The eagerly anticipated Zerto 9.0 release is here after being announced at ZertoCon 2021 in April and is packed full of backup enhancements with the theme of the launch firmly focused on ransomware recovery. 

The main updates from the launch event included immutability and automation capabilities to further combat ransomware, cloud data management and protection capabilities for end users and managed service providers. 

*Disclaimer, the observations, and opinions expressed in this blog are my own* 

Immutable Backups 

Let’s look at immutable backups as it seems to be a major buzz word in the data protection industry and rightly so. The first supported platform for immutable backups is on AWS utilising AWS Object Locks to prevent backup data being deleted or encrypted via a malicious user or cyber-attack.  

Zerto manages the immutability by applying Object Locks to the full retention sets which can be applied on the long-term retention repository via a Virtual Protection Group (VPG) retention policy or from a selected duration of days. The S3 bucket which will be used for immutable backups must have Object Lock and Versioning enabled to support this feature. 

Once a full schedule immutable backup job has completed you can see from the ZVM monitoring tab that the retention set is marked as Immutable and when the retention expires which will allow you to tier or delete the data from the repository. 

You can easily identify immutable retention sets in the repository which will be marked with a padlock icon with a notation that it can’t be marked for deletion. 

There has been a clear focus on getting this feature right using the cloud native APIs to ensure when the retention sets are locked, they cannot be edited or deleted. A lot of innovation has taken place behind the scenes to make this feature possible which included optimising how backup data is written into the repository and how retention sets, metadata, disk object maps and indexing are managed.  

The support for additional immutable targets should hopefully be added in future releases, with the next release currently aimed for Q1 2022. 

Note if you are already using AWS S3 as an LTR repository you will need to add the S3:ListBucketVersion permission. 

S3-Compatable Storage Support 

On the subject of additional targets and a feature I’ve not so quietly been asking for since I joined Zerto is the capability of storing backups on object storage. Zerto now supports S3-compatible storage such as Cloudian Hyperstore and Wasabi as an LTR repository. 

So, what is S3-compatible storage? Well in short, Zerto uses the S3 API standards to manage the backup operations for object storage which are supported when utilising the following S3 API’s: 

  • PutObjectRequest 
  • GetObjectRequest 
  • CopyObjectRequest 
  • DeleteObjectRequest 
  • HeadObjectRequest 
  • ListObjectRequest 
  • ListObjectsV2Request

Zerto developed this feature using the S3 SDK version 1.8.83 API signature. 

The S3-compatible storage can be added as an LTR repository using the new S3-compatible storage drop down option and attached when the following information has been completed. Zerto’s best practice is to use HTTPS with a 3rd party CA certificate (self-signed certificates are not supported). You can skip the HTTPS validation with a VRA tweak, however I wouldn’t recommend this in production. 

S3-compatible storage can also make use of the data efficiencies introduced in 8.5 to ensure backups capacities are reduced for repositories with no in-built storage efficiencies. 

Note that S3-compatible storage is not supported for primary volumes, recovery volumes and journal volumes, only as an LTR repository. 

Backup Cloud Tiering 

The capability of using Azure Hot and Cool tier and AWS S3 Standard, S3-IA and One-Zone IA for backups was introduced in Zerto 8.5. Cloud tiering enabled customers to lower their cloud storage costs by archiving backup data into cheaper tiers of storage. Zerto leverages native APIs to tier backups from S3-IA to Glacier in AWS, and from cool blobs to archive blobs in Azure. 

The tiering policy can be configured on the LTR repository giving users the ability to tier retention sets down using different tiers or storage classes after a duration of days. 

LTR Reporting & Analytics Improvements 

Zerto 9.0 added advanced reporting and troubleshooting views for disaster recovery and LTR. Analytics now enables users to perform an immediate health check of LTR process to understand the status, data usage and duration of operations.  

New Instant VM Recovery & Backup File Level Recovery Workflows 

Additional recovery workflows are also available in the release including the recovery of files or directories by downloading them or by restoring them directly into its original location from a LTR repository. This feature has been available from the journal in previous versions however before 9.0 you were required to recover the full VM from the backups.  

Instant VM recovery from a local VPG journal workflow has been added which doesn’t affect the journal history or on-going disaster recovery operations and further enhance Zerto’s recovery capabilities.  

This blog has focused on the new backup features and enhancements in the 9.0 release, building on the existing capabilities from previous versions, Zerto gives customers unrivalled recovery back to production while now supporting immutability. This along with Zerto Analytics and reporting enables greater visibility and insights into the data protection SLA’s and operations and is a major advantage for Zerto.