As cyberattacks increasingly target Active Directory—used by 90% of businesses worldwide—identity system recovery has become a critical priority for most organizations. Semperis has added capabilities in Active Directory Forest Recovery (ADFR) that build on our years-long foundation of cyber-first Active Directory recovery, which continues to be a key differentiator in ensuring operational resilience for our customers.
We know from firsthand experience that recovering Active Directory after a cyberattack is a complex process because of the critical role AD plays in day-to-day business operations. The unique configurations of many organizations’ AD environments can include legacy technical debt and complex interdependencies. We built ADFR from the ground up in full recognition of those complications to provide a solution that accelerates recovery for the largest organizations in the world, with the most complex environments, in some truly harrowing attack scenarios.
In the latest release of ADFR, we’ve expanded our ability to reduce downtime after a cyberattack with Azure backup and recovery, support for Windows 2025, and enhanced backup recovery speed.
Leverage Azure for AD backup and recovery
Operational resilience depends on the ability to quickly recover the identity system in the case of a cyber disaster—which means trusted, malware-free AD backups need to be quickly available. ADFR 5.0 allows you to automatically store AD backups in your Azure cloud storage, which provides ultimate resiliency and speed of recovery.
The integration with Azure provides an additional layer of defense by providing cost-effective, immutable offsite storage for AD backups, minimizing downtime in the case of data loss incidents and providing an option for seamless recovery right from the cloud.
The option to store and recover AD backups from Azure blob storage is just one way to help ensure immutability of your backups. Semperis has partnered with Cohesity on a solution that automatically backs up your AD files to Cohesity storage clusters, providing robust and redundant backup with Cohesity data protection, immutable storage using Cohesity SmartFiles, DataLock, or NetBackup solutions, and rapid data recovery capabilities.
With the introduction of Azure cloud backups and the Cohesity integration, ADFR offers unmatched flexibility in AD backup storage options so our customers can easily build a layered defense system against attacks.
Benefit from Windows Server 2025 support
Microsoft Windows Server 2025 includes some long-awaited feature enhancements for Active Directory, which underscores the point that most organizations have no plans to retire AD. ADFR is ahead of the curve in offering support for backing up and recovering Windows Server 2025 domain controllers.
One thing that hasn’t changed with the latest release of Windows is the manual AD recovery process: It’s still a complex, error-prone, 28-step process that no organization should rely on as part of their cyber resilience strategy. Sean Deuby, Semperis Principal Technologist, wrote a “guide to the guide” that steps through some of the pitfalls of a manual AD forest recovery. Sean’s guide is essential reading for anyone who hasn’t grasped the implications of a manual recovery in a cyberattack scenario.
Experience even faster backup recovery processes
Purpose-built for cyber scenarios and battle-tested in real-world incident response situations, ADFR accelerates recovery by up to 90%, a metric that was confirmed by Forrester in an independent study of large enterprise customers across vertical markets.
The latest release of ADFR has reduced recovery times even further with faster file processing times—especially advantageous for organizations in geographically dispersed environments with variable latency network links.
The ability to recover AD as quickly as possible is key to operational resilience. The faster you can restore access to business-critical applications and services, the less damage in lost revenue, customer dissatisfaction, legal ramifications, and other collateral fallout from an AD outage.
ADFR helps you prepare for the worst
AD recovery is more than just restoring servers. In the case of a cyberattack, fully recovering AD to a trusted environment requires malware-free backups that can be quickly restored—plus the ability to close backdoors in the production environment to avoid follow-on attacks. It also requires partnering with a trusted vendor that has “been there and done that” with respect to recovering AD safely in some of the largest and most complex environments in the world.
The ADFR product team is focused on continuous innovation, solving the problems inherent in any cyber AD disaster scenario, including:
- Decoupling the AD backup from the OS system to avoid malware reinfection
- Optimizing backup size for speedy recovery
- Providing flexible provisioning options to accelerate recovery in the chaotic incident response environment
- Providing post-breach scanning to remove persistence and close backdoors before restoring AD to production
With the additional Azure Cloud Backup option, support for backing up Windows Server 2025 domain controllers, and even faster backup retrieval processes, ADFR continues to set the bar for ensuring identity cyber resilience.
Additional resources
- Active Directory Forest Recovery
- The Dos and Don’ts of AD Recovery
- The Guide to the Microsoft Active Directory Forest Recovery Guide
- Forrester Total Economic Impact of Semperis
- The Practical ROI of a Quick Active Directory Recovery
- Thinking The Unthinkable: Do You Have an Active Directory Forest Recovery Plan?
