Skip to Content
39:52 Video

Simple, Secure, Automatic. What's New with Safemode

We'll start by answering the question, "What is SafeMode?" We will then review all of the new SafeMode features that have been developed in the last year. Join us as we discuss what makes SafeMode simple, secure, and now... automatic.
Click to View Transcript
00:01
Mm everybody thank you for joining us for this session of pure accelerate tech fest 2022. I'm JD Wallace. I'm joined by my colleagues Zane Allen and Chris Sprague in this session, we're going to talk about what's new with safe mode. It's simple, it's secure and it's automatic.
00:24
So there's a report that was conducted by E S G around the data protection landscape and a really great comment came out of that. They said nearly half of the organizations identified are identified in improving their sls. There are P O S and the R T O S were one of their top challenges and we know that data protection is incredibly important, but it's not always the easiest thing for organizations
00:47
to, to really build good practices around and so that's why at pure storage. One of the things we've done is we've really tried to focus on data protection across a broad spectrum. You know, we've got lots of features that are built into our products for synchronous and asynchronous replication, really easy to use snapshots offloading the cloud, lots of cool things that we're doing
01:07
there. One of those features, the one that we're going to focus on today is safe mode and safe mode is all about protecting your environment from either malicious actors or or even accidents that can happen that may accidentally or maliciously delete your data. Now I invoke the word ransom where there and I know that's a topic that we hear about a lot
01:29
right now. Unfortunately chris, you are field solution architect for modern data protection Maybe give us a little more insights into that landscape and what you're seeing. Good thanks judy Absolutely having these conversations with customers every day all across the Americas and across the globe actually. And I don't think there's one conversation we
01:52
have where we don't discuss ransomware And you can see here nearly 70% of North American companies have said that they have been affected by ransomware in some case In some way. And actually if you look at all the continents here, there's not one that's below 50% that's you know, saying that they have not been affected by ransomware. So it's very prevalent out there and we are having these conversations all the time,
02:17
ransomware is happening very frequently it's costing lots of money to these companies and no one is immune anymore. So we have set out from pure storage side with modern data protection to really help protect our customers from ransomware going forward, increase these numbers. You know, they're probably even lower right because this is something that's really hard to measure.
02:40
I mean I'm sure not a lot of organizations are willing to volunteer the fact that they've been compromised by one of these attacks. So you know, these are kind of best guest numbers and the point is though really a big problem but you know, we, we kind of know that though, we know it's a problem and I think one of the ways that we can better understand how to address it or how to mitigate against some of these attacks
03:04
is to kind of understand the attacks themselves a little bit better and Zane. One of the things that you talk about that I really love that I want you to share with us today is a little bit more of an anatomy of the tax. So tell us a little bit more about what is it that actually happens when one of these attacks takes place. Yeah I'd love to.
03:22
So ransomware I mean over the, well what ransomware should say viruses attacks have have definitely gotten more sophisticated and even more so as of late um security breaches they're more sophisticated. They can they can come in in waves and droves it's more automated so they're more and more frequent. And these would be phishing attacks, social engineering, whatnot.
03:44
You know ways to get to breach the outer network and get into the into the network itself or you can start doing its work right or work. And let's let's be let's be clear these are businesses right. These are let's say underground businesses but they're definitely businesses. They're out there to make money and you know they're playing a numbers game here.
04:04
What's really changed over even my time and I. T. Is you know back in the day these might have been very apparent once they breached that wall you know make themselves known in your network. You see them right away but the sophistication and and and making sure that they can do the most damage, you know, kind of take away all the ways that you can recover from has led them
04:27
to kind of lie in wait in the network. Now they observe right as it points out here, access and observed. They just they stay persistent in the network, go as far as they can through that network. Getting more and more access right? Getting to the domain admin keys, right? If they can understanding that if you have
04:44
backups where you might keep them snapshots all all of these things before they actually make themselves known or do that encryption right? Or remove access to your data. So you know for the point of again it's a business. If I remove access and I remove your way to restore from it then I can force you to pay that ransom. Right?
05:03
Or at least try to pay that ransom. And then you know after this it can take it could take months. It could well it could take a long time to do a full recovery. If you don't have that data to restore from if that data have is farther away from production, you may pay you you know, you're forced to pay the ransom.
05:22
The keys are the tools they give you might not even get your data back. Right? So put you in this state um and at that point again I call them a business but their their business model isn't to make sure that their tools are great. It is to get you to pay that ransom. Right? So they and as it says, your payment doesn't
05:39
guarantee recovery and that's kind of the that's the state of what we've seen with customers today. Yeah. So Zane, I think I heard you say something, I want to come back to your talking about how these Attackers are actually learning about your environment. What I what I think I heard that to mean is that they're actually learning what types of storage you use,
05:58
what types of data protection used, the actual vendors chris you know, in your role as F. S. A. I know you work with the customers a ton when unfortunately this happens. Are you actually seeing that these Attackers are sophisticated enough to know how to go after a particular brand of data protection or storage products? Oh, absolutely.
06:17
Yeah, that's to both your points. That's a big part of a ransomware attack today is getting in unnoticed and learning a lot about the environments. Right. And that's gonna be your production environment, what type of storage you have. But also those backups, Right. We're seeing companies or if we call them
06:37
companies like Zane said here, Ransomware Attackers going more and more after after back, you know, the Fortune 200 or anything, but they're they're definitely businesses right. Yeah. They're not highly rated businesses. Right? But yeah. And so, absolutely, they're finding out more and more about environments out there leading
06:57
all the way into backup storage, backup products and they know exactly how to attack each and every one of those, wow, It really is a big problem. Thanks for kind of drilling into that a little bit with us. So I've got a question though, if, if really all they're looking for is money. Should I just pay? Is that a quick and easy way to kind of resolve
07:15
this Zane? What do you think? No, I mean, well, if you're gonna pay, it's, it's not the right model. Right. First of all, I'm not gonna guarantee you're gonna get all your data back, not gonna guarantee the tool they give you to give your data back. It's going to be efficient or work and just
07:32
promotes bad behavior. Right? If you're kind of easy to attack and this is going to be your model, well then why wouldn't I repeat that or why wouldn't another attacker? Right. Again, things have grown in numbers. It's a numbers game for them. So you're just,
07:44
you're just asking for trouble. It really comes down, comes down to the fact that these aren't reputable organizations. You have no idea what they're doing with those funds, what it's going to support that they're gonna honor what they say they're gonna do. So, I mean, it sounds like there's a tremendous amount of risk involved in potentially paying that ransom.
08:02
And I think what we're seeing with some government organizations, it's even becoming ill advised or, or illegal in some places to, to play to pay that. Yeah, you might, you know, liability at least right at the end of the day. Absolutely. So chris maybe get us kicked off. Obviously we're all here for pure storage.
08:21
We're here for accelerate. We want to talk about some of the things that pure is doing and we're gonna get into safe mode but maybe kind of kick that conversation off by giving us a little bit of an overview of how appears modern data protection practice kind of secures customers businesses. Absolutely. Thanks. JD Yeah.
08:40
So you know, I talked about having these conversations day in and day out. We're finding a lot of similarities across the board in the conversations. Right. Obviously ransomware as we're talking about today, the threat of ransomware for all these companies um, also brings a few other needs. Right. The need for fast restore in case you are hit
09:01
by an attack, right? Need to be able to scale to scale your backup or your any of your environments and data without losing management of that. Right? We see a lot of times you scale an environment and now it's just too difficult to manage. Right? So to help with that here is, is doing a few things right one,
09:24
we're still so simple and easy to deploy. Its a big piece of of our message and what our products do because without that simplicity you may have a management headache. Right? So we take that away. Um talking about intuitive a lot. It's you know, there's actually a lot of complex things going on but it's it's putting that engineering
09:45
effort and to make those complex, complex things really intuitive for the user to use because complexity is how these things break down. If it's hard to set up and to remember how to use these tools, you're more likely to not use them the right way and they're not gonna be there when you need them right too much. Yeah, you never absolutely get come to play way
10:03
too too often. Yeah. How many how many times have we gone into environments either that we try to help with or maybe worked at where you know, it's always been that way. Right. So I'm just gonna keep it that way because it's too hard to change. Right? We want to get we want to take that away and absolutely do as pure another piece is that you
10:24
know, I talked about the need for fast restore, we have that rapid restore. We are pure storage, all of our products across the border. All flash and provide you that rapid and fast restore that you would need in this. So really we're setting out to just be the industry leading solution here across the board with speed and ease of use to make sure for your modern data protection that you can come
10:49
back from a ransomware attack as as simple as you would bring back any type of data, right? Any type of restore. So so yeah, we're really really working with customers partners out there that I do every day to ensure that we're providing our customers with that new modern data protection experience, you know, chris I know it's not really the focus of our talk today,
11:12
but I love that you pointed out the speed of recovery, the performance that customers are looking for in these types of solutions. You know, it's it's so funny if you would've asked me, you know, five or eight years ago, if customers would be using all flash for backup? You know, that would have been a really hard conversation to have I think.
11:29
But having things like ransomware that are coming in and showing us that it's not always just about recovering a few emails, it's, it's potentially multiple terabytes of data that are compromising one of these attacks. Getting that data back requires performance. And another thing we're seeing is, you know, after these attacks occur? It's, you know, recovery is key, but a big part of it is also the analysis of what happened.
11:54
How did these Attackers get in, How are they able to compromise? What did they do once they got in? And that performance is also really important to do a lot of the analytics that we do to try to to try to do some of that forensics and so I love that you, you really focused on performance there. I think that's absolutely key or yeah, you might have to stand up this environment
12:14
separate. Well you're analyzing the original one right? Depending on if there's, you know, uh, the laws involved or something to that to that degree. Yep, it's still your data even though it's on the backup, it's still your production data. So it's still very important and flash is warranted. Yeah.
12:30
So we kind of set the stage a little bit. We've talked about safe mode a little now we've had safe mode as part of our product portfolio for awhile now. So I imagine a lot of the customers who are listening to us, you know, probably have some familiarity, but maybe for those who aren't quite familiar, we could take just a little bit of a step back and just kind of remind everybody what safe
12:51
mode is And Zane, I think this is a great place for you to kind of jump in. And, and you know, you talk about how the foundation of safe mode, you know, actually I won't steal it too much for that. You know, we've got some foundational pieces in our architecture that really lend themselves to safe mode. So maybe tell us a little bit more about that.
13:07
Yeah, for sure. And and this slide says purity. Safe mode snapshots. But let's be clear. Safe mode is the protection, these are still purity snapshots and because and we kind of build on that foundation as you mentioned, so because of peer does such a good job of indexing data as it's on its way in. Our snapshots are really,
13:25
really, really fast and really efficient and thin provision and de duped because it's just a meta operations, right? So that makes them very fast to take easy. Really no penalty once you take them and really fast to recover from. Right. So you know, easy to take easy to recover from really no no cost. And you can kind of automate automate that
13:44
again to you too to ease management. And then again, because of this is just a method operation. This is also adds their immutable, right? It can't be changed. This is data that I'm locking it in place for a period of time that I said, so it's truly immutable.
13:59
But what safe mode adds to that is that immutable plus that we like right, it's really that protection for the array and you know, or global as we're moving and really moving this product to lock those in place to say, hey, I'm taking these automated, they're immutable. But if someone does attack and gets the keys, gets the admin access,
14:20
they can't remove that protection from ira And that's really where where the the innovation is and again it's built on whatever what pure provides. So we don't have to make it more complicated or move data around or or or ad inefficiency is the environment. Mhm awesome. So yeah, that's a great foundation for for what we're able to build with safe mode.
14:41
A couple of the things that we really highlight around safe mode is again, like Zane pointed out, it's based on those snapshots. One of the things you're gonna start to see more of as we move forward is we're starting to make those, those safe mode policies more automatic. So previously it was very much opt in, right. So I had to go request safe mode to be turned
15:03
on. I had to go ask for that capability. We're starting to build more and more technology that allows you to either self service or even in some cases and some of this is a little forward looking but in in in some coming releases giving you the ability to actually opt out instead of opt in. So those those policies are already there, ready to go ready to protect you,
15:26
just making it even even less likely that you'll forget or don't have that set up when you need it. I know unfortunately sometimes customers call us who haven't set up safe mode, they call us after an attack and they say, hey, how do I use safe mode? I just got attacked and at that point it's unfortunately too late. We really have to be thinking about these
15:44
things beforehand and some of these capabilities that we're that we're rolling out really kind of help with that to make sure that they're that they're available. Another thing that we're protected. Yeah, absolutely. Yeah. Another thing that we're really focusing on is making safe mode more flexible. So in some of the previous versions of safe
16:03
mode, you know, they're array wide, right, we turn it on and then absolutely every object in the array is protected, which is great because usually you want everything protected. But sometimes we've seen customers have data data protection workloads a lot of times will are a great example, they'll create temporary objects, for example, a temporary clone of a volume so that they can use that as a backup source.
16:29
And when you're done with those temporary or those ephemeral datasets, you want them to go away right away. You don't need them anymore. They're just taking up space. And so a lot of the new things that we've been developing for safe mode are more about how do we make it more flexible? More granular and specifically more object granular.
16:47
So in some cases being able to actually pick particular protection groups that you want to that you want to protect, that you want to enable this on and so forth. Now, most of the new developments in safe mode that we're gonna talk about today are focused on flash array, but we did want to highlight Flash Blade because Flash Blade actually is where safe mode came first. We had this on flash blade before before flash
17:12
array. We, we had a customer that actually reached out to us and said, hey, we need a way to protect against insider threats. We know you've got this capability in in flash blade that allows you to have essentially a timer so that after you delete something after you delete a file system, You have to wait 24 hours before it's permanently deleted.
17:33
Can we put some more blocks on that to make that a little bit more of a protection from a threat? And the original thought was kind of insider threats that translated very well to ransomware. And so uh, safe mode actually got its uh its genesis with flash blade and the safe mode on flash plates still array wide.
17:53
It's it's kind of a hidden protection group that's automatically protecting you once it's enabled and that's gonna protect all the file systems. Right. And the key thing about having this on flash blade is that flash blade is really typically what we tend to think of when we think of data protection and and pure for most use cases, not all, we certainly have some great data protection vendors out there who work really
18:16
well with with flash array. See for example, but because of the parallelism because I'm able to read and write many streams of data side by side. Flash blade just lends itself incredibly well for a lot of data protection use cases. And so it's it's really natural. That was kind of the first place that that safe mode we are continue to developing develop some
18:39
new capabilities around safe vote for flash blade in three D audio and 3.3. Some new capabilities came out we now have that uh in three dot oh that configurable eradication timer, That's that timer when objects are deleted that they stick around before they're permanently eradicated, you can now configure that up to 400 days. Now when you consult with one of our SCS, I I think it's unlikely that many customers would
19:03
need all 400 days. Typically we're looking at, you know, 7 to 14, maybe a month kind of depending on the use case but that that flexibility is there if you need it. And then of course with safe mode you're disabling that eradication you're making where you can't manually change that, making those automatic snapshots.
19:19
So you've got those objects that are protected and it works with replication in 3.1. Now there's a little you might say it's a minor feature but one of the things I really like is that we've tried to make uh this more visible to customers so that they know that they're protected. They know it's enabled. One of the ways that we do that is having that, that gooey based safe mode indicator right
19:40
there on the ui when you log in so that you can see that safe mode is on and protecting 3.3. More recent release, we've actually continued to increase the capabilities with safe mode. Now we support safe mode for objects. That is still something that's being developed within early stages. They're one of the primary use cases today is we've worked with one of our data protection
20:01
partners, calm vault to actually be able to back up data to s three on flash blade leveraging uh safe mode for objects. So really powerful use case and there with our with our good partner come vault Actually, it's highlighted there the next point down that's with 11.20. And then we also have bidirectional replication support with safe mode in three to do so you
20:29
guys just continuing to expand the capabilities of what we can do with with safe mode there. But I think flash array in the very recent purity f a 6.3 releases where we've really started to see a lot of new enhancement. So maybe chris you want to talk, I talked a little bit about flash blade. Maybe I'll let you tell everybody a little bit more about what we're doing with flash array.
20:57
Yeah, Thanks. So this is a safe boat on on flash array similar to the concepts that you discussed. Right. But yet different ones on a unified file and object platform. And this is going to be safe mode on our block on flash array any of our flash array products. The timer is a little different. We can do up to 30 days of protection on a
21:21
flash array. I would argue that still totally sufficient for almost every use case. If somebody tries to delete it, right? That's not. You can you can protect absolutely great great point. I actually wanted to bring up that that point. Right.
21:39
If you have, if you are taking snapshots via via P groups or protection groups and you have a retention period, you get all of that retention period. Right? Safe mode is then if A bad actor comes in and tries to delete it, it will keep it around for that many more days. Right, so you have up to 30 days to realize something happened while while it's sitting in
22:02
a you know, a destroyed bin and you can bring it back even, you know, a further thought that I wanted to bring up is where you mentioned data protection as well. Right, safe mode can work on all of our raise many times. This is in production And you can protect your production workloads. Where on a setting a safe mode timer,
22:26
that eradication delay, you might want it a little longer. Right? 14 days up to that 30 days. Many more on flash blade. Even in a backup workload we have discussions where that many days is probably not necessary because backup workload. You already have your backup retention.
22:43
Alright, so every every snapshot that's protected by safe mode has all of that retention for you when you bring a single snapshot back. So different ways to think about it. Right. And kind of all going to your point JD that 30 days is more than enough and nearly all use cases. Right. So again, go ahead. You made me think of something that I wanted to
23:05
highlight is you, you've talked about how a lot of these features are really configurable. You can have more or less suiting your needs. We're starting to get more features around granularity. One of the things that I wanted to point out is, you know, there's just, there's three of us on this presentation today that are incredibly knowledgeable about safe mode. That same knowledge exists in all of our
23:26
technical sales organizations throughout the world. So if this is something that you're thinking about and you're like, gosh, what, what, what kind of policies, what kind of timer links really makes sense in my environment. There's a lot of incredibly well experienced teammates out in our technical sales organization.
23:45
They'd be delighted to kinda to kinda help you with this. Right, Absolutely. So moving on to safe mode features, this is a great slide. If not a little busy to show the progress we've made across releases for flash array safe mode. So I won't go through all of them here because
24:07
you can see it, but a few of them that really stick out. I just kind of point out a few that were um exciting to me one first that, you know, starting at the very front there 5.3 when we really released the configurable eradication timer. Just brought so many new capabilities to our customers now more and more recently. Right. We've brought the that
24:30
configurable eradication timer and the disabled eradication two files as well. So not just block on flash right now. Also for flash array files all the way to 26.3 which we have today that JD has mentioned where we're doing object level safe mode. Right? So you can kind of pick the protection groups you want to protect and then onto tomorrow. Right 6.3 x when
24:57
when it will be auto on and you will have to opt out of each, each individual object so and so if you do nothing you're protected. Yeah, it's gonna be. And I know both of you do a tremendous amount of work with our great data protection alliance partner VM One of those features in 63 it was actually in large part designed to help in
25:23
scenarios that that where we're integrating with them maybe Zane just talk a little bit more about how objects safe mode is helping out our r v m Yeah. And I think you alluded to it earlier. Right. Is is because partner like VM can leverage, you know, cloning volumes and our snapshot technology to back up over the storage integration that they have.
25:49
You wanted to be safe but that caused some problems with safe mode as it was not problems. But those things as you mentioned, you know, you want those gone as soon as the backup is done, they're there for efficiency. They're not there to protect her or just wasteful. Wasteful. Yeah, it's fine. Again, we talked about how efficient, you know, snapshots are.
26:07
You know, it can look a little crazy because you have all these objects that, you know, it takes some time to get rid of because Vince wants to manually delete them. Um and safe mode works. So with this, with this granularity per P group are calling it kind of object for object safe mode that goes away so you can have production array that's got both protection as well as use the efficiencies of a vendor like them.
26:30
So you can have them both in the same world. Let them do what it does well and still be protected on your array and and and add that layer. So I'm really excited to see that and putting that out in the field and and and and and and seeing what's next awesome. So guys, I think we've actually got a little bit of a demo lined up to highlight some of the new features.
26:50
Again, this session is all about what's new with safe mode. And so we're gonna actually kick off the demo before I do, we'll talk just really briefly about what we're gonna show, we're gonna focus on the last the last three features in this list really the two before the end because auto on safe mode that's going to be coming very soon in a future release.
27:07
So Automatic snapshots, this is so today with safety or prior to 6.3 actually 6.2 dot x. If you wanted to have a a snapshot policy that was protecting your volumes, you would have to create api group and remember to add a snapshot schedule and add your volumes to that protection group. We'll see in the demo that we've got some new
27:37
capabilities that are making it even easier to make sure all of your volumes are protected um and that you don't inadvertently leave out any volumes and we'll show it again, we'll show that off a little bit more in the demo. And then the other thing is we're gonna show off that object level safe mode that jane talked about showing how you can be very granular and figuring out which volumes you
28:00
want to protect and which ones don't need to be protected because they're temporary or ephemeral data. So that guys, what do you think? Get into the demo? Let's do it. All right, cool. Now this is a pre recorded demo because there's some areas here where we wanted to be able to
28:17
kind of speed things up so to fit in our time. But we're just gonna kind of talk to a little bit of what's what's happening. So I kicked things off here. And the first thing I wanna do is I want to highlight that this is purity 6.3 and that safe mode has been disabled. There's that that uI indicators stateless status.
28:35
Now a lot of things in 6.3 are are actually user configurable. So you can see that. Eradication delay in settings by default. That's 24 hours. I'm gonna go ahead and make that seven days. That's the policy that's gonna work for me. And now I will start creating some protection groups.
28:54
So my first protection group now, you know the running joke here is that we're all incredibly creative when we create all these things. So I'm going to create a protection group called default P group with safe mode. Make sure you always know what I'm doing exactly. Now notice there's a new column here called retention lock and that it's unlocked.
29:20
So this is the indicator for that granular P group safe mode. So you can show per P group whether it's been locked or not. And if you drill down into that particular P group, you see the additional settings, there is safe mode down there before I turn that on though. The first thing I wanna do is I actually want to create my schedule because you'll see in a
29:38
second once I've turned on safe mode, it may be difficult to change some of these settings because if I were an attacker, I wouldn't want to reduce the schedule with which I was creating these snapshots so I'm gonna go ahead and set my schedule here and enable it now that I've picked that schedule now is the time to go and turn on safe mode. Now you can see here they're using the term ratcheted to refer to a P.
30:13
Group with safe mode turned on it's a reminder once you've turned this on you have to work with pure technical services to turn it off again. So once I click that's a that's a one way that's why they call it ratchet. It's a one way operation. I can only I can only self service in that direction. So now I have a protected P group,
30:30
let's go ahead and add some volumes. I have one volume, it's my sx data store. And let's demo what would happen if I did try to reduce that schedule So I'm currently taking snapshots every 12 hours. What's let's reduce that to you just once a day, nope not gonna let me do it
30:54
and I can see that air message right there reminding me that I can call pure technical services if I do need to make those changes. Okay fine well what if I just turn off safe mode. Well again that's a one way ratchet so I'm not gonna be able to do that either. Again these are the mechanisms that are protecting me from an insider threat or from from a bad actor.
31:14
Alright, I'm gonna create another protection group here. Just so I've got to to kind of contrast back and forth. This is gonna be my unprotected p group. The intention is I'm not going to turn on safe mode here and I can see now the difference in that retention lock section. Alright, we'll go ahead and give it a schedule as well.
31:39
But I'm not I'm going to turn on the schedule, I'm not gonna turn on safeguards. Now we're going to demonstrate another new capability which is the create new volume. Wizard has actually been updated to make it easier to remember to add volumes to a protection group, someone to create a new volume. I've all give it a size, you'll notice there's a new check market box there that says add to
32:09
protection group after volumes are created, that's on by default. And so the next page of the wizard is gonna actually ask me which protection group I want to add that volume to. If I want to create a new one, I can even create a new one right here in the same ui again, just trying to remind everyone, you know, to take advantage of those snapshots.
32:27
Take advantage of a safe mode to protect that data set. So it's not automated but it's it's in the provisioning flow so it makes it easier to so if I go back to the protection group, go examine it and I can see that that volume was indeed added. Perfect. And so I was able to do all of that completely
32:53
self service. I didn't have to reach out to your technical services at all, which is a really big part of some of the new capabilities that that self service capability. But there's actually another new feature called Global Volume protection and Global volume protection does require me to reach out to pure technical services. And the idea with Global volume protection is
33:14
that I have one P group that's actually special. It's special from all the other P groups because with this P group instead of manually selecting individual volumes that I want to add and remember I've actually made that easier now because it's part of the new volume workflow. But if I want to make it even easier, even approaching automatic, I can create a very special type of P group that includes all volumes,
33:42
including new volumes that are created after the P group is created. So it's going to dynamically include every volume in the array in this special kind of protection group. Now, in order to enable this feature, I have to have a protection group that is completely empty that doesn't have any members yet and I have to reach out to pure technical services to do this.
34:05
So I already have a protection group created that I want to use it's called default P group with safe mode but it doesn't meet that criteria that I just mentioned because there's already a volume. So what I'm gonna do now is I'm actually gonna reach out to Pure Technical Services and I'm gonna ask I'm gonna authenticate and when I asked them, hey, would you disable safe mode on this one protection group so that I can go
34:26
remove the volume from it. Right. And so the slide kind of represents that little waiting period where I've reached out to Pure Technical Services when I come back, that's going to be done. You can see now under retention lock from my default P group of safe mode, you can see that it's now unlocked. So in the in the intervening slide there I
34:47
reached out to to tech services and they unlocked that protection group for me. So let's go ahead and continue with the demo again, highlighting that that's unlocked because it's unlocked. Now I can go and remove that volume. That's a member. I wouldn't have been able to do that prior. And that's it. Pretty simple.
35:11
So now I have a protection group that's ready to be converted into this special protection group that is used for global volume protection that covers all my volumes. So once again we'll will hand over to tech services a little movie magic is happening behind the scenes, they're making that change And with that I'm gonna hand it over to Zayn Zane, why don't you take us through the rest of the demo here.
35:36
Absolutely. So now we'll see in this demo here. Get it started that the member is now all volumes. Right. It's got that that astra, is that wildcard symbol? So all new volumes could be added to this protection group. So before we had that single volume we pulled it up.
35:54
It isn't ratcheted. So like before you got to got to ratchet that P group. And now safe mode is enabled on that protection group. We're gonna create a new volume here and that's what you might might have guessed why we have that unprotected P group. So once we create our volume, we're gonna do the won?
36:11
T like before my vault too, we're gonna go ahead and attitude protection group. But you'll notice it's the unprotected P group. Not that global default one uh that we just created that has the catch all got it in a protection group that I added to purposely we're gonna go in and take a snapshot the show that it's still being protected by the Global protection group. Again in the unprotected but it's protected by
36:37
the global go ahead and take a snapshot on the protection group itself. That global one. The the one with safe mode enabled. There we go. Number two default view group of safe mode too. If we dig into that, we can still see again that volume that we didn't add to the protection group was picked up by it because it has that wildcard designation on it and it
37:03
protects all volumes. So what this means is you can have that granularity, you can have a different schedule on a protection group. Maybe there's protection, maybe there isn't. But you still have a rebased protection that come in here and try to destroy those snapshots. You're not gonna be able to fully destroyed from the array.
37:20
Right? So they maybe this is a shorter schedule. Maybe a shorter protection safe mode schedule, I mean, and the rest just to protect you from that bad actor, but you still, you know, you have flexibility with with other protection groups, make it and then just making it simple. Right?
37:36
Anything that now that now that's set up any volume added to this array again, you you know, has that protection enabled? You you highlighted the same but I just want to make it really clear since in the demo we actually did add that volume to a different protection group. That's that's completely obvious.
37:53
We were we were trying to hide, trying to highlight the fact that that volume was going to be a member of that universal. That special protection group, regardless of whether it was or wasn't a member of any other protection group, it's gonna be, it's gonna be there and that's going to make sure that it's protected. That's it. That's a great point, yep, you didn't even no
38:14
matter what change you do, you're going to be protected. Yeah. So chris what is the theme of the new features? Don't pay the ransom. Just forget about it, right? It's automatic simple. Do nothing going forward. Yeah. We really don't do it.
38:31
Don't pay the ransom. Yeah, we've got some great new capabilities here. I really appreciate everyone joining us for this session to hear a little bit more about what's new in safe mode and you know what? There's even more stuff to come auto on safe mode right around the corner. That will be the next big enhancement that we
38:46
get for safe mode for flash array. But before we end Zane, I think actually we had one more thing, didn't we? Yeah, let's let's not forget about pure one. Right? All this goodness that's added to the flash array and safe mode. Well, of course, in pure One,
39:01
you can see that as well. Right? So you can get this fleet wide view monitoring to make sure you know where your protective where you're not right? We're moving towards that automatic. So this is it's gonna be easier. But definitely from a from a global perspective where you can see that you're compliant and show that in pure one,
39:17
right? And this is all included Runs in the Pure one Cloud. Love it guys. It's been a lot of fun getting to go through some of this with you. You know, it's always a good time when the three of us get to hang out with some of my favorite colleagues here appeared to get to work with Zane chris,
39:33
appreciate you both very much and to everyone viewing the session. Thank you. We really appreciate you spending the time and joining us and I hope you have a wonderful Accelerate Tech Fest 2022. Thanks so much. Thank you everyone.
  • Ransomware
  • Video
  • Pure//Accelerate

Ransomware attacks are constantly evolving. As should the tools you use to defend against them. This session is for SafeMode noobs and veterans alike. We'll start by answering the question, "What is SafeMode?" We will then review all of the new SafeMode features that have been developed in the last year. Join us as we discuss what makes SafeMode simple, secure, and now... automatic.

11/2024
How Healthy Is Your Data Platform Really?
Complete this self-guided wellness check to help determine if your data platform can successfully adapt with your organization into the future.
Infographic
1 page
Continue Watching
We hope you found this preview valuable. To continue watching this video please provide your information below.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Your Browser Is No Longer Supported!

Older browsers often represent security risks. In order to deliver the best possible experience when using our site, please update to any of these latest browsers.