Semperis Active Directory Forest Recovery

Essential Protection for Active Directory

When a hacker, rogue administrator, or operational error take down Active Directory, a full forest recovery can take days or even weeks. And in the case of ransomware or a wiper attack, the malware can be reintroduced in the process. But with Semperis Active Directory Forest Recovery (ADFR), you can get your business back in business in less than an hour.

Active Directory backup and recovery you can count on

Restore with Confidence

Full forest recovery is no easy task. The Active Directory experts at Semperis have taken the challenge head-on and built a robust solution that includes:

Anywhere Recovery: recover to the same or different servers
Clean Restore: eliminate reintroduction of malware
Advanced Automation: orchestrate every aspect of forest recovery, such as cleaning up metadata, rebuilding the Global Catalog, and restructuring site topology
Self Learning: analyze past backup sets to determine the best way to recover the environment

Persistent Recovery: adjust to environmental instability during the restore process
Full Oversight: maintain visibility and control of the restore process
Easy DR Testing: streamline testing and compliance
Comprehensive Backup Validation: verify each backup set to ensure recoverability
Active Directory Independence: recover even if Active Directory is completely down

And more!

The Threat Is Real

With malware running rampant, the threat of a complete Active Directory outage is greater than ever.

“… domain controllers were programmed to sync their data with one another, so that, in theory, any of them could function as a backup for all the others. But that decentralized backup strategy hadn’t accounted for one scenario: where every domain controller is wiped simultaneously. ”

The Untold Story of NotPetya, the Most Devastating Cyberattack in History Wired.com, 08.22.2018

Protect Yourself with Semperis

With Semperis ADFR, you can recover quickly and confidently from even the most catastrophic Active Directory disaster.

“In the ransomware era, one of the most often overlooked considerations is backup and recovery of Active Directory. This represents a significant risk. I believe Semperis has a superior solution to this problem.”

Allen Brokken
Chief Architect, Cyber Security
Ascent Solutions

CASE STUDY

Schema extension gone wrongA schema extension corrupts the forest, and Active Directory is no longer responding to requests. The extension is irreversible, so the forest must be restored from backup.
Forest upgrade gone awry An upgrade to forest functional level causes unexpected results, and the forest must be returned to its previous state. The upgrade is irreversible, so the forest must be restored from backup.
Errant scriptAn errant script deletes a large number of sites and subnets, and you need to authoritatively restore the configuration partition from backup.
Rogue administratorA rogue administrator removes read permissions on the root level of the domain, and Active Directory is unresponsive. You need to recover a partition or the entire forest.

Cyber attackMalware encrypts or wipes all of your domain controllers. Active Directory no longer exists in your environment and must be restored from backup.
Hacker A hacker gains access to your network, and the extent of the damage is unknown. As part of a comprehensive response that includes resetting passwords, all domain controllers must be restored from backup to eliminate rootkits and other malware.
Site disasterAn individual site is taken out by a fire, flood, power outage, or other disaster, and recovery from backup is the fastest way to restore its domain controllers.
Lab setupYou can also use Semperis ADFR to spin up a copy of production domain controllers in the lab, significantly reducing the time required to set up and maintain dev/test, staging, training, and support environments.