July 2, 2024 By Raul Raudry 3 min read

IBM Storage Defender is a purpose-built end-to-end data resilience solution designed to help businesses rapidly restart essential operations in the event of a cyberattack or other unforeseen events. It simplifies and orchestrates business recovery processes by providing a comprehensive view of data resilience and recoverability across primary and  auxiliary storage in a single interface.

IBM Storage Defender deploys AI-powered sensors to quickly detect threats and anomalies. Signals from all available sensors are aggregated by IBM Storage Defender, whether they come from hardware (IBM FlashSystem FlashCore Modules) or software (file system or backup-based detection).

IBM Storage FlashSystem with FlashCore Module 4 (FCM4) can identify threats in real-time by building into the hardware, collect and analyze stats for every single read and write operation without any performance impact. IBM Storage Defender and IBM Storage FlashSystem can seamlessly work together to produce a multilayered strategy that can drastically reduce the time needed to detect a ransomware attack.

As shown in the following diagram, the FlashCore Module reports potential threat activity to IBM Storage Insights Pro, which analyzes the data and alerts IBM Storage Defender about suspicious behaviors coming from the managed IBM Storage FlashSystem arrays.  With the information received, IBM Storage Defender proactively opens a case.  All open cases are presented in a comprehensive “Open case” screen, which provides detailed information about the type of anomaly, time and date of the event, affected virtual machines and impacted storage resources. To streamline data recovery, IBM Storage Defender provides recommended actions and built-in automation to further accelerate the return of vital operations to their normal state.

IBM Storage FlashSystem also offers protection through immutable copies of data known as Safeguarded Copies, which are isolated from production environments and cannot be modified or deleted. IBM Storage Defender can recover workloads directly from the most recent trusted Safeguarded Copy to significantly reduce the time needed to resume critical business operations, as data transfer is performed through the SAN (FC or iSCSI) rather than over the network.  In addition, workloads can be restored in an isolated “Clean Room” environment to be analyzed and validated before being recovered to production systems. This verification allows you to know with certainty that the data is clean and business operations can be safely reestablished. This is shown in the following diagram.

When a potential threat is detected, IBM Storage Defender correlates the specific volume in the IBM Storage FlashSystem associated with the virtual machine under attack and proactively takes a Safeguarded Copy to create a protected backup of the affected volume for offline investigation and follow-up recovery operations. When time is crucial, this rapid, automatic action can significantly reduce the time between receiving the alert, containing the attack and subsequent recovery. This proactive action is shown in the following diagram.

Ensuring business continuity is essential to build operational resilience and trust, IBM Storage Defender and IBM Storage FlashSystem can be seamlessly integrated to achieve this goal by combining advanced capabilities that complement each other to build a robust data resilience strategy across primary and auxiliary storage. By working together, IBM Storage Defender and IBM Storage FlashSystem effectively combat cyberattacks and other unforeseen threats.

Learn more
Was this article helpful?

More from Cloud

How a US bank modernized its mainframe applications with IBM Consulting and Microsoft Azure

9 min read - As organizations strive to stay ahead of the curve in today's fast-paced digital landscape, mainframe application modernization has emerged as a critical component of any digital transformation strategy. In this blog, we'll discuss the example of a US bank which embarked on a journey to modernize its mainframe applications. This strategic project has helped it to transform into a more modern, flexible and agile business. In looking at the ways in which it approached the problem, you’ll gain insights into…

The power of the mainframe and cloud-native applications 

4 min read - Mainframe modernization refers to the process of transforming legacy mainframe systems, applications and infrastructure to align with modern technology and business standards. This process unlocks the power of mainframe systems, enabling organizations to use their existing investments in mainframe technology and capitalize on the benefits of modernization. By modernizing mainframe systems, organizations can improve agility, increase efficiency, reduce costs, and enhance customer experience.  Mainframe modernization empowers organizations to harness the latest technologies and tools, such as cloud computing, artificial intelligence,…

Modernize your mainframe applications with Azure

4 min read - Mainframes continue to play a vital role in many businesses' core operations. According to new research from IBM's Institute for Business Value, a significant 7 out of 10 IT executives believe that mainframe-based applications are crucial to their business and technology strategies. However, the rapid pace of digital transformation is forcing companies to modernize across their IT landscape, and as the pace of innovation continuously accelerates, organizations must react and adapt to these changes or risk being left behind. Mainframe…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters