How IT Works?
All production VMs are replicated every 5 minutes to completely separate and fenced standby clusters.
Standby clusters do not share any authentication credentials with production, so any compromise of credentials in one environment does not threaten the other environment.
Standby clusters have all-flash storage and have enough compute and RAM to run production workloads.
![772-[Converted].png](https://static.wixstatic.com/media/0b749e_19085a716ae644a19e34dbf0b8ef6ea1~mv2.png/v1/crop/x_170,y_208,w_1210,h_790/fill/w_484,h_316,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/772-%5BConverted%5D.png)
Replication does not happen inside the OS. Instead, it happens at the hypervisor layer. This effectively shields the replication mechanism from any ransomware infection inside the client VM.
The entire production data set along with 24 hourly snapshots are stored in the standby cluster. In the event of infection, briteVAULT can boot any VM from any snapshot. Working in tandem with your team, we bring the VM up prior to when the ransomware encrypted the VMs. We bring the VMs online in a protected network that only your team has access to so that you can root out the malware before putting the VM back into production.