Scribd Logo
Upload

Welcome to Scribd!

  • 0 views

    Cyber Recovery Workshop 2024 - Cyber Recovery Vault in The Cloud

    Uploaded by

    Murad Sultanzadeh

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Cyber Recovery Workshop 2024 - Cyber Recovery Vault in The Cloud

    Uploaded by

    Murad Sultanzadeh
    0 views23 pages

    Original Title

    Cyber Recovery Workshop 2024 - Cyber Recovery Vault In The Cloud

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    0 views23 pages

    Cyber Recovery Workshop 2024 - Cyber Recovery Vault in The Cloud

    Uploaded by

    Murad Sultanzadeh

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 23

    PowerProtect Cyber Recovery Workshop

    Cyber Recovery Vault In The Cloud

    Frankfurt
    January 2024

    Internal Use - Confidential 1 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • CloudFormation stack • Template file deploys • Template file deploys


    deploys the entire vault the entire vault with all the entire vault with all
    with all its components its components its components

    • CyberSense can be
    installed separately

    Internal Use - Confidential 2 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • AWS
    • CloudFormation stack deploys the entire CR vault with all its components
    • CyberSense can be installed separately

    Internal Use - Confidential 3 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • AWS
    • The CloudFormation stack template is shared with the customer

    • The stack template deploys the Cyber Recovery Management Host from a private AMI stored on Dell’s
    AWS account. This AMI needs to be shared with the customer’s AWS account

    Internal Use - Confidential 4 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    The location of the


    stack template
    shared with the
    customer

    Internal Use - Confidential 5 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    The template asks for user


    input: Prefix, subnets IP
    ranges, key pairs, DDVE
    deployment options, etc…

    Internal Use - Confidential 6 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • AWS
    • The template deploys:
    • CR management host
    • Hardened Windows jump host
    • DDVE
    • S3 bucket for the DDVE
    • VPC with 2 subnets:
    • Subnet for the jump host
    • Subnet for the CR host and DDVE
    • Security groups
    • ACLs

    Internal Use - Confidential 7 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • AWS
    CyberSense
    • Deployed and launched using a private AMI that is shared with the customer's AWS account

    Private AMI
    Shared AMI name Dell AWS
    Account

    Internal Use - Confidential 8 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • Azure
    • Template file deploys the entire vault

    Internal Use - Confidential 9 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • Azure
    • ARM (Azure Resource Manager) template files are shared with the customer
    • VM image is shared with the customer

    Internal Use - Confidential 10 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • Azure
    • A resource group is created with all the components in it

    Internal Use - Confidential 11 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • GCP
    • Template file deploys the entire vault

    Internal Use - Confidential 12 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • GCP
    • Terraform template file is shared with the customer

    • Image is shared with the customer’s Service Account or user (email address)

    Internal Use - Confidential 13 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • GCP

    The template asks for user


    input: Prefix, Service Account
    key path, Project ID, subnets
    IP ranges, Region and Zone

    Internal Use - Confidential 14 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    • GCP
    The template deploys:
    • CR management host
    • Hardened Windows jump host
    • DDVE
    • Storage bucket for the DDVE
    • 2 VPCs with 3 subnets:
    • Subnet for the jump host
    • Subnet for the CR host and DDVE
    • Subnet for the DDVE replication NIC
    • Firewall rules

    Internal Use - Confidential 15 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Deployment Options

    After the template is deployed, to finalize the vault deployment:

    • Connect your Prod to the AWS Vault with VPN or direct connection

    • Reset the Cyber Recovery root and application passwords (MongoDB, CRSO user, Lockbox)

    • Configure the jump host to receive files, then install an offline version of a supported web browser
    (the hardened Windows VM doesn’t have Chrome installed on it by default)

    • Configure the DDVE and its filesystem on the deployed S3 bucket/storage bucket/storage account

    • Configure the replication contexts to the vault, including editing security groups and ACLs

    • AWS: Configure SES (email service)

    Internal Use - Confidential 16 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Options
    What’s next ?
    • Install virtual PPDM, recover clients ➔ work inside the vault

    Cloud Vault

    Jump Host CyberSense Cyber Recovery


    Management Host

    DDVE

    Application Hosts

    Internal Use - Confidential 17 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault - Cloud Options
    What’s next ?
    • Install virtual PPDM, recover clients ➔ work inside the vault
    • Connect the vault to another cloud account and sync data into the vault
    • Connect the vault to your prod and recover from the vault copies

    Production /
    Clean Room/
    Another Cloud Account Cloud Vault

    Jump Host CyberSense Cyber Recovery


    Management Host
    Application Hosts
    DDVE

    DDVE

    Application Hosts

    Internal Use - Confidential 18 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault – Common Issues

    AWS:

    • Configuration of replication contexts issues because of (inbound and outbound) Security Groups AND
    ACLs

    Internal Use - Confidential 19 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault – Common Issues

    AWS:

    • Jump host access issues because of (inbound and outbound) Security


    Groups AND ACLs –
    wrong IP range/ VPN not configured properly/ additional organization
    policies or Firewall prevent access..

    • Errors because of manual editing of the security groups to allow access


    between vault components (DDVE, JH, CR, CS)
    (CR manages the security groups, adding CS as Asset will fail if CR tries to
    create a security group inbound or outbound entry that already exists)

    Internal Use - Confidential 20 Copyright © Dell Inc. All Rights Reserved.


    Cyber Recovery Vault – Common Issues

    AWS:
    • CyberSense issues:
    • Deployed not the in same subnet as the DDVE and CR

    • Incorrect tag key/value when adding CS Asset in CR


    (CR needs the Tag Key of the Security Group assigned to CyberSense, and its value needs to be the
    CS VPC ID)

    Internal Use - Confidential 21 Copyright © Dell Inc. All Rights Reserved.


    Q&A

    Internal Use - Confidential 22 Copyright © Dell Inc. All Rights Reserved.

    You might also like