Check out our companion blog!
Feb. 6, 2023

Block ransomware from writing to your Windows Veeam backup server

Block ransomware from writing to your Windows Veeam backup server

We've talked a bit on this podcast about ransomware groups targeting Windows-based backup servers, and Veeam specifically. There's a new product on the market targeted at this problem, and it's called Blocky for Veeam from Grau Data. Today we have the founder & CEO of Grau Data, Herbert Grau, and their head of North American operations, David Cerf. What we didn't know until recording this episode is that these are the same people that used to make the gigantic Grau tape libraries that is used covet back in the 90s! They got out of the hardware business and have been making software ever since. Blocky for Veeam is a new application of another battle-tested product. Fascinating story, and one that will have other applications in the future.

Mentioned in this episode:

Interview ad

Transcript
Speaker:

On this episode of restore it all.

Speaker:

We've got a new solution for the problem of ransomware attacking

Speaker:

Windows-based backup servers.

Speaker:

This one's aimed specifically at Veeam, but it looks like there

Speaker:

are many other applications.

Speaker:

So hope you enjoy this episode.

W. Curtis Preston:

Hi, and welcome to Backup Central's Restore it all podcast.

W. Curtis Preston:

I'm your host, w Curtis Preston, aka a Mr.

W. Curtis Preston:

Backup.

W. Curtis Preston:

And I have with me the guy that I think is gonna help me

W. Curtis Preston:

find a new recording platform.

W. Curtis Preston:

Prasanna Malaiyandi how's it going?

W. Curtis Preston:

Prasanna

Prasanna Malaiyandi:

I'm good.

Prasanna Malaiyandi:

Curtis.

Prasanna Malaiyandi:

I, well, so I don't think it's all doom and gloom for the

Prasanna Malaiyandi:

podcast recording platforms.

Prasanna Malaiyandi:

Um, we'll just have to wait and see.

W. Curtis Preston:

Let me introduce today's guests . This is a unique one.

W. Curtis Preston:

I've known and known of our two guests today.

W. Curtis Preston:

And by the way, it's unique.

W. Curtis Preston:

We don't, we rarely have two guests.

W. Curtis Preston:

I'm gonna have to figure out how to fit you on the, on

W. Curtis Preston:

the, uh, Brady Bunch screen.

W. Curtis Preston:

I've known of one guest for almost as long as I've been in backups, and I

W. Curtis Preston:

was an admirer of his early work, and we'll talk about that a little bit.

W. Curtis Preston:

And then our other guest, I've known him for quite a while as well.

W. Curtis Preston:

And, uh, we've, we've gotten in trouble a little bit here and there, uh, together.

W. Curtis Preston:

So first I wanna welcome the c e O of Grau Data, Herbert Grau

W. Curtis Preston:

Thanks for coming on the podcast

Herbert Grau:

Thank you gentlemen for inviting.

W. Curtis Preston:

and, uh, And welcome of course to David Cerf.

W. Curtis Preston:

How's it going,

David Cerf:

Very good, Curtis.

David Cerf:

Good.

David Cerf:

See you.

W. Curtis Preston:

So I, so by the way, the fact, you know, I knew, I knew that

W. Curtis Preston:

we were talking to GR data today and I knew that, or at least I believed

W. Curtis Preston:

at the time that you were, uh, the same company or a follow on company

W. Curtis Preston:

from the company that I knew way back in the day, what I did not expect.

W. Curtis Preston:

Is to have a guest whose name matched the name of the company.

W. Curtis Preston:

So that was a big surprise to me.

W. Curtis Preston:

So let's go, Herbert, let's go back in the day.

W. Curtis Preston:

The first time I remember seeing you or seeing, you know, hearing

W. Curtis Preston:

of your, your, your company were these gigantic tape libraries.

W. Curtis Preston:

And I remember back in the day looking at them going, that looks amazing.

W. Curtis Preston:

Like, it was like , they were just these ginormous tape libraries that

W. Curtis Preston:

here I was, I was an early Spectra Logic customer, and they had these little,

W. Curtis Preston:

you know, these little carousel things.

W. Curtis Preston:

So I was dealing with like 30 tapes and you were dealing with thousands of tapes.

W. Curtis Preston:

And I remember going, holy cow.

W. Curtis Preston:

And one, one thing I remember was that the libraries were so big and they were

W. Curtis Preston:

so cost effective that it actually, and, and you can correct me if I'm wrong,

W. Curtis Preston:

what I remember was, That it actually cost more to fill it up with tape

W. Curtis Preston:

than it did to buy the library itself.

W. Curtis Preston:

Right?

W. Curtis Preston:

The, the library was so large and so cost effective that that was the case.

W. Curtis Preston:

Um, you wanna talk a little bit about those old days,

Herbert Grau:

Yep.

Herbert Grau:

Well, I started already very early in the 1980 eighties.

Herbert Grau:

Uh, our background was machine building, so I took the company from

Herbert Grau:

my father and we were, uh, automotive suppliers and machine builders.

Herbert Grau:

So we were not a, not an IT company, and IBM brought this, uh, tape to

Herbert Grau:

the market and had no automation.

Herbert Grau:

And StorageTek was already there and IBM had nothing.

Herbert Grau:

So we filled that gap and built a tape library in the first days.

Herbert Grau:

Weird enough, without any software connected to the host.

Herbert Grau:

This came over time through the customers, but we have been building

Herbert Grau:

these really cooltape libraries and they were called mixed media libraries

Herbert Grau:

because we could automate anybody's, uh, tape drives from Hitachi, from other

Herbert Grau:

vendors as well, even in the mixed mode.

Herbert Grau:

And so we were the exact counterpart of StorageTek or from us, and we

Herbert Grau:

had kind of more an open approach.

Herbert Grau:

And, and the second generation, we introduced the Quatro Tower.

Herbert Grau:

This was a cool patent we had.

Herbert Grau:

On one Cerface, the cartridges were moving inside small towers, so we

Herbert Grau:

could have 5,000 IBM cartridges on a small footprint, and we were shipping

Herbert Grau:

tape libraries around the world.

Herbert Grau:

When eMASS joined my company and a very large library would have 30,000 IBM tapes.

Herbert Grau:

So six of these towers in a row, and a tape robot, a traveling,

Herbert Grau:

moving robot on one side and if necessary on the second side.

Herbert Grau:

So we had a double robot system and 30,000 tapes in a row, and

Herbert Grau:

what we call also could do.

Herbert Grau:

We had a special, uh, tape format implemented, called D two, which

Herbert Grau:

only the US government had.

Herbert Grau:

If you want, I still have on my, on my drawer here an a

Herbert Grau:

d two tape from these days.

Herbert Grau:

And we converted our tape libraries to this special technology and then we

Herbert Grau:

ship through eMass to the famous unknown customers, to the famous government agency

Herbert Grau:

under us, the NSA board in 1995, a tape library with a capacity of 400 terabyte.

Herbert Grau:

At that time, my biggest customer of the Deutsche Bank had.

W. Curtis Preston:

Wow.

Herbert Grau:

said, holy cow, who in the world needs 400 terabyte?

Herbert Grau:

And what for?

Herbert Grau:

But then somebody from eMass explained me what these guys were doing, all

Herbert Grau:

these satellites in the Iraq and they had eight supercomputers from

Herbert Grau:

Cray and this was awfully expensive.

Herbert Grau:

So all this data I came from satellite in, Longley or whatever down to earth

Herbert Grau:

in this, uh, data center underground and eight super commuters and then an HS

Herbert Grau:

m of the early days called file serve.

Herbert Grau:

I think, I think Quantum is still selling this today.

Herbert Grau:

and files serve moving data.

Herbert Grau:

Yeah.

Herbert Grau:

Files serve and moving data to tape out.

Herbert Grau:

And this was of course a breakthrough from a small company because then we

Herbert Grau:

sold big time, uh, machines to the D O D.

Herbert Grau:

And in, in the US of course, unfortunately.

Herbert Grau:

Then, uh, eMAss, uh, actually the mother company of eMAss is

Herbert Grau:

Systems got bought by Raytheon.

Herbert Grau:

So the missile biased, the satellite, and then the whole thing got difficult

Herbert Grau:

and they wanted to sell this off, and I couldn't buy my company back.

Herbert Grau:

So I sold my remaining shares then to ADIC bought then eMass and I had restarted

Herbert Grau:

Crau data in Germany, again, sold my shares, and two weeks later I was on the

Herbert Grau:

market again with a new company, Crau Data, which is the company today because

Herbert Grau:

they name was not so important anymore because eMASS wanted to have eMAss data

Herbert Grau:

storage, and I was Crau data storage.

Herbert Grau:

Uh, well, Eddie wanted to get me back, but then I said, no, I, I do it on my own.

Herbert Grau:

And then we entered the market first, again, with atape

Herbert Grau:

library called Infini Store.

Herbert Grau:

But this was already an appliance software, server,

Herbert Grau:

disk, and tape in one device.

Herbert Grau:

And we sold this nicely in Germany until, uh, one point in time.

Herbert Grau:

It was not possible anymore for a small company to sell hardware.

Herbert Grau:

And then we had extremely nice products, hardware, products,tape libraries, new

Herbert Grau:

generations, smaller, uh, easy, lean, cost effective, but we had to sell this.

Herbert Grau:

And then I met David, this was about 2 0 7, and then I restarted the

Herbert Grau:

company again, the same company, but they restarted as a software company.

W. Curtis Preston:

Mm-hmm.

Herbert Grau:

So, and then of course, tape, H S M was our background.

Herbert Grau:

So we had a product, which in ib, um, H P E O, emd, it was on their

Herbert Grau:

price list as file system extender.

W. Curtis Preston:

Mm-hmm.

W. Curtis Preston:

But not

Herbert Grau:

very successful because HPE was in the terminal,

Herbert Grau:

so many products, and we kind of were sitting between the chairs.

Herbert Grau:

And then HPE stopped the contract and we sold it under the Grau logo.

Herbert Grau:

And over time we worked our portfolio.

Herbert Grau:

And in the last four years, we have developed a complete, almost

Herbert Grau:

complete new product portfolio, which now re uh, looks really good.

Herbert Grau:

And that's why I'm, I'm in the mode of re-entering to the US

Herbert Grau:

with my friend David, and sell our nice products to the us.

Herbert Grau:

And I have been coming and traveling all along the last years.

Herbert Grau:

Still have partners and friends and, and no customers anymore, but

Herbert Grau:

this will hopefully change soon.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

You know, it's interesting, David, you know, when, when we started talking, um,

W. Curtis Preston:

about, you know, I, I discovered this other product, this newer product, right?

W. Curtis Preston:

And I had no idea.

W. Curtis Preston:

Right, because I, I think this latest product is absolutely going after a

W. Curtis Preston:

problem that is really important, right?

W. Curtis Preston:

Um, the, the, the slight, the slight problem called ransomware, right?

W. Curtis Preston:

Um, and, um, in fact, I just, just a week ago I came out with an article

W. Curtis Preston:

in Network World that talks the, the title was, uh, ransomware is

W. Curtis Preston:

Coming for Your Backups, right?

W. Curtis Preston:

That's coming for your backup server specifically.

W. Curtis Preston:

And the, this latest product is, is, is aiming at solving that

W. Curtis Preston:

really new, challenging problem.

W. Curtis Preston:

Um, but, uh, I had no idea when, when we started talking that we were gonna be

W. Curtis Preston:

talking about a person that, that I've , that I've been involved with for 30 years.

W. Curtis Preston:

David, what, what do you think?

W. Curtis Preston:

Um, Uh, what's your goal as you, as you move this company in, you know,

W. Curtis Preston:

into the us or to expand it into the us

David Cerf:

Well, Curtis' phase we're at his awareness.

David Cerf:

First of all.

David Cerf:

Um, I think you're, it was funny how we did reloop together, which was

David Cerf:

that Dave Russell and I were talking and he had mentioned he had heard

David Cerf:

this podcast talking about Blocky for

David Cerf:

Veeam

David Cerf:

which is the product you were just mentioning, and he

David Cerf:

didn't mention it was you.

David Cerf:

And so I had to go look it up, and then I was like, well, it's Curtis.

David Cerf:

Uh, wow.

David Cerf:

And I, so we reached out.

David Cerf:

And so, uh, so there's, the point is that awareness issue is that, um, Grau

David Cerf:

has done exceptionally well in Europe.

David Cerf:

Uh, working with channel partners and around, uh, the, the customer

David Cerf:

base, uh, for, because as you mentioned, uh, ransomware is

David Cerf:

such a critical issue right now.

David Cerf:

And, um, the, the way the blocky product works is a zero trust that in it

David Cerf:

really, uh, brings a level of security to the large, uh, the largest install

David Cerf:

base for Veeam or these Windows users.

David Cerf:

And, uh, this gives 'em a very simple, easy.

David Cerf:

Quick solution, and that went like wildfire through the reseller partners go.

David Cerf:

So Europe behaves a little different, right?

David Cerf:

Channels a operate a little differently than American channels and, uh, resellers.

David Cerf:

And so they've done incredibly well with this traction and awareness.

David Cerf:

So we'd like to bring that awareness and that success, uh, out of Europe,

David Cerf:

uh, and not just to North America, but globally because, you know, v of course

David Cerf:

is global, uh, has a really strong footprint in South America and Asia,

David Cerf:

and you have a tr and the majority of their customers are Windows users.

David Cerf:

So getting that message out would certainly be the, the goal.

David Cerf:

And I think the product speaks for itself because there are no real options.

David Cerf:

It's either you, either I have Windows and I do something or I don't.

David Cerf:

And we're that something you can do to bring security and cyber?

Herbert Grau:

Currently we have four products, three of

Herbert Grau:

them, brand, almost brand.

Herbert Grau:

And we have a product which we sell since many years very successfully.

Herbert Grau:

It's called File Lock.

Herbert Grau:

It's a Windows based software for compliant archiving.

Herbert Grau:

And we have a KPMG certificate that nobody can alter data after it has been archived.

Herbert Grau:

And we have sold this product about 1,500 times in Europe.

Herbert Grau:

And it's based on the filter driver technology.

Herbert Grau:

And it's embedded in Windows.

Herbert Grau:

So you can have it on the Windows server, very simple on the physical or virtual

Herbert Grau:

machine, just install the software.

Herbert Grau:

And this filter driver, make sure nobody, not even the admin, can

Herbert Grau:

alter data, which is supposed to be archived for 10 years or whatever.

Herbert Grau:

It has the same API as the Snap Lock API from NetApp.

W. Curtis Preston:

Oh, that's one that Prasanna should know.

Herbert Grau:

And, and the snap Lock was the role model.

Herbert Grau:

And this API is, um, not protected.

Herbert Grau:

So we have the same api, single file retention, like uh, snap

Herbert Grau:

lock but we are independent.

Herbert Grau:

We run on the Windows server and we scale as much window scales

Herbert Grau:

from hundred gigabytes for a small company to multiple terabyte in large

Herbert Grau:

sites, cluster ready, everything.

Herbert Grau:

And this product is pretty cool and stable because filter driver technology

Herbert Grau:

was not so stable 20 years ago.

Herbert Grau:

We produced blue screen in the very early days.

Herbert Grau:

All the Veeam guys asked me that.

Herbert Grau:

But since, uh, Microsoft introduced a mini filtered technology, so

Herbert Grau:

an official interface for filters more than 10 years, we have zero,

Herbert Grau:

zero problems with the product.

Herbert Grau:

Very cool product, very lean.

Herbert Grau:

And one customer said, Herbert data in file lock cannot be altered by

Herbert Grau:

nobody, not even by ransomware.

Herbert Grau:

That's cool, but I cannot buy a compliant archive for my data in my, the

Herbert Grau:

backup should be able to override it.

Herbert Grau:

So we took this idea and said, we create a new block, uh, product called Blocky.

Herbert Grau:

And this is like a filter driver.

Herbert Grau:

This is like a sheet metal plate, a warm, a warm shield.

Herbert Grau:

Nobody can go through it.

Herbert Grau:

And then we drill a small hole.

Herbert Grau:

And in the small hole, one guy says nobody can pass except the Veeam application.

Herbert Grau:

And if the Veeam application comes, this application always has to show a passport

Herbert Grau:

and a fingerprint, like if I enter the us.

Herbert Grau:

Okay?

Herbert Grau:

And that's why we can block everybody, even the good and the

Herbert Grau:

bad, except the one application which we whitelist, and that was blocky.

Herbert Grau:

We also have for IBM TSM customer, but this was the first one.

Herbert Grau:

And the selling was, uh, the, when a word, uh, you call this word on mouth,

Herbert Grau:

customer said, wow, it's explained.

Herbert Grau:

20 minutes, it's installed in 10 minutes.

Herbert Grau:

It's so effective, costs less, and is really cool and effective.

Herbert Grau:

And that's why we sold 500 customers only in German speaking countries in the last

Herbert Grau:

four years, among them pretty big names from small Soho customers to really,

Herbert Grau:

really large international corporations.

Herbert Grau:

And that was really, uh, really a home run for us because we could use

Herbert Grau:

the technology which was proven over many, many years to a different field.

W. Curtis Preston:

And, and so it sounds like this, this grew out of that, the,

W. Curtis Preston:

the audit proof archiving, uh, line that you had the file lock from there.

W. Curtis Preston:

Um, and then you also, you've also got a couple of other products.

W. Curtis Preston:

You talk about metadata mining and the tape object archive.

W. Curtis Preston:

Do you wanna talk about that a little bit?

Herbert Grau:

All of course tape is our background as we talked

Herbert Grau:

and Ta tape will never go away.

Herbert Grau:

So we have a product which we have on the market since, um,

Herbert Grau:

almost 20 years now is stable.

Herbert Grau:

Product was a bit aged classical tape hsm.

Herbert Grau:

Like other products.

Herbert Grau:

And we have customers, big customers like Max Plank Institute with

Herbert Grau:

multiple petabyte and 10 of these.

Herbert Grau:

And we have a legacy installed base.

Herbert Grau:

And some time ago we decided that we do a new architecture because

Herbert Grau:

we think tape will never go away.

Herbert Grau:

Next, whatever is, it's a niche market, but we are an expert

Herbert Grau:

in this niche, niche market.

Herbert Grau:

And I have customers which I want to lead to the next generation.

Herbert Grau:

And that's why we developed a product called Extreme Store.

Herbert Grau:

And this is now an object storage product is a scalable object

Herbert Grau:

storage software with S3 to tape.

Herbert Grau:

That's a difference.

Herbert Grau:

And with this object,

W. Curtis Preston:

I, I interface with it via the S3

W. Curtis Preston:

protocol, and then you put it on

Herbert Grau:

Uh, Maybe you know the Black Pearl from Spectrum

Herbert Grau:

Logic, because we mentioned that

Herbert Grau:

name and that's kind of a product.

Herbert Grau:

Well, we not, we compete, not so much in Germany, but in the US

Herbert Grau:

this would be our major competitor.

Herbert Grau:

But this is a market where only very few companies play.

Herbert Grau:

In Europe, I see two and we have I think, the best architecture, architecture.

Herbert Grau:

Um, we have a scalable architecture.

Herbert Grau:

We have, uh, no SQL database.

Herbert Grau:

We can scale this vertically into multi-billions and

Herbert Grau:

horizontally into multi-services.

Herbert Grau:

And important in the tape world.

Herbert Grau:

If we have very small files and you have billions, you have to do containers.

Herbert Grau:

You cannot put small files on tape and retrieve a billion files

Herbert Grau:

from tape without containers.

Herbert Grau:

And that's why this container technology is important.

Herbert Grau:

And we recently did a test in a partner data center of 1.5

Herbert Grau:

billion files in one bucket.

Herbert Grau:

And this is endless, scalable.

Herbert Grau:

That's important.

Herbert Grau:

And then of of course we have a modern, modern web ui.

Herbert Grau:

Some guys like still the command light interface, but more and

Herbert Grau:

more younger guys on the web ui.

Herbert Grau:

And so we have some cool things around the product, which is

Herbert Grau:

in this niche, a cool product.

Herbert Grau:

And now I have mentioned three.

Herbert Grau:

And the three would normally be good enough for a company Grau data with 30

Herbert Grau:

people having an archival background.

Herbert Grau:

But.

Herbert Grau:

I have a new product and that's really a cool product and

Herbert Grau:

that's called the Meta Data Hub.

Herbert Grau:

Why do I have this product?

Herbert Grau:

Because my friend David Cerf came four years ago.

Herbert Grau:

He was just leaving his beloved company, StrongBox and said, Herbert,

Herbert Grau:

you have to look at metadata.

Herbert Grau:

And I said, why?

Herbert Grau:

This is old stuff.

Herbert Grau:

Metadata is old stuff because we use metadata like everybody else

Herbert Grau:

since 20 years, file size and last access, and this is HSM of old school.

Prasanna Malaiyandi:

Yep.

Herbert Grau:

But if I explain you today that we have a very unique

Herbert Grau:

product, people say, how can that be?

Herbert Grau:

Because if you, if you Google metadata, you find so many products which mention

Herbert Grau:

this, you have to define metadata as standard file system metadata.

Herbert Grau:

Which is simple

Prasanna Malaiyandi:

as useful.

Herbert Grau:

it's, it's useful for many virus scanners and

Herbert Grau:

everybody, but it's simple.

Herbert Grau:

And then you have embedded metadata, and then you take very special file

Herbert Grau:

formats and you go to a research lab, you go to a Max blank Institute,

Herbert Grau:

which partners with Harvard, and they've won the special file format,

Herbert Grau:

which comes from the NASA nifty file.

Herbert Grau:

Who, who is, what is that?

Herbert Grau:

And then you look into this nifty file, for example, and this

Herbert Grau:

file has 10,000 metadata tags.

Herbert Grau:

Holy cow.

Herbert Grau:

10,000.

Herbert Grau:

And we.

Herbert Grau:

Developed a technology, how to extract these 10,000 embedded metadata tags

Herbert Grau:

and write them into a huge database.

Herbert Grau:

And now the research guy can say, I need all files which have this whatever

Herbert Grau:

dimension here and this dimension there.

Herbert Grau:

He does a Google kind of complex search and out of his 10 million files, which

Herbert Grau:

are somewhere, he gets the right 2000 files and he can narrow this down

Herbert Grau:

from 10,000 to 10,000 to 5,000, 2000.

Herbert Grau:

And then he has the right data and that's our job.

Herbert Grau:

Find the right data and we deliver them the right data to a CAR E platform, to

Herbert Grau:

an algorithm to improve it and whatnot.

Herbert Grau:

Because I have, although another company which is doing only.

Herbert Grau:

Medical data and we have huge amount of data, but you always need the

Herbert Grau:

right amount, the right data, and that's the job of the metadata hub.

Herbert Grau:

And then we go to the next one.

Herbert Grau:

This institute has a microscope from Chase.

Herbert Grau:

Very special file format.

Herbert Grau:

Holy cow.

Herbert Grau:

8,000 metadata tags.

Herbert Grau:

Next one, bioinformatic.

Herbert Grau:

I never heard these names before, but now we have a technology how to extract this.

Herbert Grau:

That's why I call it deep data mining.

Herbert Grau:

We drilled holes very, very deep.

Herbert Grau:

Same is an automotive.

Herbert Grau:

We have some of these here and they have a motor motor test equipment

Herbert Grau:

and this is spitting out files.

Herbert Grau:

and then we go there and they said, you know what?

Herbert Grau:

We would like to know which of these million files have the same parameter

Herbert Grau:

for minus 30 degrees, that amount of kilometer, and blah, blah, blah.

Herbert Grau:

And I said, you don't know that?

Herbert Grau:

No.

Herbert Grau:

How?

Herbert Grau:

How should we, nobody can do this manually and nobody can extract the data.

Herbert Grau:

So we build an extractor for this special file format, and that's why we are unique.

W. Curtis Preston:

You know, David, you, you, it sounds like you,

W. Curtis Preston:

you sort of brought up this idea.

W. Curtis Preston:

Did I, I'm, I'm a little bit like that.

W. Curtis Preston:

That last customer where, how is this not already everywhere,

Herbert Grau:

David told me, David explained me his product,

Herbert Grau:

which was a different product.

Herbert Grau:

This was all about storage management.

Herbert Grau:

All products are metadata for storage management.

Herbert Grau:

Move data around, get rid of the ice, get an in, and all this is about storage.

Herbert Grau:

And I said, I want to get out of storage.

Herbert Grau:

I don't want to sell terabytes anymore.

Herbert Grau:

I want to be in the analytics business.

Herbert Grau:

I want a Google like for metadata.

Herbert Grau:

This is a different game and we will go direction to artificial

Herbert Grau:

intelligence in the next steps.

Herbert Grau:

So we will move completely away from this.

Herbert Grau:

How many data is here and on the is on, move this back and forth.

Herbert Grau:

And this is old and cold.

Herbert Grau:

This is kind of.

Prasanna Malaiyandi:

Yeah, I, I'm just thinking about use cases other than that.

Prasanna Malaiyandi:

I know the primary use cases you talked about, but just thinking

Prasanna Malaiyandi:

about things like, I know Curtis, we always talk about archive, right?

Prasanna Malaiyandi:

And how do you find what's been archive, because you don't know

Prasanna Malaiyandi:

what server came from, right?

Prasanna Malaiyandi:

You no longer have that storage perspective, right?

Prasanna Malaiyandi:

And or even things like e-discovery, like use cases where it's like, Hey,

Prasanna Malaiyandi:

tell me information related to this subject, or other things like that.

Prasanna Malaiyandi:

It seems like what you've built, Herbert and David is sort of an ability to

Prasanna Malaiyandi:

centralize all of these different file formats or unique file formats and

Prasanna Malaiyandi:

provide that value to the customer so they can run these queries on their.

Herbert Grau:

absolutely.

Herbert Grau:

And I had a, well, actually David went to a Berlin research lab and kind of sold

Herbert Grau:

them the idea, but the product was not there, and I sold him the product Now.

Herbert Grau:

For a nice amount of money, and he was Mr.

Herbert Grau:

Crau.

Herbert Grau:

Finally, I have a product.

Herbert Grau:

I have been waiting three years for a product, and I said, so my guys,

Herbert Grau:

maybe we have a, a unique selling point here because this guy is searching the

Herbert Grau:

market for three years in the US and everywhere, and he didn't find at least

Herbert Grau:

one product which could do the job.

David Cerf:

So there, so there are two separate ways to look at it.

David Cerf:

One, one, uh, at Herbert has outlined very well, which is we're trying to

David Cerf:

understand how to drive our business intelligence, how, how do we, and that's

David Cerf:

really in the application space, which is this ability to extract that metadata to.

David Cerf:

Have better insights and understanding and visibility, which has really nothing

David Cerf:

to do with where the file may be stored.

David Cerf:

But what, there's a second use case, which is almost secondary, which is

David Cerf:

if I actually can understand what I have, then I can apply that to what

David Cerf:

I do with it by number of copies.

David Cerf:

Or does it need to have sort of compliance or where do I keep it?

David Cerf:

How long do I keep it?

David Cerf:

See that that was the origin of where I had come from was more

David Cerf:

in the extract that metadata.

David Cerf:

So the world, you could look, you know, if we, with hindsight we can say, Hey, we

David Cerf:

knew we had to have metadata to be able to drive the intelligence that we wanna

David Cerf:

drive through AI and machine learning.

David Cerf:

We, you can't get there without it.

David Cerf:

And so the, the difference would be it's the approach to it.

David Cerf:

And so the elegance that that's in the metadata hub

David Cerf:

is, is really that simplicity.

David Cerf:

Separate out the overhead that comes with the file management or trying

David Cerf:

to put a GLO, global name, space and all the other things that that.

David Cerf:

Herbert was referencing what I was trying to do, which was kind of all these

David Cerf:

various things and just focus really on the metadata and the, and so there

David Cerf:

are two really interesting things that were solved with us, um, which Herbert

David Cerf:

said, but let me just emphasize it.

David Cerf:

One is this rapid development capability for connecting to the file type.

David Cerf:

This, this was really a showstopper because if I have these unique elements

David Cerf:

and these customers could not connect to it, then it didn't matter what you

David Cerf:

would do, you had to solve that first.

David Cerf:

So Grau has solved that ability to a connect.

David Cerf:

So there, that was the first part.

David Cerf:

And then the second part was on the backside, which is,

David Cerf:

okay, I've done the extraction.

David Cerf:

So this is almost like, think of ETL in databases, right?

David Cerf:

Extract, transform and load.

David Cerf:

And except for with the, with the metadata hub, we're extracting, we're

David Cerf:

transforming, and then we're connecting.

David Cerf:

And so either we allow through our native user interfaces a way for the, the user

David Cerf:

to just be able to directly access, but more importantly, Is that we can connect

David Cerf:

to the tools that they're already using.

David Cerf:

And so this really creates this feed to where they can leverage

David Cerf:

that data to drive that business, accelerate what they're trying to do.

David Cerf:

Um, which cuz that's really what it's all about at the end of the day, right?

David Cerf:

They're, they have a problem to solve and we're helping them solve that.

W. Curtis Preston:

So speaking about what it's all about, let's get to the, let's

W. Curtis Preston:

get to the star of the show, I think here, uh, in terms of this podcast, um,

W. Curtis Preston:

you know, we, we, we've talked a lot.

W. Curtis Preston:

We've had, you know, we've had Dave on, um, you know, we've

W. Curtis Preston:

talked a lot about Veeam.

W. Curtis Preston:

We've talked a lot about just windows-based backup systems.

W. Curtis Preston:

Veeam being, you know, Veeam, and I think Veeam and CommVault would

W. Curtis Preston:

be the two biggest examples, right?

W. Curtis Preston:

Um, and the, the risk, I think that, That their customers are under, because

W. Curtis Preston:

Windows being, as we all know, the number one attack vector for ransomware, right?

W. Curtis Preston:

And so the worry is that.

W. Curtis Preston:

Uh, you know, it, it's been a while since I've installed Veeam for obvious

W. Curtis Preston:

reasons, but by the way, I, I, I haven't thrown out our usual disclaimer.

W. Curtis Preston:

This is an independent podcast.

W. Curtis Preston:

I work for Druva, Prasanna works for Zoom, and, uh, this is not a podcast of

W. Curtis Preston:

either company and the, um, the opinions that you hear are ours and, uh, also be

W. Curtis Preston:

sure to rate us by, uh, going to the, you know, your, your favorite podcast app.

W. Curtis Preston:

Give us some startups, give us some, give us some comments

Prasanna Malaiyandi:

Leave some comments.

W. Curtis Preston:

find this podcast.

W. Curtis Preston:

Absolutely.

W. Curtis Preston:

Feel free to tweet as long as Twitter is still

David Cerf:

long as it's still around.

W. Curtis Preston:

Um, and if you, if you'd like to, um, if you'd

W. Curtis Preston:

like to join the conversation, you can find me, uh, at WC preston on

W. Curtis Preston:

Twitter or w Curtis Preston at gmail.

W. Curtis Preston:

And, uh, we'd love to get you on the podcast.

W. Curtis Preston:

So, you know this concern, right?

W. Curtis Preston:

Specifically like the default installation.

W. Curtis Preston:

Is on a Windows based backup server.

W. Curtis Preston:

Right?

W. Curtis Preston:

And then, um, and, and, and even the main, even if you use Linux as another,

W. Curtis Preston:

uh, storage device, you, the, the main server's still on Windows, and they

W. Curtis Preston:

do have this, the Linux based, uh, storage device now as, as a, yeah,

W. Curtis Preston:

as a, as a, as an answer to this.

David Cerf:

Veeam, um, obviously with their, with their hard

David Cerf:

Linux server does create.

David Cerf:

A very robust option.

David Cerf:

I think the real differentiation, Curtis, is the customers.

David Cerf:

When you look at how many Veeam customers are, are using Lennox, when you look at

David Cerf:

their customer, you know, demographics, it's broken out as the majority, uh,

David Cerf:

the big majority or Windows users and a large part of those customers

David Cerf:

aren't going to put a Linux server in.

David Cerf:

Cause you know, the guy that's running this, he's a Windows guy

David Cerf:

and I'm not, you know, it's a religion thing almost at some point.

David Cerf:

And the larger corporations, it's outta simplicity.

David Cerf:

As Herbert mentioned, he's, we've got several, uh, global international

David Cerf:

companies and they have maybe hundred plus sites and they're not

David Cerf:

going to run this with this complex.

David Cerf:

Uh, um, deployment and where the blocky for Veeam comes in is, it's, as Herbert

David Cerf:

mentioned, you're talking about from, from the moment you learn about it to

David Cerf:

installing it is less than an hour.

David Cerf:

So the simplicity makes it really easy for the Windows guys that don't

David Cerf:

have to do anything different, and now they have a level of security to,

David Cerf:

for protecting that, that Windows backup volume and repository, right?

David Cerf:

So I think that that's really where the line of demarcation comes down

David Cerf:

to is if you're, if you're a data center and you're running a Linux

David Cerf:

environment and you're comfortable with that, you, you might go with the

David Cerf:

native, uh, Veeam hardened Linux, um, solution for those customers that don't.

David Cerf:

That's where we shine and we provide that easy, quick install that gives

David Cerf:

that level of protection against Fran.

David Cerf:

ransomware.

W. Curtis Preston:

And we've talked about that, that was one of my concerns as well.

W. Curtis Preston:

The, the one that you brought in, if you're, if you're an all window shop.

W. Curtis Preston:

I, I, I'm not sure even if the, if the Linux option is more secure than

W. Curtis Preston:

having another Windows box, I, I'm not sure if it is more secure because

W. Curtis Preston:

it's your only Linux box , right?

W. Curtis Preston:

Right.

W. Curtis Preston:

If you, if it's the only Linux box in your data center, I

W. Curtis Preston:

don't think that's a good idea.

W. Curtis Preston:

If it was your only Windows box in the data center, I

W. Curtis Preston:

don't think that's a good idea.

W. Curtis Preston:

Right?

W. Curtis Preston:

Uh, just having a, a separate OS that you have to maintain just for a single

W. Curtis Preston:

purpose, you know, uh, I've never been a fan of that, but why, why don't you,

W. Curtis Preston:

um, give a little bit more about how, so, you know, it, it sounds like the

W. Curtis Preston:

product is incredibly simple to, uh, to explain, David, uh, do you want

W. Curtis Preston:

to give, um, you know, an overview?

W. Curtis Preston:

It, it sounds like pretty easy to explain and Herbert's

W. Curtis Preston:

already given us an overview.

W. Curtis Preston:

You want to drill down a little

David Cerf:

Sure, sure.

David Cerf:

So, um, you know, maybe pick up where you, you, your comment about people

David Cerf:

adding something to their environment.

David Cerf:

I, I mean, I think that that's, that's the real challenge.

David Cerf:

Is it the, it, uh, and, and now if you add the security layer, whether it's the

David Cerf:

ciso, cso, whatever they're doing, as long as we're not talking about the hardened,

David Cerf:

uh, physical, these guys are overwhelmed.

David Cerf:

I mean, ransomware is, is, it's not a matter of, uh, if it will happen,

David Cerf:

it's a matter of when it will happen.

David Cerf:

I think we've reached that point and, and every, everybody else is, you know,

David Cerf:

confirmed that it's, um, it's going to be.

David Cerf:

A risk that they have to deal with.

David Cerf:

And so when they're looking for a solution, what we're finding is that

David Cerf:

the, the antivirus and all these other type of tools that are out

David Cerf:

there are really not able to provide, uh, a way to protect that last, your

David Cerf:

last resort, which is your backup.

David Cerf:

So when the virus gets in, uh, it's sitting there and the first

David Cerf:

thing they're gonna go after are those backup files, right?

David Cerf:

So they're gonna go disable that, attack that, and at some point later, right,

David Cerf:

because it's, it could be a, a Trojan horse where it's sitting there waiting

David Cerf:

and then it comes on, um, you know, you've got this, this problem is that they're,

David Cerf:

you're, you're at the mercy of whoever the attacker was and what their demand is.

David Cerf:

And this is where the blocky really comes in.

David Cerf:

Um, as Herber mentioned, what we're creating is a way to have

David Cerf:

cyber resiliency through zero.

David Cerf:

So when you enable, um, blocky, which is a simple download, so you literally, you

David Cerf:

download it and installs in, in less than 20 minutes, the first thing it's going to

David Cerf:

do is it's gonna say, what is the trust?

David Cerf:

We're gonna go right to creating the white list.

David Cerf:

And that white list is the trusted applications or process

David Cerf:

I should say, cuz it's Veeam.

David Cerf:

In this, um, in this case, and I'll, I'll leave a caveat here, is that the way, the

David Cerf:

way GR built, uh, blocky as a technology, it can be applied to other applications.

David Cerf:

We've really focused on the use case around, uh, Veeam.

David Cerf:

So in general, you could say I have other applications and allow other application

David Cerf:

access, but the way we've tuned this to the Veeam market, Veeam specific.

David Cerf:

And so the only processes that you're really trying to identify is what's

David Cerf:

going to happen from the, the Veeam process to access that repository.

David Cerf:

So the first thing you do is either you manually set that or we have an auto.

David Cerf:

You can literally turn on the auto discover and we'll, we'll

David Cerf:

discover those processes.

David Cerf:

You, it's within, you said a period, let's say 24 hours.

David Cerf:

You've run your backup, we know the process, you turn that off.

David Cerf:

And then at that moment we're at zero trust.

David Cerf:

And so nothing else is gonna go back in, um, from a ransomware perspective

David Cerf:

and alter modifier, delete, because we've now applied that worm.

David Cerf:

Um, and, and for those, just to clarify, write once, read many, right?

David Cerf:

And, um, and that nothing's gonna alter, it's immutable at this

David Cerf:

point, and you're now secure.

David Cerf:

So even if you had ransomware.

David Cerf:

It was already in the system at this point, they can't alter

David Cerf:

or, or modify those files.

David Cerf:

So reading the file out is simple and, uh, verifying with through the fingerprint

David Cerf:

where we actually capture all the related elements to that process, including the

David Cerf:

DLLs, and that is combined to create that unique identifying fingerprints.

David Cerf:

So every time there's a request to modify or write, Hey, we're

David Cerf:

checking, we're checking that.

David Cerf:

And if it's not an approved, um, trusted application, we'll alert to it.

David Cerf:

And so now you get two, two benefits here.

David Cerf:

One is you've got the security through, um, the protection of, of, uh, blocking.

David Cerf:

But second, now you've got some alerting.

David Cerf:

This is something that kind of caught me by surprise.

David Cerf:

When, when Herbert said, Hey, let's check this out.

David Cerf:

Was, uh, the first customer that I talked to is they're like, wow, I've got a.

David Cerf:

I could see my applications that are trying to hit that, that repository,

David Cerf:

and they can now get some reporting and visibility and transparency in

David Cerf:

what's going on in their system.

David Cerf:

And, uh, and they can take actions from that as well.

W. Curtis Preston:

Anything else?

W. Curtis Preston:

Anything outside of the already approved application would trigger an alert, I'm

David Cerf:

Correct.

David Cerf:

Tha thanks for clarity on that.

David Cerf:

That absolutely correct.

David Cerf:

So they can now see, hey, look, I, you know, we've had these declined items

David Cerf:

and so the admin now has some security.

David Cerf:

The second thing we did is we decoupled it so it's not tied

David Cerf:

to the veeam's, uh, passwords.

David Cerf:

And those admin passwords has a separate independent, so it, it has

David Cerf:

that, uh, ability to, uh, operate, uh, without a risk of uh, uh, you

David Cerf:

know, global password type settings.

David Cerf:

And, um, and then of course, the

David Cerf:

last

Prasanna Malaiyandi:

I like that part,

David Cerf:

Yeah.

David Cerf:

Yeah.

Prasanna Malaiyandi:

Yeah, I know, I know.

Prasanna Malaiyandi:

We always talk about Curtis about, yeah, don't put your backup servers on

Prasanna Malaiyandi:

the same ad right as everything else.

Prasanna Malaiyandi:

So I'm glad that

W. Curtis Preston:

Separation of powers,

David Cerf:

No, no.

David Cerf:

Post-it notes.

Prasanna Malaiyandi:

and separating it.

Prasanna Malaiyandi:

Yeah.

Prasanna Malaiyandi:

Well I'm glad you guys are going a step further and not even having

Prasanna Malaiyandi:

like the normal being passwords as this authentication mechanism,

Prasanna Malaiyandi:

cuz you really do want that more secure than everything else.

David Cerf:

Absolutely.

David Cerf:

All right.

David Cerf:

This is, this is your last resort.

David Cerf:

Right?

David Cerf:

And we're, and that's really the key is that we, why do we back up?

David Cerf:

We pack up because only when we absolutely need that data and if they take that down.

David Cerf:

So the blocky provides that additional layer of security and protection.

David Cerf:

Um, and it works, of course, uh, you know, we, we have the ability to single

David Cerf:

site, multi-site and, and, um, so it provides a, this really simple way

David Cerf:

for whoever is managing either the, the IT stack or the, you know, the

David Cerf:

security stack to add a layer into.

David Cerf:

A product that is fantastic, right?

David Cerf:

I mean, Veeam Veeam is uh, you know, proven globally and customers

David Cerf:

love it, but now they can have that additional protection.

Herbert Grau:

Maybe one more comment from my side.

Herbert Grau:

People ask me, what's the performance impact if I have blocking installed?

W. Curtis Preston:

That's an important

Herbert Grau:

Yep.

Herbert Grau:

The answer is, while writing and readings, we don't do nothing.

Herbert Grau:

It's not like a virus can always, always holds the process and then

Herbert Grau:

does not recognize the bad guy.

Herbert Grau:

So we do nothing while writing and reading.

Herbert Grau:

When it's deleting or modifying, we hold the process and check it

Herbert Grau:

because that's the purpose of blocky.

Herbert Grau:

And then we have, um, uh, maybe a two to 3% overhead while deleting and modifying.

Herbert Grau:

And that's a cool combination.

Prasanna Malaiyandi:

Well, and especially because reading, or, sorry,

Prasanna Malaiyandi:

deleting and modifying isn't your predominant uh, uh, operation right.

Herbert Grau:

Of course not.

Herbert Grau:

And if this happens, you want somebody to check

Prasanna Malaiyandi:

Yeah.

W. Curtis Preston:

Yes.

W. Curtis Preston:

Agreed.

W. Curtis Preston:

Now, one, one question that I have, uh, this will be my, my toughest question.

W. Curtis Preston:

Is there a way to defeat this product?

W. Curtis Preston:

So if I have admin on the box, What am I able to do?

W. Curtis Preston:

I know you, if the product is installed,

Herbert Grau:

you, if you want an honest

Herbert Grau:

answer,

Herbert Grau:

I can give you the honest answer.

Herbert Grau:

An admin can destroy the whole Windows machine

W. Curtis Preston:

Right?

Herbert Grau:

and that's not possible to avoid.

Herbert Grau:

Neither from Veeam, not from Crau, not from Microsoft today.

W. Curtis Preston:

Right.

W. Curtis Preston:

That's a pretty honest answer.

W. Curtis Preston:

Um, does that mean also that they could uninstall the product

Herbert Grau:

No, that's protected.

Herbert Grau:

The uninstall is protected.

W. Curtis Preston:

Okay.

W. Curtis Preston:

How, how,

Herbert Grau:

years ago, and that's protected

W. Curtis Preston:

How, um, I don't want to get into secret

W. Curtis Preston:

sauce, but how, in what way?

W. Curtis Preston:

Like how, how do you protect that

David Cerf:

You need, you need a password to go back.

David Cerf:

And so I mean the, I think the real security here is if you have, if

David Cerf:

you have the admin and they blow the box away, they blow the box away.

David Cerf:

I mean, so we're de that's a physical security issue potentially.

David Cerf:

Right.

W. Curtis Preston:

I think what I'm, what I'm concerned about is not somebody who's,

W. Curtis Preston:

you know, so we've got a malware in there, we've got a, a bad actor in there, and

W. Curtis Preston:

they're trying to surreptitiously access data that they're not supposed to access.

W. Curtis Preston:

Right.

W. Curtis Preston:

So they would want to disable, um, this, this tool, and it sounds like that

W. Curtis Preston:

without the username and password from that tool, they wouldn't be able to do

David Cerf:

Right.

David Cerf:

I, I mean, so.

W. Curtis Preston:

because blowing up the box, they would, they

W. Curtis Preston:

would obviously show their hand.

W. Curtis Preston:

Right.

W. Curtis Preston:

So they're not likely to do that.

W. Curtis Preston:

What they're likely to do is to try to disable anything that's

W. Curtis Preston:

trying to block their access.

Herbert Grau:

Maybe, maybe one interesting point is that we have sold blocky also

Herbert Grau:

to one very large customer in Stuttgart.

Herbert Grau:

Which has 100, uh, IBM backup server from tsm.

Herbert Grau:

Now spectrum scale.

Herbert Grau:

And that's a huge environment.

Herbert Grau:

And this is a corporate license we sold here.

Herbert Grau:

We're very, very proud about this.

Herbert Grau:

Uh, you may understand that we cannot name , give names out because in,

Herbert Grau:

in this ransomware world, nobody wants to read his name anywhere.

Herbert Grau:

Uh, but the point is that in the deep in in, in the TSM world, I still call it tsm.

Herbert Grau:

Um, and Curtis, you know, maybe you two

W. Curtis Preston:

Yeah, me too.

Herbert Grau:

the old guy, as we call, we still call it tsm.

W. Curtis Preston:

I still call, I still call a dsm, by the way.

Herbert Grau:

who who knows that, you know.

Herbert Grau:

But, uh, in the TSM world, there's also always a DB two coming with a product.

W. Curtis Preston:

Mm-hmm.

Herbert Grau:

cool from my side is that we can also protect the DB two data.

W. Curtis Preston:

Hmm,

Herbert Grau:

Which opens potentially a market to applications that

Herbert Grau:

will also protect the database

Prasanna Malaiyandi:

Yeah.

Herbert Grau:

data.

W. Curtis Preston:

exactly.

Herbert Grau:

That's our next step.

Herbert Grau:

Potentially

David Cerf:

and by the way, that customer also had Veeam, oh, I'm sorry.

Herbert Grau:

Hmm.

Herbert Grau:

Sorry.

David Cerf:

I, I was just gonna say that, that same customer, not just that

David Cerf:

they have tsm, but they also have Veeam.

David Cerf:

So they're, they're happy,

Herbert Grau:

customers which have, which you have tsm, have

Herbert Grau:

Other

Prasanna Malaiyandi:

Other things.

Prasanna Malaiyandi:

Yep.

David Cerf:

So they're, so they're now, now that they're secure on their

David Cerf:

tsm, it, add, add, add, the additional protections to their Veeam is where

David Cerf:

they're heading next, um, as well.

W. Curtis Preston:

Well, I, I wanna, I want to thank you for, uh, you know, this

W. Curtis Preston:

has been a good, really good discussion.

W. Curtis Preston:

I, I've learned more about the, you know, obviously about all

W. Curtis Preston:

of the products that you do.

W. Curtis Preston:

We've focused in on the end here on, on Blockie for Veeam.

W. Curtis Preston:

Uh, and I, I think you've got a tremendous potential market.

W. Curtis Preston:

Veeam has a lot of customers, and every one of 'em has a window

W. Curtis Preston:

server that needs protecting.

W. Curtis Preston:

So, uh, I, I wish you, uh, the best of luck and, um, thanks so much for,

W. Curtis Preston:

for, for standing, for allowing us to stand between you and a beer, Herbert

Herbert Grau:

Yeah, actually it's a bottle of wine today.

Prasanna Malaiyandi:

Even

Prasanna Malaiyandi:

better.

W. Curtis Preston:

All right.

W. Curtis Preston:

Something from the Rhine region perhaps.

Herbert Grau:

Uh, could be Ryan, could be Mosel.

Herbert Grau:

You know, we have some valleys

Herbert Grau:

here.

W. Curtis Preston:

Well, well, thank, thanks a lot everybody

W. Curtis Preston:

for, for being on the podcast

David Cerf:

Thank you for having us for, appreciate the discussion.

Herbert Grau:

Thanks, Curtis.

Herbert Grau:

Thanks.

Prasanna Malaiyandi:

you all.

Prasanna Malaiyandi:

Yeah,

Prasanna Malaiyandi:

great.

W. Curtis Preston:

absolutely.

W. Curtis Preston:

And again, as always, we'll remember to, uh, thank our listeners and uh, be sure to