CONTACT US

BLOG: Cyber Resiliency with IBM Z Cyber Vault Explained

March 9th, 2022

by | Mar 9, 2022 | Enterprise Systems

BLOG: Cyber Resiliency with IBM Z Cyber Vault Explained
J. Jeffrey Broderick
System z Architect

Today’s computing environments are facing ever-increasing cyber threats with greater severity and cost than ever before. Cyberattacks by ransomware or malware are ever changing and can have significant impact on service delivery, hinder the ability to provide goods and services, impede business continuity, damage the corporate reputation, and cause severe financial loss and expense both from the attack(s) and recovery from the attack(s).

Historically, IT environments initially focused solely on in-house backup, then came off-site storage, then came Disaster Recovery facilities. Today’s environment now requires a cyber-resilience strategy. That strategy should include several key components:

That strategy should include several key components:

  • Identification
  • Protection
  • Detection
  • Incident Response
  • Recovery

The IBM z Cyber Vault (IzCV) is an architectural infrastructure leveraging IBM software, hardware, and services to deliver world-class cyber resilience, intrusion detection, data recovery, and data corruption protection from internal and external threats. The solution provides protection from logical data corruption, trusted data sources via validation and verification, confidence for IT staff to restore the business, and a uniform, dependable infrastructure for applications and tooling.

Whether an organization has a single-system, multi-system, or multi-site zOS implementation, IzCV can be established and implemented to provide a high level of cyber-resilience.

 

Components of an IBM Z Cyber Vault Solution

 

IBM hardware and software components for an IBM Z Cyber Vault solution include the following:

  • IBM Z hardware (zOS-based) w/isolated LPAR
  • IBM DS8000 Storage with Safeguarded Copy
  • IBM Software products for data validation, forensic analysis, and surgical recovery
  • IBM Geographically Dispersed Parallel Sysplex (GDPS) or IBM Copy Services Manager (CSM)
  • IBM System Recovery Boost (faster recovery time for IBM z15+ processors)
The IzCV environment must be isolated from the production environment, and the storage should be air-gapped. Storage air-gapping requires that the backup storage environment be completely isolated and not directly available to the existing production or development environments. The isolation can be either virtual or physical by leveraging either an IzCV LPAR or a separate z machine. To facilitate an IzCV environment, the necessary software for customers that implement a separate machine, IBM provides Solution Edition software pricing to enable the duplication/replication of production software components into the IzCV resiliency/testing environment.

 

Reference Architecture

 

The reference architecture for the IBM Z Cyber Vault solution requires two separate domains: the existing production environment and an isolated Cyber Vault environment. The Cyber Vault environment consists of both a storage environment and a recovery environment. The storage environment is composed of DS8000 storage with either Copy Services or Safeguarded Copy.

The recovery environment contains all the software from the production environment, including tooling for data validation, forensic analysis, and recovery. The recovery environment is typically started from a “point-in-time” data image of production, keeping the environment isolated with limited user access. Validation, testing and forensic analysis can then be performed within this recovery environment. Various automations are available to run the data validation tasks as fast and error-free as possible.

Analysis within the recovery environment, once completed, is then repeated with newer “point-in-time” data images. The more automated and efficient the validation process, the more quickly any data corruption or incursions can be detected.

Other variations of the reference architecture are leveraged relative to whether the environment is single-system, multi-system or multi-site. IBM Z Cyber Vault can leverage technologies like GDPS Metro and GDPS Global implementations.

Summary

The IBM Z Cyber Vault delivers cyber resiliency protections for customers to identify data corruption, protect data assets, and enable rapid recovery from a cyber incursion. IzCV is designed to complement existing high-availability disaster recovery solutions and the existing infrastructure.

More Information

As an IBM Platinum Business Partner, Mainline has extensive experience with IBM systems, including IBM Z mainframe systems and operating systems (z/OS, z/VM, z/VSE, and Linux), enterprise storage and data protection platforms, and cybersecurity solutions. Mainline’s enterprise specialists can help you analyze, architect, and implement a cyber resiliency solution to protect your data assets and enable rapid recovery actions from a cyber incident or attack. To set up an in-depth discussion, please contact your Mainline Account Executive directly or click here to contact us with any questions.

You may be interested in:

Blog: Cybersecurity in 2022 – 5 Priorities for Business Leaders

Blog: Securing Any Data, Anytime from Everyone with IBM Z

OnDemand Video: IBM Z Cyber Resilience and Business Continuity (39:41)

Mainline