Home > Storage > PowerMax and VMAX > Data Protection > Dell Technologies Geographically Dispersed Disaster Restart (GDDR) for PowerMax > GDDR zCPA: Cyber Protection Automation for z Systems
Over the last several years there has been an increasing requirement to protect data from logical corruption or malicious access from bad actors. Dell Technologies responded with Data Protector for z Systems (zDP), which provided automation for making up to 1024 space efficient snapshots per volume at frequencies as low as every five minutes in a VMAX or PowerMax array. zDP utilizes capacity in a production array, often at the disaster recovery site, to provide immutable snapshots that can be used for recovery from a cyber attack.
In addition to these ‘virtual vaults’, requirements have emerged for mainframes to utilize an isolated physical vault for DASD. This can be achieved by using an array dedicated to this purpose with either minimal connectivity (SRDF connections only) or no connectivity (physically air-gapped) in the production data center or at a separate site.
GDDR 6.0.0 introduced automation to provide for the ongoing population of a physical vault array on a continuous basis. This feature is called Cyber Protection Automation (zCPA) and can be deployed in any GDDR topology. An example of zCPA in a SQAR topology is shown below with one Cyber Recovery (CR) site. There can be as many Cyber recovery sites as there are sites in the GDDR topology.
GDDR zCPA works with zDP to provide three different methods for populating a physical cyber vault array, one that utilizes an air gap between the production site and the cyber vault site and two that do not utilize an airgap. In all methods, zCPA monitors and controls zDP snapset automation to achieve the differential resynchronization of zDP snapsets in a production site array (DC4 in Figure 10Figure 8) with the cyber vault array in the cyber recovery site CR1. The three methods are: