Welcome. This is Quest Unscripted, a vlog series on trending topics--
And Quest solutions related to Active Directory--
Office 365--
Oh, and don't forget Azure AD.
You are here because you have questions.
We're here because we have answers.
I think.
We will address questions we've received from customers--
Who experience the same challenges as you--
All with the goal of helping you confidently move--
Manage--
And secure your Microsoft environment.
We call the show Quest Unscripted because--
Except for this intro--
Nothing we say is scripted or rehearsed.
And we're pretty sure you'll notice that right away.
Hello, everyone. We were going to call this show The Bryan and Brian Show, but let me start by saying my name is Ghazwan Khairi. I'm a principal systems consultant for Quest, and I'm joined by Bryan Patton, principal systems consultant, and Brian Hymer, strategic solutions architect for Quest.
Today's short topic will be-- and it should be the focus for every single organization that depends on Active Directory for its authentication or authorization-- we will cover Active Directory Disaster Recovery Edition from Quest. So we're going to introduce Quest Recovery Manager for Active Directory. Mr. Hymer, we're going to start with you.
Sure.
The last figure I have in front of me is 10 million daily attempts on hacking Azure Active Directory accounts. And I know the figure, last time I checked, was like 95 million or 100 million daily attempts on on-prem Active Directory--
Right.
--accounts. How can Quest help?
Active Directory is key to the industry. It is the primary authentication method across most corporations and organizations today. And if Active Directory is down, everybody is down. It doesn't matter. As a matter of fact, I even remember hearing that in the Maersk attack back in 2017. If Active Directory can't get recovered, we can't recover anything.
Quest has built unique solutions around Active Directory recovery for a long time, and the Disaster Recovery Edition, our latest edition in that scheme of tools, allows you to recover Active Directory even from a ransomware attack.
Yeah. And, Patton, why do you think it's important for customers to have a disaster recovery plan in place? And also, do you think like-- you work with a lot of customers, a lot of national customers-- what's the percentage of customers who actually have a disaster recovery plan in place in case they get attacked by ransomware or other attacks?
Well, I think it really depends on-- I think a lot of customers have a plan, but I don't think it's necessarily a fully developed plan. They traditionally will talk to a different backup vendor who they say can do restoration of all these different systems, but the system relies on Active Directory to authenticate, be it either on-premise or in Azure Active Directory. Do you have a plan in place to get that up and be able to authenticate prior to be able to restore their applications and data, which use that authentication to begin with? So it's-- you have to do the first step before you can get to the second step.
A lot of people think that they're covered, but they only really realize they're not covered after practicing. Once you practice, you realize the different caveats, what it really takes to do a full Active Directory restoration, or even about just like an Azure AD misconfiguration with-- a conditional access policy is an example.
Yeah. Bryan actually brought up a really good point, and I can't tell you how many times I've talked to a client that says, "We're moving a domain controller into our disaster recovery area so that they can do their disaster recovery testing."
Right.
And I've come back and said, "Well, have you tested recovering Active Directory?" And they go, "What? Why would I need to do that?"
Yeah.
And in a physical disaster, that's not an issue at all. But in today's area of cyber warfare and cyber criminals, ransomware is infecting domain controllers across their corporation. So it's no longer a geographic, physical location-type disaster. It is a cyber disaster across your entire forest.
And by default, Active Directory is highly available, again, to multiple different domain controllers. But to your point, Brian, the likelihood of a ransomware attack happening is at an all-time high.
Yeah.
These types of attacks not happening 10 years ago, they have really surfaced in the last three or four years. And now everybody can see that the likelihood is a lot more likely in their organization, so you have to have a plan to respond in the event that situation does occur to you.
It's true. It's so true, Bryan. And like you said earlier, being able to test that recovery is key.
Well, let's talk about that. So let's tie all that into-- Hymer, what's your top two features in the newly released Disaster Recovery Edition that allows customers to achieve that kind of coverage against their Active Directory attacks?
Yeah, good question, Ghaz. So we just released 10.1 last month, and my two favorite features there are-- the first is clean OS recovery, absolutely a paramount way to recover your Active Directory, and I'll explain why. And the other is the ability to phase your recovery. Whereas we used to do just a single-forest, everything-at-once type recovery, now you can do recovery in phases. We have a new mode called Repromotion, which allows you to promote new domain controllers to replace your existing domain controllers in a forest during a disaster.
Yeah. And you know what? And, Bryan Patton, I know you mention this all the time. You always say, "Oh, flexibility in options." I mean, either one of you, what's flexibility in restore options from a Quest standpoint?
Well, every customer is different. Some still want to restore using bare-metal recovery. Others, you'll want to restore using a non-tainted operating system they can validate is clean.
Yeah.
So we give the option and ability to
09:14