2024-11-05 - 頁2，共4

What is VPN passthrough and how does it work?

Summary: A VPN passthrough enables encrypted VPN traffic through firewalls but poses security risks. What are the alternatives? Read the full guide for secure solutions.

A VPN passthrough is a router feature that allows data encrypted by VPN protocols to pass network firewall filters.

Passthroughs were once essential to work around router limitations. Improved protocols and security technology have made them less critical. However, some situations still involve the VPN passthrough setting.

Key takeaways

After reading this article, you will:

Know what a VPN passthrough is and how passthrough types function.
Learn how to configure IPSec, PPTP, and L2TP passthroughs on standard routers.
Understand the limitations of VPN passthrough features and common security vulnerabilities.
Know how to troubleshoot VPN passthrough security problems and create secure VPN router setups.
Learn about effective alternatives to a VPN passthrough and how to choose the right way to establish VPN connections.

VPN passthrough definition

A VPN passthrough is a router feature that allows outbound VPN traffic to pass through a network firewall.

Passthroughs allow businesses to connect devices to VPNs without compromising firewall protection. Users can encrypt traffic leaving the network and hide their activity. The firewall filters other inbound and outbound traffic normally.

Think of a VPN passthrough as a secret passage. Only authorized users can access the passage, and external actors cannot see where it leads.

How does a VPN passthrough work?

Sometimes, compatibility issues arise between VPNs and network routers. Some routers do not support VPN protocols.

VPNs rely on protocols to encrypt and transport data. VPN clients must establish connections with VPN servers outside the network boundary. This leads to problems when Network Address Translation (NAT) setups cannot handle VPN protocols.

NAT assigns a public IP address and sends data to its destination. Unfortunately, older VPN protocols can derail this process. NAT is unable to route packets to their final destination. Instead of creating an encrypted tunnel, routers block data packets and return them to the source.

A VPN passthrough solves this problem. Passthroughs allow routers to recognize protocols like IPSec, L2TP, or PPTP. When the VPN passthrough is engaged, encrypted traffic can pass across the network edge, protecting user data.

Note: Advanced protocols like OpenVPN and WireGuard avoid the need for a VPN passthrough. Modern VPN protocols work with NAT, allowing outbound traffic to the VPN server.

Do all routers need a VPN passthrough?

Not all routers need a VPN passthrough, but some do. It’s important to know whether your routers support VPNs, as configuration issues can expose sensitive data to cyber attackers.

The good news is most routers include a VPN passthrough option. In practice, only very old routers lack passthrough capabilities (and you should probably replace those devices for security reasons).

The bottom line is that you need to enable passthrough for older VPN protocols like IPsec or PPTP. Modern protocols and more secure alternatives make this unnecessary.

If you do need passthrough functionality on your router, choosing the right type matters. That’s where we will turn next.

Types of VPN passthrough

VPN passthroughs deal with different VPN protocols. There is no one-size-fits-all passthrough design, as protocols operate differently. Here are the three main versions:

PPTP passthrough

The point-to-point tunneling protocol (PPTP) uses the Transmission Control Protocol (TCP) via Port 1723 and the Generic Routing Encapsulation (GRE) protocol.

GRE does not require a specific port or IP address to create a PPTP connection. NAT requires a port number and IP address—creating a conflict. That’s where a PPTP passthrough becomes essential.

The PPTP passthrough feature solves this conflict by assigning a Call ID to GRE headers. The router sees this Call ID as a port number and allows traffic through the firewall.

Users implement a PPTP passthrough via their router firmware. Here’s how to do so:

Find your router IP address and enter it into a browser address bar.
Log onto the router settings tool and find the VPN settings section.
You should see an option to apply a PPTP passthrough. Enable the VPN passthrough and save your settings.
Reboot the router. The VPN passthrough functionality should be enabled.

IPSec passthrough

IPSec (Internet Protocol Security) passthroughs use NAT-Traversal (NAT-T) technology.

NAT-T packages data using the User Datagram Protocol (UDP) to wrap IPSec data. The NAT router can recognize this format but cannot understand encrypted IPSec traffic.

IPSec passthroughs use UDP port 4500 to establish an IKE packet exchange. IKE exchange allows the router to assign a private IP address for IPSec traffic while underlying payloads remain untouched.

Users also implement an IPSec passthrough via router firmware. To do so:

Firstly, log onto your router via a web browser.
Look for the VPN section and the option to enable IPSec passthrough.
You may need to reboot the router after saving passthrough settings.
Test the VPN connection to ensure passthrough is enabled.

L2TP passthrough

The L2TP VPN passthrough resembles the process for PPTP. In this case, passthroughs use Port 1701 to create a VPN connection.

VPN passthroughs assign a Session ID to UDP packets passing over the port. This Session ID substitutes for the port number, allowing transfers via the NAT router.

What is the difference between a VPN and a VPN passthrough?

VPNs and VPN passthroughs sound similar, but they are very different technologies. Passthroughs only allow VPN traffic from internal networks to the public internet. That’s all they do.

Virtual Private Networks are far more powerful network security tools. VPN companies operate servers across the world. The VPN server transports encrypted data and assigns new IP addresses, effectively making users anonymous.

Users generally access the VPN server via a locally-hosted VPN client. VPN software uses protocols to encrypt and send data to servers. A VPN passthrough feature smooths that process.

Companies may also choose to install a VPN router. VPN routers operate on the internal network and eliminate the need to install a VPN client on every device. The router encrypts and anonymizes data and connects with external VPN services.

Passthroughs are not usually needed if you run a VPN router. They may be necessary if you rely on separate clients for devices connected to a standard network router.

VPN passthroughs and security considerations

Let’s assume you continue using PPTP or IPSec and must traverse a typical NAC router. Does this impact your network security status, and should you take action in response?

Firstly, passthroughs are more secure than disabling NAC. This would solve the routing issue, but NAC manages traffic efficiently, conceals IP addresses from the public internet, and allows easy IP changes for network users.

Don’t even think about disabling NAC. Even so, VPN passthroughs generally leave networks more exposed to cybersecurity threats. There are a few reasons why this happens.

Firstly, passthroughs can allow connections via insecure old VPN protocols. These protocols are rarely updated (if ever) and become less secure over time.
Security teams may not know if users may establish insecure outbound VPN connections — putting data at risk.
Another problem is that firewalls cannot inspect VPN traffic passing into and from network devices. This is fine if VPNs use strong encryption, but insecure VPN traffic can become an attack vector.
Passthroughs also open ports for attackers to exploit. They may even act as backdoors, allowing freedom of movement for malicious traffic inside the network.

That sounds worrying. However, the best practices below should ensure a secure passthrough setup:

Avoid older VPN protocols. Use secure protocols like OpenVPN or WireGuard that are harder to crack and offer better compatibility. Use VPN passthrough as a last resort.
Block inactive ports. If you set up a VPN passthrough, only enable port forwarding where necessary. Check and close open ports that the VPN does not need.
Maintain authentication and access policies. Limit network access to authorized users and devices. Use multi-factor authentication and processes to limit VPN access.
Monitor VPN traffic. Use logs and real-time tracking to detect unusual behavior patterns or potential attacks.
Use network segmentation. If you need passthroughs for certain activities, create secure zones with network segmentation tools. That way, intruders will find their path blocked if they exploit passthrough vulnerabilities.
Audit passthroughs regularly. It’s never wise to enable VPN passthrough permanently. Regularly check router settings. Disable VPN passthrough when it is no longer needed.

Alternatives to a VPN passthrough

Another way to avoid the security problems above is to use an alternative solution for outbound VPN traffic. Common alternatives include:

SSL encryption. SSL encrypts HTTPS traffic passing across the network edge. You can use SSL as a VPN alternative, but only for web traffic. SSL is a viable alternative for web-based workloads but a poor general security option.
RDP. The Remote Desktop Protocol (RDP) enables remote work connections without firewall conflicts. It’s a good alternative if you need to access remote devices for maintenance or training. However, RDP does not offer encrypted tunnels, making it less secure than a VPN passthrough.
SD-WAN. Software-defined wide-area networks enable companies to create secure networks across many sites. Access controls and encryption transfer data securely without needing a standard VPN.
Site-to-Site VPN. Site-to-Site VPNs connect locations via an encrypted tunneling protocol. Internet gateways interact without firewall conflicts, and there is no need for individual clients. However, this VPN style often relies on inefficient hub-and-spoke routing, and configuration can be complex. Problems may also arise when securing cloud deployments.
IAM. Identity and Access Management (IAM) partly replaces VPNs for cloud-based and hybrid networks. Admins can control who accesses sensitive assets, blocking unauthorized connections. With the correct security setup, there is no need for an extra VPN or a VPN passthrough.

A VPN passthrough may be necessary to connect older devices or applications and allow remote work. But more advanced alternatives exist. Options include the tools above and modern VPN protocols that render passthroughs obsolete.

Go beyond a VPN passthrough with NordLayer’s security solutions

One thing hasn’t changed—companies must secure connections without compromising firewall performance. As cyber threats mount, protecting data transfers is becoming more important than ever.

NordLayer provides a flexible solution to secure remote connections and optimize efficiency. Our business VPN uses a variant of the WireGuard protocol, with no need to configure a VPN passthrough.

Secure gateways connect remote devices to on-premises and cloud assets. Strong encryption and IP address anonymization keep transfers completely secure. Access controls and Firewall-as-a-Service implement Zero Trust Network Access principles—blocking unknown and unauthorized connections.

Forget about VPN passthrough issues. Our simple, scalable, secure solution protects data and streamlines security management. To find out more, contact the NordLayer team today.

Frequently asked questions

Should VPN passthrough be enabled?

No. As a rule, companies should minimize the need for a VPN passthrough.

Passthroughs rely on outdated VPN protocols and create serious security vulnerabilities. Instead, security teams should invest in a modern router or investigate secure remote access solutions.

Only enable a VPN passthrough if bypassing your firewall is necessary. You may need a point-to-point tunneling protocol (PPTP) passthrough for remote access or operating devices that rely on the PPTP VPN protocol.

If possible, update your setup to accommodate newer protocols. Only use the VPN passthrough as a temporary solution.

What happens if you turn off the VPN passthrough?

Turning off the VPN passthrough is rarely a problem.

Turning off a VPN passthrough can prevent encrypted data transfers through your network firewall. The VPN passthrough allows transfers across older VPN connection types. If the VPN passthrough fails or is not activated, the VPN connection will lapse.

This can cause problems for remote workers who rely on their VPN client to establish outbound VPN connections. In some cases, users may backslide to less secure connection methods.

Generally, choosing to enable VPN passthrough is worse than turning it off. Advanced VPN protocols and tools like IAM provide reliable connectivity and improve security.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

RTO and RPO – Explanation of Concepts

In an increasingly digital and interconnected business environment, the terms “RTO” and “RPO” are pivotal for ensuring the survival of any organization when disaster strikes. Recovery Time Objective (RTO) and Recovery Point Objective (RPO) might sound like mere technical jargon, but they hold the key to a business’s ability to bounce back from disruptions.

However, it’s not just about responding to adversity; it’s about safeguarding your enterprise’s integrity, reputation, and sustainability. By deciphering the differences between these two terms, you can tailor your recovery plans to ensure a seamless return to normalcy while minimizing data loss.

This guide explores RTO and RPO, shedding light on their definitions, distinctions, and the critical role they play in crafting foolproof disaster recovery strategies.

Definition of RTO

Think of RTO as the stopwatch that starts ticking when a system fails. The clock is set according to the business’s unique needs and priorities.

RTO stands for “Recovery Time Objective,” a crucial element in disaster recovery planning. It refers to the maximum acceptable downtime for a business process or application after a disaster or disruption occurs. Essentially, RTO indicates the amount of time a process can remain unavailable before it starts to affect the business adversely. For instance, if a business process has an RTO of 2 hours, it means that after a disaster strikes, the organization must ensure that the process is up and running within 2 hours to avoid significant negative impacts on operations, customer satisfaction, or financial performance.

Different business processes have varying RTO values based on their criticality to the organization. High-priority processes like e-commerce transactions or financial transactions might have lower RTO values, often in minutes to a couple of hours. On the other hand, less critical processes, such as internal reporting systems, could have higher RTO values, ranging from several hours to even days. Setting appropriate RTO values requires a careful assessment of the potential impact of downtime on different processes and the organization as a whole. It helps you prioritize your resources and efforts in disaster recovery planning to minimize disruptions and maintain smooth operations.

Definition of RPO

While RTO focuses on the “when” of recovery, the Recovery Point Objective (RPO) homes in on the “what.” It signifies the maximum acceptable amount of data loss a business can tolerate during a disruption or disaster. In essence, RPO defines the point in time to which data restoration must occur after recovery efforts, representing the extent of data rollback without causing unacceptable damage to business operations.

RPO measures how much data the organization will lose in the recovery process. For example, suppose a business has an RPO of 1 hour. In that case, it means that after a disruption, the data restoration can only be to a point in time that is no more than 1 hour before the incident occurred. Any data changes made within that hour might be lost.

Choosing appropriate RPO values is crucial to align backup and recovery strategies with your business needs. More critical data requires smaller RPO values to minimize loss, while less critical data may tolerate longer intervals. RPO helps you balance data protection and the cost and complexity of implementing backup solutions.

RTO vs. RPO: Key Differences

While RTO and RPO might appear as two sides of the same coin, they hold distinct purposes. Below are some key differences between RTO and RPO:

Focus

RTO focuses on downtime or the time it takes to restore a business process or application after a disruption. It indicates the acceptable maximum duration a process can be unavailable.
Meanwhile, RPO concentrates on data loss or the maximum amount of data that can be lost during the recovery process. It defines the point in time to which the restoration of data needs to occur.

Measurement

While the unit of measuring RTO and RPO is in time units like seconds, minutes, hours, or days, RTO measures the speed at which a business process must restore full functionality after a disruption. Conversely, RPO determines the potential amount of data loss during recovery.

Impact

RTO relates to how quickly a business can resume normal operations to minimize the impact of downtime on procedures, customer satisfaction, and revenue. On the other hand, RPO gives an account of how much data loss a business can tolerate without significantly affecting its operations, accuracy, and compliance.

Scenario

RTO is beneficial when processes need restoration, such as after a server failure or system crash. Meanwhile, RPO is applicable when there is a need for data recovery, such as after accidental data deletion or corruption.

Striking the Balance Between RTO and RPO

When designing your disaster recovery plans, you must consider RTO and RPO. Business continuity and disaster recovery planning are complex tasks that require a comprehensive approach. You can ensure a holistic recovery strategy by considering both RTO and RPO. While an organization may have low downtime tolerance (short RTO) for a critical e-commerce platform, it may also need minimal data loss (small RPO) for financial data. Conversely, a longer RTO might be acceptable for an internal reporting system. However, there’s still a need to limit data loss.

Striking the right balance between RTO and RPO involves understanding the criticality of different business processes and data types. This enables you to allocate resources effectively and choose appropriate recovery solutions, such as high-availability systems, redundant data centers, and frequent data backups. By addressing downtime and data loss concerns, you can enhance your business’s ability to recover swiftly and maintain essential operations despite unexpected disruptions.

Factors Influencing RTO and RPO

Determining the optimal values for RTO and RPO is not a one-size-fits-all endeavor. A multitude of factors come into play, shaping the decisions of your business as you tailor your disaster recovery strategies.

Business Requirements

The nature of your business and its processes directly influences acceptable downtime and data loss. High-stakes industries like finance or healthcare may necessitate aggressive RTO and RPO values due to the immediate consequences of disruptions.

Technology Capabilities

Your IT infrastructure’s capabilities play a pivotal role. Modern technology allows for real-time data replication and swift failover mechanisms, reducing downtime and data loss. However, the advanced solutions required might come at a cost that smaller businesses find challenging to bear.

Budget Constraints

Every strategic decision in business inevitably hangs on budget considerations. Investing in cutting-edge recovery solutions might be feasible for larger enterprises but not viable for smaller ones. Therefore, setting RTO and RPO values should align with the available financial resources. Balancing these factors is crucial for finding the optimal combination of RTO and RPO values that align with the organization’s needs, technological capabilities, and budgetary constraints while ensuring business continuity and data protection.

Best Practices for Determining RTO and RPO

Crafting effective RTO and RPO values requires a nuanced approach that mirrors the uniqueness of each business. Here are some best practices to consider:

Understand Business Objectives and Priorities

Assess the criticality of various business processes and data types. Consider factors like revenue impact, customer satisfaction, compliance requirements, and legal obligations.
Align RTO and RPO values with your business objectives. High-priority processes and data should have lower values to minimize disruption and data loss.

Risk Analysis

Evaluate potential risks and their impact on your business operations. Identify possible scenarios that could lead to downtime or data loss.
Consider historical data and industry benchmarks to estimate the probability and consequences of different types of disruptions.

Involve Key Stakeholders

Engage stakeholders from IT, operations, finance, and management to gain diverse perspectives on acceptable levels of downtime and data loss.
Collaborate to strike a balance between technical feasibility and business needs.

Consider Technology and Resources

Understand your organization’s technical capabilities regarding backup frequency, recovery speed, and available resources for disaster recovery.
Choose technologies and solutions that can meet the determined RTO and RPO values.

Regular Reassessment

Recognize that business needs evolve over time. As your business grows, changes its processes, or faces new risks, regularly reassess and adjust RTO and RPO values accordingly.
Conduct periodic tests and simulations to validate the effectiveness of your disaster recovery strategy.

Cost-Benefit Analysis

Evaluate the costs of achieving shorter RTO and RPO values against the potential benefits of reduced downtime and data loss.
Make informed decisions based on a balance between operational requirements and budget constraints.

Document and Communicate

Document your disaster recovery plan’s determined RTO and RPO values with utmost clarity.
Ensure that all relevant stakeholders, including IT teams and management, understand the objectives and priorities behind these values.

Test and Iterate

Regularly test your disaster recovery plans in realistic scenarios to identify gaps and refine your strategies.
Use test results to iterate and optimize your recovery processes, adjusting RTO and RPO values if necessary.

By following these guidelines, you can tailor your disaster recovery strategies to your business’s unique needs, minimizing the impact of disruptions and data loss. The key is to maintain a flexible approach that adapts to changing business requirements while consistently prioritizing the continuity of critical processes and the protection of essential data.

Protecting Your Business with Informed Recovery Planning

Recovery Time Objective (RTO) and Recovery Point Objective (RPO) take center stage in this intricate necessity of business continuity. Understanding the essence of these concepts empowers businesses to make informed decisions when adversity strikes. Remember, it’s not just about recovering—it’s about recovering strategically. By aligning RTO and RPO values with your unique circumstances, you fortify your business against disruptions while maintaining data integrity.

As you embark on crafting and refining your disaster recovery strategy, remember that it’s a continuous process. The ever-changing business landscape demands adaptability, ensuring that your RTO and RPO values remain steadfast pillars of resilience.

Implementation Challenges of Automation and Orchestration

Although the benefits of automation and orchestration on data management are huge, there might still be a few challenges while trying to implement these technologies. Common problems include the following:

Compatibility Problem:

If compatibility issues exist, automation and orchestration tools may not easily integrate with a company’s systems and infrastructures. This can incur extra expenses, as you may have to replace their infrastructure.

Skill Gaps:

Organizations may lack the in-house expertise to operate these infrastructures. Hence, you must employ an extra hand with the appropriate technical know-how. Leverage their expertise in implementation techniques to help assist in the implementation process. Also, you need to educate and develop IT staff to be competent in managing and supporting new technologies, ensuring the smooth running of the organization’s backup and recovery system.

Change Management:

Migrating from manual to automated data management processes instills an entirely new culture within a company. Therefore, organizations must develop robust strategies to effectively manage this change and allow staff to transition seamlessly from the former system to the advanced one.

Conclusion

Advancements in data automation tools and orchestration platforms bring data backup and recovery to a whole new level of efficiency, reliability, and affordability. An organization can protect vital data and assure business continuity through continuous data protection, AI-powered optimization, cloud-native solutions, orchestrated disaster recovery, and self-healing functionalities. These technologies empower the organization to manage data effectively and efficiently, mitigate potential human errors, and ensure the quick restoration of critical data in the case of a disaster or system failure.

About Storware
Storware is a backup software producer with over 10 years of experience in the backup world. Storware Backup and Recovery is an enterprise-grade, agent-less solution that caters to various data environments. It supports virtual machines, containers, storage providers, Microsoft 365, and applications running on-premises or in the cloud. Thanks to its small footprint, seamless integration into your existing IT infrastructure, storage, or enterprise backup providers is effortless.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

2024 Storware

Backup Under the Sign of Sustainable Development

Backup and DR solutions are generally not associated with sustainable development. However, in the changing landscape of data protection, “green skills” that combine technological awareness with technical knowledge will become increasingly important.

The price of the solution, functionality, efficiency (measured by RTO and RPO indicators), functionality or relations with suppliers are the most common factors that determine the choice of a backup tool. So far, a small group of customers attach importance to energy efficiency, although creating backups and disaster recovery processes can have an impact on electricity bills. It is not excluded that with rising energy prices, as well as new directives such as the CSRD (Corporate Sustainability Reporting Directive), entrepreneurs will start to pay more attention to this factor.

According to Moor Insights & Strategy, by 2025 data centers will consume over 3% of electricity. On the other hand, storage accounts for 30% of the total energy consumption of data centers. This coefficient is likely to increase. Managing and storing constantly growing data and the associated processes of starting storage systems, migrating resources, creating backups, replicating or ensuring a safe and functional environment require more and more electricity.

IT departments are under constant pressure from management, employees, and consumers who are making increasing demands on system performance, their security, and cost reduction. As if that weren’t enough, in the coming years there will be another challenge. Under the CSRD (Corporate Sustainability Reporting Directive), around 50,000 European companies will be obliged to report on sustainable development. This will also indirectly affect the functioning of IT units. Sustainable development in the case of IT is not only about using less energy, especially when it comes to its use in server rooms, but also about designing a more thoughtful infrastructure and rational data management.

Less data, less energy

A lot of unnecessary data lies on the disks of computers or smartphones – old photos, paid bills, never used recipes or emails from a few years ago. The same is true for corporate resources. On NAS servers, there is a lot of completely useless data that is often replicated. While for consumers, the mess on disks does not have a major impact on the household budget, for business users it can lead to a significant increase in costs. Organizations that want more sustainable data storage must be aware that there are costs associated with this, and the transition to new systems and operations can be difficult. However, with careful planning, some of the obstacles can be avoided or at least mitigated.

Energy-intensive tasks such as storage and backup significantly increase energy consumption, but the value of this data – especially in the case of older or “dark” data – can be negligible. They also have a negative impact on the natural environment. A classic example is video files. It is estimated that they are responsible for 70% of CO2 emissions generated by data centers. It often happens that a large broadcaster stores over a hundred versions of the same episode of a series on its servers, although it would be enough to limit this number to a dozen or so. Meanwhile, long-available deduplication and compression techniques help to clean up the server room of unnecessary data. These methods eliminate redundant or duplicate data, reducing storage requirements and increasing overall system performance. Minimizing the data footprint saves costs, shortens backup and recovery times, and reduces energy consumption. Everything indicates that deduplication and compression technologies will likely play a significant role in sustainable digital information storage practices.

However, in order to see irregularities and then put things in order, you need to have insight into data and storage environments. With greater visibility, organizations can make informed decisions about deleting or archiving unnecessary data, archiving it to the cloud or to tape. Pure Storage introduced a sustainability assessment function to its offer less than two years ago, which controls the level of energy consumption and carbon dioxide emissions by the disk array, and then recommends how to reduce both coefficients.

It is worth noting, however, that according to IDC, about 90% of carriers in data centers are hard drives. Their manufacturers also have their own arguments for energy efficiency and sustainable development. For example, specialists from Western Digital recommend that in the case of HDDs, the entire life cycle of the carrier should be assessed. Although from the point of view of I/O, flash memory is more energy-efficient than mechanical disks, although much more energy is needed to produce SSDs than in the case of HDDs. In addition, interesting solutions are appearing on the market that allow you to limit the energy consumption of mechanical disks. One such example is a product offered by the Estonian startup Leila Storage.

While some manufacturers, such as Pure Storage, are announcing the imminent end of mechanical disks. that even by 2026. However, this is an unlikely scenario. Leil Storage is trying to prove that HDD users can also save a lot of energy and reduce carbon dioxide emissions into the atmosphere.

Collaboration Between Storware and Leil Storage

According to the Estonian startup, companies often make the mistake of assuming that erasure coding, media recycling, tape longevity, or 50% compression will achieve sustainable development goals. However, it is not that simple. Therefore, Leil Storage offers a shortcut, providing its own backup and archive storage systems, available in three versions: standard (maximum capacity 1.5 PB), advanced (9 PB), and enterprise green (up to 15 PB). Leil Storage uses 28TB UltraSMR disks manufactured by Western Digital.

This choice is not accidental. SMR disks are currently only used by hyperscalers. Unlike universal models with CMR recording technology, data is not written to magnetic tracks located next to each other on a single platter, but overlaps. This design allows you to fit 30% more data on the same area as with CMR media. Additionally, an SMR disk consumes the same amount of energy as a CMR disk, which translates to greater energy efficiency per 1TB of disk space (Leil Storage estimates it to be around 18%).

The startup will introduce a special ICE (Infinite Cold Engine) module this summer, which will cut power to unused disks. According to Leil Storage’s analysis, this will allow for a 43% reduction in energy consumption compared to a classic disk array. The startup predicts that as ICE evolves, savings will increase to 50% in 2025 and even 70% in 2026.

Leil Storage devices are currently compatible with products from companies like Acronis, Cohesity, and Rubrik. Recently, the Estonian startup began work on integrating its product with Storware software.

About Storware
Storware is a backup software producer with over 10 years of experience in the backup world. Storware Backup and Recovery is an enterprise-grade, agent-less solution that caters to various data environments. It supports virtual machines, containers, storage providers, Microsoft 365, and applications running on-premises or in the cloud. Thanks to its small footprint, seamless integration into your existing IT infrastructure, storage, or enterprise backup providers is effortless.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

2024 Storware

Backup for Structured and Unstructured Data

Data protection requires administrators to consider several important issues. The type of data, its location, and growing capacity requirements are of key importance.

The division of data into structured and unstructured data has existed for many years. Interestingly, as early as 1958, computer scientists were showing particular interest in the extraction and classification of unstructured text. But these were just scientific disputes. Unstructured data entered the mainstream a dozen or so years ago. At that time, analysts at IDC began to warn of the impending avalanche of unstructured data. Their predictions proved to be accurate. It is estimated that they currently account for around 80% of unstructured data, and even 95% in the case of Big Data sets. Their amount doubles every 18-20 months.

Structured and Unstructured Data

Aron Mohit, founder of Cohesity, compared data to a large iceberg, with structured data at the top, protruding from the surface of the water, and the rest being what is not visible. Unstructured data is found almost everywhere: in local server rooms, the public cloud, and on end devices. They do not have a predefined structure or schema, they exist in various formats, often occur in a raw and unorganized state, can contain a lot of information, which makes them usually difficult to manage. The lack of structure and a standardized format makes them difficult to analyze. Examples of unstructured data include texts such as emails, chat messages, and written documents, as well as multimedia content such as images, audio recordings, and videos.

Somewhat in the shadow of unstructured data are structured data. As the name suggests, they are organized and arranged in rows and columns. The structured format allows for their quick search and use, as well as high performance of operations. Although structured data represents only the tip of the iceberg, its role in business remains invaluable. They are commonly found in financial documentation in the form of transaction records, stock market data, or financial reports. Structured datasets are crucial for analyzing market trends, assessing investment risk, and facilitating financial modeling. They also play a significant role in healthcare. Organized patient documentation, diagnostic reports, and medical histories help ensure continuity of patient care and support medical research. Among e-commerce companies, structured data includes product catalogs, customer purchase histories, and inventory databases. With this information, marketers can implement personalized marketing strategies or better manage customer relationships.

Protecting Unstructured Data

Staying with Aron Mohit’s parallel, unstructured data is the invisible part of the iceberg, hiding many surprises. It includes many different types of information, such as Word documents, Excel spreadsheets, PowerPoint presentations, emails, photos, videos, audio files, social media, logs, sensor data, and IoT data. Unfortunately, the mountain continues to grow. And it is precisely the avalanche-like growth of data, as well as its dispersal, that poses considerable challenges for those responsible for its protection.

On NAS servers, in addition to valuable resources, there is a lot of unnecessary information, sometimes referred to as “zombie data”. Storing such files reduces system performance and unnecessarily generates costs, which translates into the need for more arrays or wider use of mass storage in the public cloud. According to Komprise, companies spend over 30% of their IT budget on storage.

Unnecessary files should be destroyed or archived, e.g., on tapes, if required by regulations. This has never been an easy task, and with the boom in artificial intelligence, it has become even more difficult. Organizations are collecting more and more data, on the assumption that it may be useful for training and improving AI models.

It should also be borne in mind that unstructured data sometimes contains sensitive information, e.g., about health or allowing the identification of specific individuals. Finding them is more labor-intensive than in the case of structured data, due to the loose format. However, the organization must know what they contain in order to locate them quickly if necessary.

A separate issue is the progressive adaptation of the SaaS model. In this case, service providers do not guarantee full protection of data processed by cloud applications. As a result, service users must invest in special tools to protect SaaS. As you can easily guess, vendors provide solutions for the most popular products, such as Microsoft 365. But according to the “State of SaaSOps 2023” report, the average company used an average of 130 cloud applications last year. It is easy to imagine the chaos, and therefore the costs, if an organization had to implement a separate tool for at least half of the SaaS used.

Protecting Structured Data

At first glance, everything seems simple, but the devil is in the details. The choice of the appropriate methodology usually depends on two factors: frequency, data quantity, and the amount of data changes. In the first case, critical databases typically require multiple backups created daily, while for less critical ones, a backup performed every 24 hours or even once a week may suffice.

Another issue is the amount of data. The administrator balances between three options to avoid overloading the network bandwidth or filling up server disks. The most common method involves creating a full copy of the entire database, including all data files, database objects, and system metadata. In case of loss or damage, a full backup allows for easy restoration, providing comprehensive protection. This method has two drawbacks: it generates large files, and creating copies and restoring the database after a failure takes a considerable amount of time.

Therefore, for backing up large databases, the incremental option seems better. This method involves saving changes made since the creation of the last full backup. This method does not require a lot of disk space and is faster compared to creating full backups. However, recovery here is more complex because it requires both a full backup and the latest incremental backup.

Another option is transaction log backup. The process involves recording all changes made to the database through transaction logs since the last transaction log backup. This method allows restoring the database to the exact moment before the problem occurred, minimizing data loss. The disadvantage of this method is the relatively difficult management of backup copies. Additionally, full transaction log backups are required for restoration.

Nowadays, when everything needs to be available on demand, companies are moving away from archaic methods that require shutting down the database engine during backup. New solutions allow creating a backup copy of all files located in the database, including table space, partitions, the main database, transaction logs, and other related files for the instance, without shutting down the database engine.

Protecting NoSQL Databases

In recent years, NoSQL databases have grown in popularity. As the name suggests, they do not use Structured Query Language (SQL), the standard for most commercial databases such as Microsoft SQL Server, Oracle, IBM DB2, and MySQL.

The biggest advantages of NoSQL, such as horizontal scalability and high performance, make them suitable for web applications and applications containing large amounts of data. However, these advantages translate into difficulties in protecting applications. A typical NoSQL instance supports applications with a very large amount of rapidly changing data. In such a case, a traditional snapshot is not suitable. Additionally, if the data is corrupted, the snapshot will restore the corrupted data. Another serious problem is the lack of NoSQL compliance with the ACID principle (Atomicity, Consistency, Isolation, Durability), unlike conventional backup tools. As a result, it is impossible to create an accurate “point-in- time” backup copy of a NoSQL database.

Conclusion

Multi-point solutions with various interfaces and isolated operations make it impossible to obtain a unified view of the backup infrastructure and manage all data located in the on-premises environment, public clouds, and the network edge. There are strong indications that the future of data protection and recovery solutions will be dominated by solutions that consolidate many point products into a platform managed through a single user interface. Customers will increasingly look for systems that offer scalability and support a comprehensive set of workloads, including virtual, physical, cloud-native applications, traditional and modern databases, and storage.

For those seeking a comprehensive backup and recovery solution for both structured and unstructured data, Storware Backup and Recovery stands out as a top choice. Its versatility goes beyond basic file backups, offering features like agent-based file-level protection for granular control, hot database backups to minimize downtime, and virtual machine support for a holistic data protection strategy. This flexibility ensures your critical business information, whether neatly organized databases or creative multimedia files, is always secured with reliable backups and efficient recovery options.

About Storware
Storware is a backup software producer with over 10 years of experience in the backup world. Storware Backup and Recovery is an enterprise-grade, agent-less solution that caters to various data environments. It supports virtual machines, containers, storage providers, Microsoft 365, and applications running on-premises or in the cloud. Thanks to its small footprint, seamless integration into your existing IT infrastructure, storage, or enterprise backup providers is effortless.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Storware 2024

Election-Related Cyber Threats: How SMBs and MSPs Can Stay Secure Amid Political Turbulence

As the 2024 U.S. election cycle heats up, cybercriminals are ramping up efforts to exploit the political landscape. Small and medium-sized businesses (SMBs) and managed service providers (MSPs) are particularly vulnerable during this period. From phishing campaigns to sophisticated nation-state attacks, the election introduces new risks that could severely impact businesses and the MSPs that support them.

Key Takeaways:

Phishing attacks targeting SMBs during the election cycle are expected to surge, making MSPs essential for providing advanced email security and awareness training.
Nation-state actors may use SMBs as entry points for more extensive cyber-attacks, especially those connected to election systems or critical infrastructure, putting increased pressure on MSPs to secure their clients.
The election could bring about shifts in cybersecurity regulations and insurance requirements, which will have a lasting impact on both SMBs and MSPs, requiring proactive measures to stay compliant.

As we dive deeper into these emerging threats, let’s explore the real-world impact and the vital role MSPs will play in securing SMBs during this critical time.

1. The Surge in Politically-Themed Phishing Campaigns Targeting SMBs

Election seasons are prime for cybercriminal activity, and phishing campaigns remain one of the most common attack vectors. With email inboxes flooded by political ads, voting information, and donation requests, it’s easy for malicious actors to disguise phishing emails as legitimate election-related communication. SMBs, often with fewer cybersecurity resources, are prime targets for these attacks, which may lead to credential theft, ransomware infections, or data breaches.

Example: Phishing Emails Disguised as Voter Information

During the 2020 U.S. elections, phishing emails disguised as official voter registration updates surged. Many businesses received emails claiming to offer polling information or requesting donations for political causes. These emails contained malicious links designed to steal login credentials or deliver malware. The rise of generative AI has made crafting convincing phishing messages easier, allowing cybercriminals to scale their operations.

In a recent incident in 2024, reports indicate a notable increase in phishing attacks related to the election cycle, with many attackers leveraging topics like voter registration and political donations.

ReliaQuest

GovTech.

SMBs that lack strong defenses are especially vulnerable to these attacks.

For MSPs, the solution lies in proactive measures, including anti-phishing solutions, advanced email filtering, and security awareness training for their SMB clients.

2. Nation-State Attacks on SMBs Connected to Critical Infrastructure

Election interference has evolved from a national concern to one that directly impacts businesses—particularly those providing services to government agencies or critical infrastructure. Nation-state actors target SMBs as weak links in the supply chain, seeking access to larger systems through their less secure networks. This makes SMBs that work with election technology or government contracts especially vulnerable during the election cycle.

Example: SMBs as a Backdoor into Election Systems

During previous election cycles, hackers targeted software companies supplying election technology to various state governments. By compromising these smaller vendors, nation-state actors gained access to voter databases and sensitive election-related systems. This pattern is expected to continue in 2024, with reports of increasing activity on the darknet aimed at facilitating such attacks.

Cyber Security Intelligence

One of the most recent cases involves Iran, where hackers have reportedly targeted U.S. presidential campaigns, exploiting SMB vulnerabilities to gain access to sensitive data

ReliaQuest

For MSPs managing these clients, it’s crucial to employ a multi-layered defense strategy that includes endpoint protection, intrusion detection systems, and network segmentation. Regular security assessments and proactive monitoring are necessary to mitigate these risks.

3. New Regulations and Increased Demand for Cybersecurity Insurance

As election-related cyberattacks increase, SMBs—especially those in critical sectors—could face new compliance requirements. Additionally, with the rising risk of ransomware attacks and data breaches, more businesses are seeking cybersecurity insurance to protect against financial losses.

Example: The Shift Toward Cybersecurity Compliance

After the 2020 elections, several states began focusing more on cybersecurity regulations for companies working with critical infrastructure. These requirements included mandatory incident reporting and compliance with frameworks like NIST and the Cybersecurity Maturity Model Certification (CMMC). Similarly, the 2024 election cycle is driving demand for cybersecurity insurance as businesses look to protect themselves from potential damages.

Cyber Defense Magazine

MSPs can assist SMBs by offering managed compliance services to help them stay up-to-date with evolving regulations. Additionally, bundling cybersecurity solutions with insurance products provides added value to SMB clients.

Disinformation Campaigns and Their Impact on SMBs

Disinformation campaigns, often designed to influence public opinion during elections, can also impact businesses, especially those with a strong online presence. Cybercriminals may spread false information about a company’s services or leadership, leading to reputational damage.

Example: Fake Reviews and Social Media Attacks

In the past, SMBs have been victims of disinformation campaigns that spread fake reviews or social media posts during election periods. For example, in one notable case, a small business was falsely accused of political affiliations, resulting in lost customers and a barrage of negative reviews.

Cyber Security Intelligence

These campaigns can have a devastating effect on businesses that rely on their local reputation.

MSPs can help mitigate these risks by monitoring their clients’ digital presence and using tools to detect and respond to disinformation. Setting up alerts for unusual online activity and implementing account takeover protections are key steps in safeguarding against these threats.

Supply Chain Attacks: A Growing Threat for SMBs During Elections

Election cycles also see a rise in supply chain attacks, where cybercriminals target smaller vendors to gain access to larger networks. SMBs that provide software, hardware, or services to election offices are particularly at risk of these attacks, which are often aimed at disrupting or influencing the election process.

Example: Targeting SMB Vendors in the Supply Chain

In the 2016 U.S. election, hackers targeted a small software company that provided voter registration services to several states. By breaching this vendor, the attackers gained access to sensitive voter data, disrupting registration systems. With the 2024 election approaching, similar attacks are expected, with hackers actively working on the darknet to coordinate such efforts.

CISA

For MSPs, securing their clients’ supply chains is a top priority. This includes strong vendor management practices, regular security assessments, and ensuring that all software and hardware are updated and patched. Establishing contingency plans can also help SMBs quickly recover from any potential supply chain disruptions.

Conclusion: Guardz’s Commitment to Securing SMBs and MSPs During Critical Times

As we move through the 2024 election season, the cybersecurity landscape for SMBs and MSPs will become more complex and challenging. From phishing attacks to nation-state threats and supply chain vulnerabilities, the risks are significant. However, MSPs play a crucial role in helping SMBs navigate this turbulent environment by providing comprehensive security solutions, compliance support, and proactive protection.

At Guardz, we are deeply committed to the MSP community, understanding the unique challenges they face—especially during election cycles. Our mission is to empower MSPs with the tools and knowledge they need to secure their clients effectively. With AI-powered security solutions, managed detection and response (MDR), and cybersecurity insurance offerings, Guardz ensures that MSPs can stay ahead of emerging threats and continue to provide top-tier security services to their SMB clients.

Let’s work together to ensure that, even during times of political uncertainty, your clients remain secure and confident in their digital environments.

About Guardz
Guardz is on a mission to create a safer digital world by empowering Managed Service Providers (MSPs). Their goal is to proactively secure and insure Small and Medium Enterprises (SMEs) against ever-evolving threats while simultaneously creating new revenue streams, all on one unified platform.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

2024 Guardz