Cleanroom recovery helps you test, investigate, and recover from cyber attacks in an isolated recovery environment.
Many disaster recovery plans handle outages, but they are not enough for targeted cyber attacks. A cleanroom site, also called an isolated recovery environment, gives you a clean place to recover data and restore operations.
Videos
- Customer video: Commvault SaaS Cleanroom Recovery
- Partner video: CSF SaaS Cleanroom Recovery
Key features
Cleanroom recovery supports continuous testing, forensic analysis, and recovery in a secure isolated environment.
-
Continuous testing: Use the cleanroom site to simulate recovery scenarios and validate your cyber recovery plans.
-
Forensic investigation: Analyze attack timelines, identify root causes, and safely test remediation steps before applying them to production.
-
Recovery to an isolated environment: Recover clean data from backups and restore operations in a secure environment when production is compromised.
-
Flexible deployment models: Deploy as a Commvault-managed environment or as a self-managed environment in your own infrastructure or cloud.
Support
Cleanroom recovery supports key virtual/compute resources, workloads on virtual/compute resources, and other sources for recovery to both Amazon Web Services and Azure cleanroom sites.
Virtual/compute resources
| Source | Linux | Windows |
|---|---|---|
| Amazon EC2 | ✓ | ✓ |
| Azure VM | ✓ | ✓ |
| Azure Local | ✓ | ✓ |
| Hyper-V | ✓ | ✓ |
| VMware, on-premises | ✓ | ✓ |
| Google Cloud VMware Engine | ✓ | ✓ |
| Oracle Cloud VMware Solution | ✓ | ✓ |
| VMware Cloud on AWS | ✓ | ✓ |
Not supported:
- VMs with independent disks
| Source | Linux | Windows |
|---|---|---|
| Amazon EC2 | ✓ | ✓ |
| Azure VM | ✓ | ✓ |
| Azure Local | ✓ | ✓ |
| Hyper-V | ✓ | ✓ |
| Nutanix AHV | ✓ | ✓ |
| VMware, on-premises | ✓ | ✓ |
| Azure VMware Solution | ✓ | ✓ |
| Google Cloud VMware Engine | ✓ | ✓ |
| Oracle Cloud VMware Solution | ✓ | ✓ |
| VMware Cloud on AWS | ✓ | ✓ |
Not supported:
- VMs with independent disks
Applications on virtual/compute resources
Details
- Advanced recovery is the post-restore registration phase that reconnects supported workloads with the control plane after recovery.
- Recovery configuration is standalone—recovery from and to a single server.
- Backups are:
- Linux: Crash-consistent
- Windows: Application-consistent
- File system subclients with the block-level backup setting enabled are not supported.
| Workload type | Sources/Targets | Advanced recovery | Notes |
|---|---|---|---|
| Active Directory | Windows to Windows | ✓ | A single domain controller from a single domain is recovered. |
| SQL Server | - Linux to Windows - Windows to Windows |
Future support | None |
| Oracle Database | - Linux to Linux - Windows to Windows |
Future support | None |
| MySQL | - Linux to Linux - Windows to Windows |
Future support | None |
| PostgreSQL | - Linux to Linux - Windows to Windows |
Future support | None |
| SAP HANA | Linux to Linux | Future support | None |
| IBM Db2 | - Linux to Linux - Windows to Windows |
Future support | None |
| Epic EHR (InterSystems IRIS Caché) | Linux to Linux | Future support | None |
| Azure NetApp Files | Windows to Windows | Not applicable | Only CIFS shares |
| Network-attached storage (NAS) servers | Windows to Windows | Not applicable | Only CIFS shares |
| Nutanix Files | Windows to Windows | Not applicable | Only CIFS shares |
| Qumulo file storage | Windows to Windows | Not applicable | Only CIFS shares |
| Windows file system | Windows to Windows | Not applicable | None |
| Workload type | Sources/Targets | Advanced recovery | Notes |
|---|---|---|---|
| Active Directory | Windows to Windows | ✓ | A single domain controller from a single domain is recovered. |
| SQL Server | Linux to Windows Windows to Windows |
✓ | Linux to Windows recovery requires that you enable the Repave VM with new secure image setting in Override recovery options and applies only to the default instance. During recovery, you might need to skip recovery of additional instances. |
| Oracle Database | - Linux to Linux - Windows to Windows |
Future support | None |
| SAP HANA | Linux to Linux | Future support | None |
| IBM Db2 | - Linux to Linux - Windows to Windows |
Future support | None |
| Epic EHR (InterSystems IRIS Caché) | Linux to Linux | Future support | None |
| Azure NetApp Files | Windows to Windows | Not applicable | Only CIFS shares |
| Network-attached storage (NAS) servers | Windows to Windows | Not applicable | Only CIFS shares |
| Nutanix Files | Windows to Windows | Not applicable | Only CIFS shares |
| Qumulo file storage | Windows to Windows | Not applicable | Only CIFS shares |
| Windows file system | Windows to Windows | Not applicable | None |