Ransomware Protection Storage Solution
Build a highly secure protection system with
primary and backup storage.
Ransomware Has Become a Major Global Cyber Threat
Ransomware is a type of malware that encrypts or steals data and renders computers or specific files unusable or unreadable, and then demands a ransom to recover or decrypt the related components. With ransomware attacks spiking in recent years, this malware is evolving to become stealthier, faster, and more impactful, often evading common antivirus software. Such attacks are now a major cyber trend on the network threat list.
Large enterprises and infrastructure are the focus of attacks.
The double extortion model increases the risk of data breach.
Ransomware as a Service (RaaS).
The supply chain becomes the main entry point for extortion attacks.
Advanced Persistent Threat (APT)-like ransomware attacks.
The new normal of insecure data.
To avoid ransomware attacks, storage devices must be equipped with ransomware protection in addition to the security protection already present at the network layer. Huawei provides a highly reliable protection solution that covers both primary and backup storage to protect your business.
▪ Primary storage: After data enters the production storage, a safe zone is created inside the storage to prevent data from being tampered with or deleted through the secure snapshot and Write Once Read Many (WORM) features of the storage. An independent physically-isolated zone is also created, combining with air gap technology to automatically disconnect replication links and replicate data to the isolation zone for enhanced protection.
▪ Backup storage: Similar to primary storage, the encryption, secure snapshot, and WORM features of the backup storage ensure the data in the storage system is clean. An isolation zone is also established to ensure data security, allowing operators to quickly restore secure data and services in the event of an attack.
* Ransomware protection features for NAS and backup are expected by Sept. 30, 2022.
Key Technologies
The Huawei Ransomware Protection Storage Solution covers Storage Area Network (SAN), Network-Attached Storage (NAS), and backup storage scenarios. Key technologies — including storage encryption, air gap, secure snapshot, and WORM — are used to implement data anti-tampering, security detection, and secure recovery.
E2E Data Encryption
Protocol-layer encryption NFS, CIFS/SMB.
Advanced Encryption Standard (AES)-256 encryption of production and backup data.
Encryption during air gap replication.
Encryption during remote replication of data and copies.
Air Gap Replication
By setting the replication Service Level Agreement (SLA), data copies are automatically and periodically replicated from the production or backup storage to the isolation environment. The replication link is active only during replication, which ensures data copies are offline most of the time, reducing the possibility of attacks.
File System WORM and Secure Snapshot
A protection period can be set for production or backup data to prevent data modification or deletion during this time range.
Secure snapshots ensure storage data is read-only and cannot be modified or deleted within a specified time range.
Ransomware Detection
A baseline model is established based on historical data to check for any abnormalities in the changed feature values of the metadata of copies.
Abnormal copies are further compared to determine file size changes, entropy values, and similarities.
The Machine Learning (ML) model is used to determine whether file changes are caused by ransomware encryption, flagging them accordingly.
Futuristic Technology
Solution Rundown
Attack and Defense Drills
Related Products
OceanStor Dorado 8000/18000
Providing high performance of up to 21,000,000 SPC-1 IOPSTM, six-nines reliability (99.9999%), and intelligent acceleration for critical services.
Learn More
OceanProtect Backup Storage
Offering superb performance, efficient reduction, stability, and reliability, to help users implement efficient data backup and reduce TCO
Learn More
OceanCyber Data Security Appliance
Huawei OceanCyber Data Security Appliance serves as a security engine for data storage, offering a range of capabilities that includes unified security policy configuration and management, ransomware detection and analysis, and defense for data security for various types of storage devices. OceanCyber helps to build a comprehensive ransomware protection storage solution to strengthen the last line of defense for data security.
Learn More