SteeldomeCyber News: Latest Updates & Data Protection Developments

Blocks & Files: Protect Critical Data with SteelDome and InfiniVault

Written by Chris Mellor | Mar 6, 2024
 

Original Article by Chris Mellor,

Blocks & Files, January 15, 2024


BLOCKS & FILES: PROTECT CRITICAL DATA UNDERNEATH A STEELDOME AND INSIDE AN INFINIVAULT

SteelDome’s InfiniVault, provides secured data protection in the cloud against malware and insider leakage that it claims is beyond what cyber-resilient backups can offer.

InfiniVault offers direct support for VMware ESXi and Hyper-V images, and Windows, Mac and Linux bare-metal systems, plus Microsoft Office 365, Google Apps and >20 other cloud platforms, with:

  • Immutable snapshots
  • Encryption, 
  • Error correction, 
  • Redundant cross-cloud distribution

The data, SteelDome says, is cloaked and virtually air-gapped. Malware detection is applied to incoming data, with virus and signature identification. SteelDome also claims it has a zero-day (no warning) capability but doesn’t say how this operates.

InfiniVault does this by being packaged as a turnkey, managed software appliance, in a VM on premises, on a bare-metal server, or in the public cloud. It appears to be an NFS, SMB, iSCSI, SFTP or S3 storage device. Data transferred to it, from app servers or backup systems, is processed and stored across multiple public clouds, such as Azure, AWS (S3) and Wasabi (S3). There are no egress fees upon data recovery.

SteelDome provides three deployment methods: Private Infrastructure, Public Cloud Infrastructure, and SMB.

  • Private Infrastructure: InfiniVault delivered as an operational VM and configured to only communicate with trusted endpoints.
  • Public Cloud Infrastructure: delivered as an operational VM on Azure, AWS, Wasabi or another cloud, and accessible to a customer’s private virtual cloud network in a private peering session with trusted endpoints.
  • SMB: delivered as an operational VM on Azure, AWS, Wasabi or another cloud, and accessible to a customer’s private office network through secure FTP. The SFTP Client is used on a scheduled basis for customer data transmission. The vault is configured to only communicate with a trusted customer endpoint; usually the external IP address of the customer’s firewall.

InfiniVault has a capacity-based subscription model:

  • SMB for 20 TB of total provisioned capacity
  • Silver for 50nTB
  • Gold for 100TB
  • Platinum for >100TB

Note that total usable capacity will depend upon the protection redundancy factor chosen at provisioning time. Eg: RF1, RF2, orRF3.

InfiniVault is monitored by a cloud resource 24 x 7. It offers file-level granularity with recovery in seconds. But note that, if a customer has to recover from data loss for any reason, the customer is only granted access to the data once multiple levels of authentication are performed by SteelDome security engineers. Customers will only get data recovery in seconds once this is carried out.

The software can convert to/from various virtual image formats: VMDK, VHD, RAW, QCOW, VDI and QED. SteelDome says InfiniVault is designed on zero-trust principles with strong authorization and access controls.

Clearly data needs sending to InfiniVault. Any backup software needs configuring to do this. It is a cloud-based and secure data storage target which, like Neridio, stores its data in a cross-cloud manner. Exactly how it does that is not revealed. Check out an InfiniVault white paper here.

Our understanding is that the main distinction from cyber-resilient backup software like Druva and Clumio, that also stores backup data in the public cloud, is that it uses multiple cross-cloud vaults to provide additional protection.

 

Read the original Blocks & Files article by Chris Mellor here.