Widespread attacks exploiting Microsoft Active Directory have crippled businesses in recent years. When a ransomware or wiper attack takes out your domain controllers, recovering your forest can drag on for days or even weeks and risk malware re-infection in the process. But with Semperis Active Directory Forest Recovery (ADFR), you can get your business back in business in less than an hour. Soup to nuts.
Fastest.Automate the entire forest recovery process, avoid human errors, and cut downtime by 90%.
Safest.Eliminate the risk of malware re-infection from system state and bare-metal recovery.
Easiest.Recover to alternate hardware – virtual or physical – on premises or in the cloud.
BREAK FREE FROM LEGACY BACKUP
Was your AD backup built for a different era?
So, what do you do when a cyberattack annihilates your entire Active Directory infrastructure? Well, Microsoft provides a lengthy technical guide that details the 28-step multi-threaded manual process required to recover an AD forest. Or, you could use a third-party AD backup tool that relies on bare-metal recovery (BMR). Butbe warned: Recovery from system state or bare-metal backups can re-introduce the infection all over again. Yikes! Don’t worry, Semperis has a solution built for the “post-NotPetya” world. The risk model for AD recovery has changed. So should your AD recovery plan.
If Active Directory is down, business stops. Period. With malware running rampant, the threat of an AD disaster is greater than ever. In many cases, domain controllers are being weaponized to spread ransomware and encrypt thousands of machines at once. And opportunistic attackers are compromising targeted networks several months before deploying the ransomware, waiting to monetize their attacks until they see the most financial gain. It’s impossible to stop every attack, especially as remote workforces rapidly expand the attack surface. But you can control how resilient you are. Your business depends on it.
By the end of 2021
every 11 secondsRansomware attacks a business
$20 billionIn ransomware global damages
Lack of testing tops list of AD recovery concerns.
In a wide-spread outage, you must recover AD before you can recover your business. But only one in five organizations have a tested plan in place for recovering AD after a cyberattack.
In the good old days, Active Directory outages were limited to natural disasters or operational mistakes. Considering that cyberattacks inflict more damage and strike more frequently than natural disasters, it’s time to think “cyber-first.” Does your disaster recovery playbook address this reality? Semperis does.
Malware-proof your backups
Automate forest recovery
Remove hardware dependencies
Stress-test disaster preparedness
Malware-proof your backups
Confidently restore to the most recent backup, even if domain controllers were infected when backups were taken. Patented technology de-couples Active Directory from the underlying operating system to prevent OS malware re-infection. No need for trial-and-error restores in search of clean backups. No rebuilding AD from scratch. Minimize the impact of AD outages.
Recover an entire Active Directory forest with just a few clicks. Automate every aspect of forest recovery, such as cleaning up metadata, rebuilding the Global Catalog, and restructuring site topology. Avoid human errors and reduce downtime to minutes instead of days or even weeks. Avert costly business interruption. Be a hero.
The fastest, most flexible, and surest way to recover Active Directory after a cyberattack. Recover AD to any hardware, virtual or physical. Cut the cost of maintaining spare equipment, avoid the scramble to procure new hardware, and leverage the cloud as a readily available, cost-effective disaster recovery site.
Effortlessly spin up an exact copy of your production AD forest in a lab to regularly test your disaster recovery plan. Save the resources typically required to build and maintain test environments. Assess your gaps, implement technology and process improvements, and validate effectiveness. Prove business SLAs.
Back in 2015, Microsoft estimated that 95 million AD accounts were under attack every day. Fast forward to today, and COVID-19 has dramatically changed the workplace. The idea of having to recover AD from scratch is no longer theoretical. It now must be a critical part of incident response planning.
Anywhere Recovery
Anywhere Recovery: Restore AD to any hardware, virtual or physical – on premises or in the cloud.
Clean Restore
To prevent re-introduction of rootkits and other malware, ADFR starts with a clean Windows operating system and only restores what’s needed for the server’s role as a DC, DNS server, etc.
Advanced Automation
Automates the entire recovery process, including restoring DCs, rebuilding the Global Catalog, cleaning up metadata and the DNS namespace, restructuring the site topology, re-promoting DCs, and more.
Zero Maintenance
Eliminates the need to develop and maintain scripts or manually update configuration information – and the recovery failures that occur when these things don’t get done.
Backup Integrity
Checks each backup set to verify that it contains all the data necessary to successfully recover your forest, and that this data was successfully written to one or more locations. Also notifies you of any gaps in backup jobs.
Share Nothing Architecture
Runs independent of AD – with no reliance on Windows authentication, DNS, or other AD services – so you can recover immediately even if AD is completely down.
Easy DR Testing
Spin up an exact replica of the production AD forest, using available servers, in an isolated lab to effortlessly test recovery procedures and document results for compliance with internal and external regulations.
Lightweight AD Backups
Backs up only the AD components. This results in smaller backups, which means less data to retrieve, process, and transfer – and less time to perform these operations during restore.
Multi-Forest Support
Manage backup and recovery of multiple AD forests using a single management server and web portal, simplifying setup and ongoing administration.
PowerShell Support
Includes PowerShell commands for automating Semperis ADFR management, providing easier management of backup groups, backup rules, agents, and distribution points.
Distributed Backup Failover
Leverages distribution point servers to store backups close to domain controllers, reducing network traffic as well as backup and recovery times.
Lightning Speed
10X faster forest recovery.
Learn More
Semperis is exactly what I hoped for in an AD recovery tool. Over the years, I’ve had numerous concerns about forest recovery, and Semperis addresses them all.
InfoSec Identity and Directory LeadGlobal 500 Retailer
Everything starts with an ID and password. First thing you need to recover is credentials to do any other type of recovery.
Kerry KilkerFormer CISO | Walmart
The Semperis platform helped El AI reach a point where we are sure that we can overcome any Active Directory outage.
Deputy Director of InfrastructureEI AI Airlines
Battle Tested41,348,928
IDENTITIES PROTECTED
Semperis delivers security and business wins.
Cyber-First
We built the market’s only backup and recovery solution capable of cleanly restoring AD from cyber disasters like ransomware and wiper attacks – even if domain controllers are infected or wiped out completely.
Simple & Powerful
When your business is down, every second counts and complexity is your enemy. With end-to-end automation, you say goodbye to resource-intensive and error-prone recovery processes. Save precious time and resources.
Cost-Effective
Traditional AD recovery burns time and money. We don’t just save you from costly outages – we also shrink your overhead with advanced automation, anywhere recovery, and easy DR testing capabilities.
How can Semperis help me?
Cyberattack
Malware encrypts or wipes all of your domain controllers. Active Directory no longer exists in your environment and must be restored from backup.
Hacker
A hacker gains access to your network, and the extent of the damage is unknown. As part of a comprehensive response that includes resetting passwords, all domain controllers must be restored from backup to eliminate rootkits and other malware.
Schema extension gone wrong
A schema extension corrupts the forest, and Active Directory is no longer responding to requests. The schema change is irreversible, so the forest must be restored from backup.
Errant script
An errant script deletes a large number of sites and subnets, and you need to authoritatively restore the Configuration partition from backup.
Rogue administrator
A rogue administrator removes read permissions on the root level of the domain, and Active Directory is unresponsive. You need to recover a partition or the entire forest.
Site disaster
An individual site is taken out by a fire, flood, power outage, or another disaster, and recovery from backup is the fastest way to restore its domain controllers.
Lab Setup
You can also use Semperis ADFR to spin up a copy of production domain controllers in the lab, significantly reducing the time required to set up and maintain dev/test, staging, training, and support environments.
