Active Directory Forest RecoverySee it live
Active Directory is in the attackers’ crosshairs
Widespread attacks exploiting Microsoft Active Directory have crippled businesses in recent years. When a ransomware or wiper attack takes out your domain controllers, recovering your forest can drag on for days or even weeks and risk malware re-infection in the process. But with Semperis Active Directory Forest Recovery (ADFR), you can get your business back in business in less than an hour. Soup to nuts.Let us prove it
Was your AD backup built for a different era?
So, what do you do when a cyberattack annihilates your entire Active Directory infrastructure? Well, Microsoft provides a lengthy technical guide that details the 28-step multi-threaded manual process required to recover an AD forest. Or, you could use a third-party AD backup tool that relies on bare-metal recovery (BMR). But be warned: Recovery from system state or bare-metal backups can re-introduce the infection all over again. Yikes! Don’t worry, Semperis has a solution built for the “post-NotPetya” world. The risk model for AD recovery has changed. So should your AD recovery plan.Cyber-First Checklist
The extinction event is real.
If Active Directory is down, business stops. Period. With malware running rampant, the threat of an AD disaster is greater than ever. In many cases, domain controllers are being weaponized to spread ransomware and encrypt thousands of machines at once. And opportunistic attackers are compromising targeted networks several months before deploying the ransomware, waiting to monetize their attacks until they see the most financial gain. It’s impossible to stop every attack, especially as remote workforces rapidly expand the attack surface. But you can control how resilient you are. Your business depends on it.By the end of 2021
combat cyber disasters
In the good old days, Active Directory outages were limited to natural disasters or operational mistakes. Considering that cyberattacks inflict more damage and strike more frequently than natural disasters, it’s time to think “cyber-first.” Does your disaster recovery playbook address this reality? Semperis does.
- Malware-proof your backups
- Automate forest recovery
- Remove hardware dependencies
- Stress-test disaster preparedness
Malware-proof your backupsLearn More
Confidently restore to the most recent backup, even if domain controllers were infected when backups were taken. Patented technology de-couples Active Directory from the underlying operating system to prevent OS malware re-infection. No need for trial-and-error restores in search of clean backups. No rebuilding AD from scratch. Minimize the impact of AD outages.
Automate forest recoveryLearn More
Recover an entire Active Directory forest with just a few clicks. Automate every aspect of forest recovery, such as cleaning up metadata, rebuilding the Global Catalog, and restructuring site topology. Avoid human errors and reduce downtime to minutes instead of days or even weeks. Avert costly business interruption. Be a hero.
Remove hardware dependenciesLearn More
The fastest, most flexible, and surest way to recover Active Directory after a cyberattack. Recover AD to any hardware, virtual or physical. Cut the cost of maintaining spare equipment, avoid the scramble to procure new hardware, and leverage the cloud as a readily available, cost-effective disaster recovery site.
Stress-test disaster preparednessLearn More
Effortlessly spin up an exact copy of your production AD forest in a lab to regularly test your disaster recovery plan. Save the resources typically required to build and maintain test environments. Assess your gaps, implement technology and process improvements, and validate effectiveness. Prove business SLAs.
Restore with confidence
Back in 2015, Microsoft estimated that 95 million AD accounts were under attack every day. Fast forward to today, and COVID-19 has dramatically changed the workplace. The idea of having to recover AD from scratch is no longer theoretical. It now must be a critical part of incident response planning.
Anywhere Recovery: Restore AD to any hardware, virtual or physical – on premises or in the cloud.
To prevent re-introduction of rootkits and other malware, ADFR starts with a clean Windows operating system and only restores what’s needed for the server’s role as a DC, DNS server, etc.
Automates the entire recovery process, including restoring DCs, rebuilding the Global Catalog, cleaning up metadata and the DNS namespace, restructuring the site topology, re-promoting DCs, and more.
Eliminates the need to develop and maintain scripts or manually update configuration information – and the recovery failures that occur when these things don’t get done.
Checks each backup set to verify that it contains all the data necessary to successfully recover your forest, and that this data was successfully written to one or more locations. Also notifies you of any gaps in backup jobs.
Share Nothing Architecture
Runs independent of AD – with no reliance on Windows authentication, DNS, or other AD services – so you can recover immediately even if AD is completely down.
Easy DR Testing
Spin up an exact replica of the production AD forest, using available servers, in an isolated lab to effortlessly test recovery procedures and document results for compliance with internal and external regulations.
Lightweight AD Backups
Backs up only the AD components. This results in smaller backups, which means less data to retrieve, process, and transfer – and less time to perform these operations during restore.
Manage backup and recovery of multiple AD forests using a single management server and web portal, simplifying setup and ongoing administration.
Includes PowerShell commands for automating Semperis ADFR management, providing easier management of backup groups, backup rules, agents, and distribution points.
Distributed Backup Failover
Leverages distribution point servers to store backups close to domain controllers, reducing network traffic as well as backup and recovery times.
Take back the keys to your kingdomRequest a demo
Semperis is exactly what I hoped for in an AD recovery tool. Over the years, I’ve had numerous concerns about forest recovery, and Semperis addresses them all.InfoSec Identity and Directory Lead Global 500 Retailer
Everything starts with an ID and password. First thing you need to recover is credentials to do any other type of recovery.Kerry Kilker Former CISO | Walmart
The Semperis platform helped El AI reach a point where we are sure that we can overcome any Active Directory outage.Deputy Director of Infrastructure EI AI Airlines
Semperis delivers security and business wins.
We built the market’s only backup and recovery solution capable of cleanly restoring AD from cyber disasters like ransomware and wiper attacks – even if domain controllers are infected or wiped out completely.
Simple & Powerful
When your business is down, every second counts and complexity is your enemy. With end-to-end automation, you say goodbye to resource-intensive and error-prone recovery processes. Save precious time and resources.
Traditional AD recovery burns time and money. We don’t just save you from costly outages – we also shrink your overhead with advanced automation, anywhere recovery, and easy DR testing capabilities.
How can Semperis help me?
Malware encrypts or wipes all of your domain controllers. Active Directory no longer exists in your environment and must be restored from backup.
A hacker gains access to your network, and the extent of the damage is unknown. As part of a comprehensive response that includes resetting passwords, all domain controllers must be restored from backup to eliminate rootkits and other malware.
A schema extension corrupts the forest, and Active Directory is no longer responding to requests. The schema change is irreversible, so the forest must be restored from backup.
An errant script deletes a large number of sites and subnets, and you need to authoritatively restore the Configuration partition from backup.
A rogue administrator removes read permissions on the root level of the domain, and Active Directory is unresponsive. You need to recover a partition or the entire forest.
An individual site is taken out by a fire, flood, power outage, or another disaster, and recovery from backup is the fastest way to restore its domain controllers.
You can also use Semperis ADFR to spin up a copy of production domain controllers in the lab, significantly reducing the time required to set up and maintain dev/test, staging, training, and support environments.
We help our customers be heroes.
Vulnerabilities in Active Directory: The CISO’s Achilles Heel
Understanding how compromises occur is a fundamental part of forming a cybersecurity defense. With that in mind, I recently joined Andy Robbins, co-creator of the open source attack path discovery tool, BloodHound, for a webinar that outlined how attackers target Active Directory (AD). During the...
Why I’m Hanging Out With the Semperis Crew
Let’s start with a little history lesson… Back in 2014, there were a series of articles calling for the...
Understanding Group Policy Privilege Escalation in CVE-2020-1317
Last month, Microsoft released an advisory for CVE-2020-1317 which describes a privilege escalation vulnerability in...