Concepts

The telemetry provides information about storage systems, backup systems, and resources. For more information about supported source types and resource types, see Terminology.

The Data Resiliency Service uses telemetry from information sources in your environment to compose recovery groups. Recovery groups correlate volumes and data resources to storage system snapshots or backups in a backup system. The identified snapshots and backups represent the recovery points at a point in time.

The Data Resiliency Service helps you to test these recovery points to have a better understanding of the available copies, their location, and helps you to decide which available copies can be prioritized to use for recovery, if required. A recovery point provides the following:

• Recovery plan: The Data Resiliency Service assists you in recovery decisions by providing a recovery plan. The recovery plan is a recovery group which identifies data resources from your environment and their corresponding recovery points. The plan is the collection of snapshots and backups that satisfy recovery to a point in time.

• Recovery test: The Data Resiliency Service can test recovery by accessing recovery points for a recovery group and performing tests on those snapshots or backups. Currently, the Data Resiliency Service tests recovery points for virtual machines by performing a power-on test from the snapshot or VM.

• Recovery: The Data Resiliency Service can recover data for the data resources assigned to a recovery group by using a selected recovery point to recover to that point in time. Currently, data recovery is available for virtual machines.

For more information, see Recovery group and Test recovery and activated recovery plan.

The Data Resiliency Service provides the automatic generation of recovery groups and the assignment of governance profiles.

With the automatic generation of recovery groups, all virtual machines in your environment are categorized and grouped into meaningful recovery groups. The automation reduces the effort to configure the Data Resiliency Service and ensures governance of your data protection and snapshot copy creation. You are notified when the data protection policies or snapshot creation policies are not working as expected and when the creation of backup or snapshot copies fails unexpectedly.

The automatic creation of recovery groups occurs in four major phases:

• Inventory phase
• Cluster phase
• Group phase
• Governance phase

For more information, see Automatic generation of recovery groups and automatic assignment of governance profiles.

The governance profiles are used to evaluate the protection and cyber-resilience of your environment. Profiles define protection and cyber-resilience attributes that are used to evaluate volumes and snapshots in storage systems and backups in backup systems. These attributes can be collected by telemetry from your environment, or these can be set and customized based on the goals of your organization. For more information, see Governance.

Data Resiliency Service introduces the concept of applications. A Data Resiliency Service application represents a complete application within the storage environment and serves as a logical construct that encapsulates multiple recovery groups.

Each recovery group corresponds to a specific component of the application and includes resources of a particular type. Recovery groups within a Data Resiliency Service application are organized into phases, which define the precise recovery order. This phased structure enables users to model complex application dependencies and orchestrate recovery workflows accordingly.

In addition to recovery orchestration, a Data Resiliency Service application provides a centralized view of the application’s health and status. It aggregates alerts and monitoring data across all associated Recovery Groups, offering a unified interface for visibility and control.

To learn more about applications, see Applications.

For more information on how to access your local environment, carry out inventory operations, and perform test recovery and recovery operations using the Data Resiliency Service, see Connection managers.

The IBM Storage Defender can detect operational threats on your production data as following:

• IBM Storage Defender sensor: The IBM Storage Defender provides malware sensors that can be deployed to virtual machines (VMs). The sensors perform near real-time monitoring and detection of malware for supported resources. The collected information is sent to the Data Resiliency Service and helps you to proactively respond to cyber events.

• IBM Storage FlashSystem threat detection: The integration between IBM Storage Defender and IBM Storage FlashSystem allows the Data Resiliency Service to access the information reported from the IBM FlashCore Modules. The IBM FlashCore Modules sensors perform inline monitoring or operations at storage block level. The combination of anomaly detection at application level by using the IBM Storage Defender sensors and at the block level by using the IBM FlashCore Modules data, increases the ability to detect malicious operations quickly.

For more information on how the Data Resiliency Service can detect operational threats on your production data, see Threat detection.

Data Resiliency Service is managed through access points. Access points grant users, individuals and user groups, permission to access and modify listed resources. For more information, see User management.

Data Resiliency Service introduced two dashboards that display important information about your storage systems and backup systems at a glance. For more information, see Storage and backup systems dashboards.