On 2020-10-12 5:36 a.m., Anthony Frnog wrote: > Hi, > > To begin, my apologies if I post à the wrong place. > > I use DRBD (version 9) on differents servers. My DRDB cluster is a > shared storage for VM on Proxmox et Vmware Currently, there is a lot of > ransomware attacks. This is a really problem... So, if my DRBD cluster > is encrypted, all data will be encrypted and all VMs will be "dead". My > question is: Is there a DRBD solution able to save all data stored on > DRDB node in order to restart my production if I have a ransowmare ? > > > Best regards Anthony
There's no specific anti-ransomware tools in DRBD, but you could set something up easily enough. You could, for example, take periodic snapshots of the backing LVM devices (assuming you use LVs to back DRBD resources). You could keep N-number of snapshots and automatically cycle them out. How often you snapshot, and how many you keep, would depend on your wants and resources. You probably want to be able to roll back at least a week though, as it is my experience that some ransomware attacks lay dormant for a period of time before encrypting (to get into backups). In the end, DRBD is fundamentally an availability solution, and not a backup solution. (Same idea as how "RAID is not backup"). You really need to be sure that your data is backed up safely and incrementally. Any snapshot-based approach should be seen as a way to more rapidly recover to production, and not as a core backup method. -- Digimer Papers and Projects: https://alteeve.com/w/ "I am, somehow, less interested in the weight and convolutions of Einstein’s brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops." - Stephen Jay Gould _______________________________________________ Star us on GITHUB: https://github.com/LINBIT drbd-user mailing list [email protected] https://lists.linbit.com/mailman/listinfo/drbd-user
