CloudBerry Backup v5.8 - Ransomware defense and hybrid cloud backup

CloudBerry Backup v5.8 now includes a ransomware detection engine that protects your backups against unauthorized encryption operations.
Latest posts by Timothy Warner (see all)

CloudBerry Lab has long been a leading independent software vendor (ISV) partnered with the major public cloud providers: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and OpenStack. For instance, I have used the Cloudberry Explorer tools for years to interact with AWS and Azure blob storage.

Today I'd like to review CloudBerry Backup v5.8. I've written about CloudBerry Backup before; you can read about it here if you're so inclined:

In this review I loaded up CloudBerry Backup Ultimate Edition, for which you can obtain a free trial and which includes all the backup components CloudBerry otherwise sells separately:

  • Windows Server
  • Linux Server
  • SQL Server
  • Exchange Server

Today I'll focus on the Windows Server backup module, paying particular attention to hybrid cloud backup and the new ransomware defense feature.

Running a hybrid cloud backup ^

The first thing you’ll want to do after installing CloudBerry Backup on your management workstation is to add one or more cloud storage accounts. As you can see in the next screenshot, CloudBerry supports a staggering number of public cloud storage providers!

In general, to connect a cloud storage account, you will need:

  • An account with that cloud provider
  • A storage account with a container (also called a "bucket") to store your backups
  • An access key
Creating a link to Azure blob storage

Creating a link to Azure blob storage

Next, you can define a "Local to Cloud" backup plan. Your plan can either copy local files directly to the cloud, or first copy to local storage and then perform a second-level transfer to the cloud.

You then decide whether you need features such as:

  • Ransomware protection (we'll discuss this in more detail momentarily)
  • Block-level backup
  • Data encryption
  • Volume Shadow Copy (VSS)
  • Preserved NTFS permissions
  • Which drives, files, or folders to include
  • Compression
  • Retention
  • Scheduled or on-demand runtime(s)
  • Pre- and post-backup actions
  • Email and/or Windows Event Log notifications

Note: As you might expect, CloudBerry Lab can also perform full system image backups as well.

Once you have completed your first backup, the CloudBerry Backup Welcome page becomes a lot more interesting. Here, let me show you:

The CloudBerry Backup Welcome dashboard

The CloudBerry Backup Welcome dashboard

Ransomware protection ^

As you probably know, ransomware is a type of malicious software that cryptographically locks files on the victim computer. It threatens the data owner with permanent data loss unless the victim agrees to pay a ransom (usually in bitcoin or another anonymous cryptocurrency) in exchange for the decryption key.

CloudBerry Backup v5.8 includes a new ransomware detection engine that automatically locks your cloud storage backup files if the software detects bulk encryption on data protected in a CloudBerry backup plan.

Step one is enabling the ransomware protection feature. You can find this checkbox on the first page of the Create Backup Plan Wizard, as shown in the following screenshot.

Enabling ransomware protection for a backup plan

Enabling ransomware protection for a backup plan

You can easily verify that ransomware protection is enabled on a backup plan by navigating to the Backup Plans tab in CloudBerry Explorer and checking for the lock icon. Here's an image:

Look for the lock icon

Look for the lock icon

If CloudBerry Backup detects an occurrence of suspicious encryption, the lock icon will turn red and include a Show result link.

I was unable to trigger the ransomware detection engine on my lab server (that's a good thing, by the way!). Therefore, I nabbed the following screenshot from CloudBerry's website:

Reviewing suspect files in CloudBerry Explorer

Reviewing suspect files in CloudBerry Explorer

The previous screenshot lists local files included in a backup plan that CloudBerry suspects ransomware cryptolocker software has affected. Note that this will lock your cloud storage backup copies from overwrite unless and until you approve or delete the suspect files. CloudBerry Backup will also send you a detailed report if you have configured email reports.

File restore workflow ^

What's cool about the CloudBerry Explorer file restore workflow is its flexibility. To see what I mean, check out the following screenshot from the Restore Wizard:

Granular file restore options

Granular file restore options

Notice that you can be highly specific when restoring files and folders—you can grab the most recent version or a version matching your precise chosen point in time. Moreover, you can customize the restore process further by choosing whether to:

  • Restore to the original or a specific location
  • Restore deleted files
  • Overwrite existing files
  • Restore NTFS permissions

Another nifty option is to browse to the Backup Storage tab and select individual files to restore, as shown in the following screenshot. This is a super handy feature!

Browsing backup storage

Browsing backup storage

Wrap-up ^

As of this writing, CloudBerry continues to fine-tune the ransomware detection engine, principally making it possible for administrators to "whitelist" encryption operations to reduce false positive readings.

In the meantime though, CloudBerry Backup v5.8 continues to be a strong, simple-to-use tool to back up files, folders, databases, and entire systems to local and cloud-based storage targets.


Poll: Does your organization plan to introduce Artifical Intelligence?

Read 4sysops without ads and for free by becoming a member!


Leave a reply

Your email address will not be published. Required fields are marked *


© 4sysops 2006 - 2020


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account