyber Recovery vault using the CyberSense feature.
Retention Lock (governance or compliance) software—Data Domain Retention Lock technology provides data immutability for a specified time. Retention Lock functionality is enabled based on Cyber Recovery policy configuration.
Cyber Recovery management host—Cyber Recovery software is installed on the management host. This server is installed in the vault environment.
Recovery hosts—The backup application recovery server is a designated server to which the backup application (NetWorker, Avamar, PowerProtect Data Manager, or other applications or combination of applications) and backup application catalog are recovered. Multiple servers can be deployed, depending on the recovery requirements of the solution. The backup application recovery server is sized so that all backup applications that are being protected by the Cyber Recovery solution can be recovered. If the Cyber Recovery solution is protecting a physical, single-node Avamar system in a production environment, a single-node Avamar system must also reside in the vault for recovery purposes.
Analytics/indexing host (CyberSense)—Cyber Recovery is the first solution to fully integrate with CyberSense. CyberSense adds an intelligent layer of protection to help find data corruption when an attack penetrates the data center. CyberSense is deployed on the Cyber Recovery vault environment. This innovative approach provides full content indexing. It uses machine learning (ML) to analyze the backup copies in the vault with over 100 content-based statistics and detects signs of corruption due to ransomware. CyberSense detects corruption with up to 99.5 percent confidence, identifies threats, and diagnoses attack vectors while protecting the business-critical content – all within the security of the vault.
Enhancements with CyberSense Version 7.9:
Enhancements with CyberSense Version 8.0:
Enhancements with CyberSense 8.2.0:
The term “air gap” implies physical isolation from an unsecure system or network. Logical air gap describes a physical connection but logical isolation from the network. The logical air gap provides another layer of defense by reducing the surface of attack.
Cyber Recovery provides the air-gapped feature to keep the Cyber Recovery vault disconnected from the production network. The DD series in the Cyber Recovery vault is disconnected (air-gapped) from the production network most of the time and is only connected when Cyber Recovery triggers replication.
The DD series in the Cyber Recovery vault is connected to the production DD series only during the data synchronization operation.