Improving cyber resilience with modern data security and management.
Ransomware threats are still a top concern for global organizations. According to a recent survey sponsored by Cohesity, 93% of respondents said they felt the threat of ransomware attacks to their industry increased this year—up nearly 20% from last year. Still, most organizations 80% fear that their cyber resilience strategy is not enough to address today’s cyber challenges and threats.
Today we are excited to announce the new 7.1 release of the Cohesity Data Cloud. The release offers several capabilities that bolster cyber resilience strategies and harden backup data security against threats, including support for TLS 1.3 protocol, and new native public key infrastructure (PKI) certificate management. Cohesity is the first modern data security and management vendor in backup and recovery to support TLS 1.3, meeting current recommendations and future requirements of PCI-DSS and NIST.
See below for new data security and management capabilities from Cohesity that expand data protection to key VMs, NAS, RDMS, and cloud workloads, and platforms.
Keep reading below for a deep dive into the details.
What’s new in the 7.1 release: Modern capabilities for cyber resilience
The 7.1 release features new capabilities, including:
Data security hardening
Upgraded Transport Layer Security (TLS) 1.3 protocol for Cluster Web UI and node-to-node communication: TLS 1.3, the latest version of TLS, enhances security, improves performance, and meets the recommendations and future requirements of PCI-DSS and NIST.
New native Public Key Infrastructure (PKI) certificate management for Cohesity component communication: In 7.1, Cohesity launched an enhanced PKI infrastructure to track and automatically renew the certificates used to secure communication between Cohesity components, including agents and clusters. These enhancements provide customers with more control over the lifecycle of certificates used in their environments.
Validated KMS support for Hashicorp Vault: Customers seeking to centralize their cluster encryption keys, or store their keys in an alternative location to Cohesity’s native Key Management System (KMS), can now use Hashicorp Vault as an external KMS service.
New data protection support
Data protection support for IBM FlashSystem—available only through Cohesity: Customers can now protect individual IBM FlashSystem Volumes for backup and recovery. In addition, customers can auto-protect IBM FlashSystem Volumes via volume group backups in a protection group to perform consistent backup operations across the volumes of the selected group. Users can register an IBM FlashSystem storage system as a SAN source in Cohesity and ingest volume snaps to protect against loss of data.
Support for M365 U.S. government: With 7.1, Cohesity now offers customers the ability to protect M365 GCC High workloads.
Instant recovery capabilities for Nutanix AHV: Customers can now use instant mass restore for Nutanix AHV workloads. With this capability, customers can immediately restore AHV VMs into production environments and drastically minimize the downtime of production VMs.
Recovery of excluded blank disks: This feature saves users from having to manually recreate excluded disks after VM recovery (on AHV and Hyper-V), allowing for the blank disk(s) to be used as a target for application restores. This feature enables:
Metadata recovery of VM disks that were excluded during backup.
Creation of a blank disk with the excluded disk’s metadata.
PostgreSQL (EDB Postgres): Newly added data management capabilities for fully automated data management of EDB Postgres workloads.
Cassandra: New protection and resource optimization enhancements that guarantee that user/roles are protected and restored enabling the successful recovery of Cassandra objects. In addition, with new memory optimization enhancements, customers can now onboard more Cassandra workloads efficiently as they grow their business and achieve up to a 2x memory footprint reduction for large SStable size recovery.
MongoDB: In 7.1, Cohesity provides the capability to protect MongoDB Time Series Collection databases with the Cohesity MongoDB adapter that improves query efficiency and reduces disk usage for time series and secondary indexes. This means that you can seamlessly manage the entire time series data lifecycle from ingest, storage, analysis, and visualization to archive.
Early access: Cloud cost savings capabilities
New configurations for Cohesity DataProtect Cloud Edition on Azure: New configurations improve storage capacity and performance, driving additional cost savings. The set of 15 predefined deployment configurations is currently in early access and enables the use of object storage. Object storage supports more storage capacity than block storage (up to 200 TB per node) and is more cost-effective than block storage, lowering TCO. Early access workloads supported today include: VM, SQL, Physical, M365, and NAS.
Early access: WORM Support for AWS (CloudArchive with forever-incremental format). In this release, write once, read many (WORM) can be enabled for cloud archives created on AWS storage targets when using forever-incremental archival format. By combining Cohesity Datalock with AWS Object Lock at the AWS storage target end, this feature retains the storage efficiency benefits of the forever-incremental format. The result is immutability at a much lower TCO without requiring periodic full backups.
Expanded support for service providers and multi-tenant enabled organizations
Service providers and multi-tenant organizations can now protect their Hyper-V workloads more effectively. The 7.1 release supports the backup and recovery of Hyper-V data through Hybrid Extender (HyX) and VLAN configurations. All current Hyper-V configurations such as standalone server, failover cluster, and SCVMM instances are supported. This expanded support enables service providers to offer the protection service of these workloads to their customers.
Multi-tenancy for on-prem Active Directory and Exchange
Organizations that offer IT as a service, such as service providers and multi-tenant entities like universities or governments who offer similar services to departments within their organizations, now have the ability to use Cohesity’s AD and Exchange on-prem capabilities to support their end customers.
Enhanced SmartFiles Capabilities
In 7.1, Cohesity is enhancing its object and file capabilities. For object storage, Cohesity is now supporting:
Amazon S3 Content-Type attribute that helps define the type of data stored in each object
Pre-signed URLs that enable temporary access to specific objects without sharing AWS credentials
Virtual-hosted-style URLs offer an alternative way to host static websites directly from an S3 bucket.
Pre-signed URLs and virtual-hosted-style URLs also enable Cohesity SmartFiles to integrate with Snowflake Data Cloud’s external tables feature, allowing enterprises to mine insights while maintaining data sovereignty.
Enhanced file capabilities include support for multiple service principal names (SPNs) while joining an Active Directory domain. This allows enterprises to map machine account aliases to some or all VIPs associated with a cluster, to direct traffic to a subset of nodes. SMB shares hosted on SmartFiles now display all associated SPNs, greatly improving the flexibility that enterprises have in controlling their traffic.
Bolstering cyber resilience strategies and hardening backup data security
Cohesity 7.1 provides key features for cyber resilience strategies with the latest data hardening capabilities and reliable, confident backup and recovery for an expansive set of data sources. Contact your Cohesity account representative to learn more about the release and the early access programs listed above.