2021. What an interesting year. With the world turned upside down by a pandemic that seemingly had its sights set on...
ETI-NET: Bringing product updates and the promotion of best practices to cyber resilience
ETI-NET Marketing Team
Unless you have of late taken a break from reading the news, you will have noticed how just a finite number of topics are making headlines today; no escaping cyber security and even AI, perhaps Quantum as well, as it applies to compromising security even as it might fuel an even more aggressive timeline for AI. Nothing quite excites the imagination of technologists as much as fear of the unknown and when it comes to the actions of bad actors there really isn’t any tried and true manner to thwart these actions. All we can do as technology professionals is to put into place procedures and processes to minimize the impact these bad actors might have on our business.
For a very long time such musings have been few and far apart for the HPE NonStop community. The inherent architecture of the NonStop operating system gave little credence to unannounced code arrival. Sneak in some code from a bad actor and the NonStop operating system ignored it giving rise to the adage that NonStop was immune to the attacks of bad actors. And yet, even now, we know that the tantalizing opportunities NonStop presents to these bad actors – how many financial transactions pass through a NonStop on any given day, say what? – suggests that NonStop systems will eventually succumb to attacks of one sort or another. The impossible never deters the possible nor does an incumbent architecture delay what we may believe is the inevitable.
So, what to do? Where to turn? Here’s where the problem might lie – the disgruntled former operator – the one you have given the password SUPER to the Super.Super functions … right? No NonStop user would ever do that … but ask former DEC folks who got by on the password of ADMIN. Or, something similar. What ETI-NET has become aware of makes the potential penetration by bad actors especially those knowledgeable of a NonStop system a distinct possibility. According to Mike Mitsch, ETI-NET Director, Business Development, “While there are potential holes in any architecture, it is not without saying that observation and proactive planning, continues to be the optimal approach, and with the latest release of BackBox with QoreStor 4.11, ETI-NET and HPE are giving NonStop users enhanced functionality to recover from cyber attacks, and capabilities that better support best practices backup data protection that have proved successful over time.” In the 4.11 release, BackBox with QoreStor brings an advanced hybrid hardware and software solution to the NonStop marketplace that addresses complete system restoration. In so doing, ETI-NET customers can be assured of a level of throughput and performance that only having a single vendor in the mix can provide. As for the IT staff with split responsibilities between systems and their applications and the storage systems they depend upon, BackBox with QoreStor opens up numerous storage options that hardware combined with software supporting a software-defined approach to storage alone can provide. And when it comes to making a choice, flexibility is always a welcomed option.
What proved to be a highlight of recent NonStop events was the message coming from ETI-NET about the 3-2-1 rule as has become a best practice option dating back many years. According to TechTarget’s analyst, Rich Castagna “three copies are made of the backup data to be protected, the copies are stored on two different types of storage media and one copy of the data is sent off site.” Featured in presentations at NonStop TBC 2023 and then followed up with additional commentary in recent presentation by the ETI-NET Team at VNUG and BITUG’s Little SIG, the 3-2-1 best practice is gaining more attention given the need for greater backup data protection and recoverability following potential actions from unauthorized parties looking to penetrate the regular defenses of a NonStop system.
If you missed the presentation given at NonStop TBC 2023, then visit the ETI-NET web site and look under the Company / Resources tab to view the presentation material, Delivering Cyber Security Advancements to NonStop Backup and Storage Management. Or you can simply follow this link –
Bookmark this page as in the upcoming months there will be a number of simple fireside chats posted to these pages on the ETI-NET web site.
However, support of the 3-2-1 rule is only the beginning for the NonStop user. Building on the flexibility of Release 4.11 of BackBox with QoreStor there is every reason to consider the 3-2-1-x extension to this best practice. What this brings to the fore is the option to explore the various levels of immutability – whereas the backup data stored cannot be changed or updated. Popular methods include on-line & off-line. On-line with vendor specific storage that has settings to retain data. Off-line and what some consider as air-gapping, and control of storage. Air-gapping is the act of removing connectivity access between the NonStop environment and the 3rd or 4th copy of the data backup data. Offline data – such as could be in a tape library, and can be loaded, can also be made online accessible by the tape catalog. Control introduces the principle of least privilege, which restricts access rights to only those who are authorized.
This is becoming a critical requirement today in a world where increasingly, enterprises are looking to optimize their configurations around low-cost options including passing of data to co-lo sites as well as to private and public clouds. It all adds up to yet another layer of protection where the enterprise can be assured the data represents what has actually been created, inaccessible to parties other than the primary system responsible for the creation of that data,
“Providing enhanced control of their NonStop Backup Storage allows organizations to not only react faster to data backup and recovery requirements, it ensures that best practices for data protection in line with the 3-2-1 rule are implemented,” said Mike Mitsch. Calling out the provision to do even more to protect the NonStop customers, “ETI-NET’s BackBox with QoreStor not only simplifies the implementation, the solution provides multiple options to implement the 3-2-1-x immutability through various methods to align with corporate protection standards.” This is truly a unique capability of BackBox as provided by the BackBox with QoreStor option “and already we are seeing our customers turning to this latest release to ensure they have even better protection than what otherwise may already been in place.
What might take the NonStop customer by surprise is the work that is ongoing with the integration of products from the ETI-NET sibling, Insider Technologies. With a portfolio of system and data backup and operational tools and utilities, there is a natural synergy between components of ETI-NET and Insider Technologies. With Sentinel, NonStop operators can today visualize BackBox and QoreStor status, and can expect to see further alignment between BackBox and Sentinel in the coming year as Sentinel brings decades of experience with NonStop systems. At a time of increased concerns over cybersecurity, it is worthwhile recognizing that alerts and the visualization of data flows will give the NonStop customer more complete awareness of developments as they occur – bad actors detected early are the first step in a defense against possible compromises.
“The big takeaway from recent NonStop events has been the noticeable uptick in interest in all things related to protecting the mission critical applications running on NonStop systems,” said Karl Gilbank, Managing Director (Europe) of PartnerOne and Director of Insider Technologies. “For some time now, we have recognized that Insider Technologies has a lot of capabilities that can be leveraged by ETI-NET customers and of late this has been reflected in the interest among NonStop customers in our product portfolio. When it comes to products like Sentinel and MultiBatch, for instance, then this bodes well for us delivering the level of protection and modernization our NonStop customers have begun to understand that they truly need.”
Keeping abreast of the news may be creating even greater awareness of the risks associated with the actions of bad actors but knowing ETI-NET has stepped up to provide the levels of protection now desired by the NonStop customer is the best news of all. Whatever type of resilience you are looking for particularly where the focus is on cyber resilience, ETI-NET is best positioned to address it. If you have missed our presentations of late or have as yet not visited the ETI-NET web site to download the latest presentation – and remember too, check for the presence of ETI-NET’s first fireside chat recording https://etinet.com/resources/- please feel free to reach out to the ETI-NET team through the use of the contact information, below.
Web – https://etinet.com/contact-us/
Phone – (514) 395-1200