Sold by: Insight EnterprisesÂ
Multi-product
AWS Backup for Ransomware PoC provides the required infrastructure for backup isolation and malware/ransomware scanning capability using the Elastio SaaS solution. Leveraging components such as a Data Bunker account, Backup account, KMS account, and AWS Backup's Logical Air-Gapped Vault (LAG), businesses can ensure backups are safely stored across accounts and regions. The tight integration between Elastio and AWS Backup service enables a cost effective an easy-to-manage malware/ransomware solution across accounts of an organization.
"INCLUDES Elastio Ransomware Recovery Platform for AWS Backup".
Overview
In addition to AWS zone/region outages and localized data corruption events, customers must have plans for recovering from malware/ransomware attacks. The AWS Backup for Ransomware PoC packaged service solution is geared towards mitigating the impact of a ransomware event. At its core, it uses AWS Backup’s Logically air-gapped (LAG) vault capability for securing backed up data in a separate dedicated account from the Workload accounts. Leveraging AWS Backup service, this solution enables data backup for the following services: Amazon EC2, Amazon EBS, Amazon FSx (NetApp ONTAP, EFS, OpenZFS, Windows File Server, Lustre), Amazon S3, Amazon Redshift, Amazon Timestream, Amazon DynamoDB, Amazon Aurora, Amazon Neptune, Amazon RDS, Amazon DocumentDB, VMware Cloud on AWS, AWS Storage Gateway, and AWS Outposts. This solution includes deployment of a Delegated Backup account, Data Bunker account, and KMS account for specific purposes. The Data Bunker account hosts a 3rd party malware/ransomware SaaS solution (Elastio), or similar provider, to scan restore points produced by AWS Backup service in Workload accounts. Monitoring, auditing, and reporting for compliance is provided via AWS Backup Audit Manager in the Backup account. This solution requires a landing zone to already be in place. If a landing zone is not in place, Insight may deploy one of its landing zone packaged offerings for an additional fee. Workload accounts must already exist. One Recovery account may be deployed in this solution for restore testing purposes.
Use cases
Ransomware Mitigation
Ransomware mitigation in AWS environments is challenging without an integrated solution. Leveraging a single delegated Backup account simplifies creation and management of backup plans. Local AWS Backup service execute backups per backup plans and send a secondary copy of backups into a Logical Air-Gapped Vault in the Data Bunker account with up to 1-hour frequency. Backup completion in workload accounts trigger an Elastio Lambda function in the Data Bunker account to remotely scan the backup.
Details
Sold by
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Products included
The AWS Backup for Ransomware PoC packaged service solution is geared towards mitigating the impact of a ransomware event. At its core, it uses AWS Backup’s Logically air-gapped (LAG) vault capability for securing backed up data in a separate dedicated account from the Workload accounts.
This solution includes deployment of a Delegated Backup account, Data Bunker account, and KMS account for specific purposes. The Data Bunker account hosts a 3rd party malware/ransomware SaaS solution such as Elastio, or similar provider, to scan restore points produced by AWS Backup service in Workload accounts. Monitoring, auditing, and reporting for compliance is provided via AWS Backup Audit Manager in the Backup account.
"Requires Elastio Ransomware Recovery Platform for AWS Backup (sold separately)".
Elastio Ransomware Recovery Assurance Platform (Elastio Platform) integrates with AWS Backup to ensure recovery points are uncompromised, and ransomware-free.
By embedding data integrity validation into the replication and recovery workflow, the Elastio Platform enables organizations to restore clean data confidently, eliminating the risk of encrypted or corrupted backups.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. Request a private offer to receive a custom quote.
Integration guide
Upon creation and configuration of dedicated accounts (Delegated Backup, Data Bunker, KMS) with appropriate Backup Plans, Backup Vaults, and permissions, complete the high-level steps for deploying Elastio:
Elastio Deployment Steps:
- https://support.elastio.com/hc/en-us/articles/25332088897810-Cloud-Connector-Deployment-StepsÂ
- Deploy connectors to Dedicated account from tenant console Settings/Deployment and select “Launch CloudFormation Stack”. - Select regions to deploy connectors to - Can add more regions later
- After Dedicated account appears in Deployments console, select dots on Dedicated account to link Protected accounts individually - Can execute protected account template from a delegated CloudFormation admin account to deploy to entire Org, OUs, member accounts
- AWS Backup restore points still require tags with key-”elastio:action” and value-”scan" for elastio to scan them
- Create Scan policies for scheduled scanning
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.