This GigaOm Research Reprint Expires: Jun 29, 2023

GigaOm Radar for Hybrid Cloud Data Protection: Large Enterprisesv3.01

1. Summary

Data is still one of the most crucial assets in any enterprise today, and as such, it needs to be adequately protected. Enterprises face unprecedented complexity challenges, and the transition to the cloud is radically changing where data is created and consumed. Software as a service (SaaS) applications and replatforming and refactoring initiatives must also take into account data protection requirements.

The regulatory landscape is becoming unmanageable without software-based solutions. Existing data privacy and data sovereignty regulations (such as the EU GDPR, China PIPL, and California, US CCPA) are being extended and strengthened, while US states and other countries are working to introduce their own data privacy laws. But there is still no harmonization of such laws in sight at the US federal level.

Enhanced control and governance of data placement and data protection is needed more than ever. And if that wasn’t enough, ransomware attacks are no longer considered a distant possibility, but rather a high-probability, high-risk threat. Data protection solutions are often the last line of defense against a ransomware attack, and enterprises are looking at ransomware protection capabilities with increased scrutiny.

Finally, although the COVID-19 pandemic is no longer disrupting daily lives in 2022 as it was in 2020, it has left a durable impact on work patterns. Two years ago, most of the workforce began working from home, and organizations needed to restructure to protect data created in disparate locations. Now with a workforce that has become accustomed to flexible work arrangements (FWAs) and facing the Great Resignation, organizations are looking for ways to retain talent by offering continued remote work. This work model will drive demand for solutions that include endpoint data protection. In addition, data collected by sensors and devices at the edge also needs protection and that market continues to grow.

The enterprise market continues to trend toward additional services built on top of data protection. These services are becoming instrumental in collecting and consolidating data across the entire organization (no matter where it’s created or stored) to reuse it for other purposes. In most cases, the enhancements are still about improving and expanding data protection processes, as is the case of protection against ransomware. Still, areas like security, compliance, data governance, and management are also getting a lot of attention.

Today, the modern workplace generally involves a combination of SaaS applications and virtual desktops, whether on-premises or in the cloud, with increasing demand for network attached storage (NAS)—file—protection in both environments. Within this scenario, enterprises are building hybrid cloud infrastructures and need solutions that can adequately support their data-driven initiatives. Furthermore, a growing number of enterprises are taking advantage of Kubernetes to redo their business applications, and protecting these assets is becoming crucial.

This is why the market is so active, with both startups and incumbents looking at ways to disrupt traditional backup models, as well as increase the value of the protected data by adding data management and data reuse capabilities to their solutions.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

2. Market Categories and Deployment Types

For a better understanding of the market and vendor positioning (Table 1), we assess how well solutions for hybrid cloud data protection are positioned to serve specific market segments and deployment models.

This Radar focuses on solutions suited for large enterprises and cloud and managed service providers (CSPs/MSPs), but also takes into account specialized use cases. While some of the solutions evaluated in this Radar may also be suitable for small and medium-sized businesses (SMBs), these are covered in a separate Radar report: GigaOm Radar for Hybrid Cloud Data Protection for Small and Medium-Sized Businesses.

  • Large enterprise: These solutions can cover a majority of enterprise user needs with diverse and distributed infrastructures. They are sometimes less efficient than the others, but the feature set is extensive and has multiple deployment options, vast scalability, and support for legacy systems and applications.
  • CSP/MSP: In this category, we find solutions with features specifically designed for service providers. The backup infrastructure is not managed by the end user, who is usually subscribed to a service.
  • Specialized: These solutions have particular feature sets that make it difficult to position them in traditional enterprise-size market segments. They can sometimes be considered niche players, but they usually offer innovative approaches and solutions to several challenges posed by modern infrastructure and application development cycles.

This report also covers two predominant deployment models: self-managed (whether on-premises or in the cloud), and backup as a service (BaaS).

  • Self-managed: Deployed as software-defined or an appliance, these solutions focus on data center infrastructures, but can also provide support for SaaS applications and virtual machine (VM) instances on the cloud. Though the primary backup repository is on-premises, it can usually extend to different clouds. The user still keeps full control of the infrastructure, and the licensing model is typically subscription-based, conforming to public cloud standards.
  • BaaS: Based on a cloud back end and usually provided as-a-service, these solutions work in a manner contrary to the products in the on-premises category. Backup data is stored in the cloud, but the solutions can cover a broad set of platforms, including on-premises, cloud workloads, and SaaS applications. Furthermore, they are optimized to handle on-premises workloads through local cache capabilities. Organizations do not manage the underlying infrastructure and do not need to be concerned about scalability. The service is consumed following a pay-as-you-go model.

Table 1. Vendor Positioning

Market Segment

Deployment Model

Enterprise CSP/MSP Specialized Self-Managed BaaS
Bacula Systems
Cobalt Iron
Dell Technologies
HPE (Zerto)
3 Exceptional: Outstanding focus and execution
2 Capable: Good but with room for improvement
2 Limited: Lacking in execution and use cases
2 Not applicable or absent

3. Key Criteria Comparison

Following the general indications introduced with the GigaOm report, “Key Criteria for Evaluating Hybrid Cloud Data Protection Solutions,” Table 2 summarizes how each vendor included in this research performs in the areas we consider differentiating and critical in this sector. Table 3 follows this summary with insight into each product’s evaluation metrics—the top-line characteristics that define the impact each will have on the organization.

The objective is to give the reader a snapshot of the technical capabilities of available solutions, define the perimeter of the market landscape, and gauge the potential impact on the business.

Table 2. Key Criteria Comparison

Key Criteria

Analytics Disaster Recovery Orchestration Cyber Resiliency Data Management & Governance Kubernetes Support Backup as a Service Breadth of the Solution
Acronis 2 3 3 1 0 1 2
Arcserve 2 2 2 0 0 2 1
Asigra 1 1 3 2 0 3 2
Bacula Systems 2 2 2 1 3 0 3
Barracuda 2 1 3 2 0 1 2
Clumio 2 2 2 1 0 3 1
Cobalt Iron 3 1 3 1 2 3 3
Cohesity 3 3 3 2 2 2 3
Commvault 2 2 3 3 3 3 3
Dell Technologies 2 2 3 2 3 3 2
Druva 3 2 3 3 2 3 2
HPE (Zerto) 3 3 2 1 3 1 2
HYCU 2 2 2 1 2 2 2
IBM 2 2 2 2 2 1 2
Rubrik 3 3 3 2 2 1 2
Unitrends 3 3 3 2 0 3 2
Veeam 2 3 2 1 3 0 3
Veritas 2 3 3 2 3 3 2
3 Exceptional: Outstanding focus and execution
2 Capable: Good but with room for improvement
2 Limited: Lacking in execution and use cases
2 Not applicable or absent

Table 3. Evaluation Metrics Comparison

Evaluation Metrics

Architecture Scalability Flexibility Efficiency Security Manageability & Ease of Use Ecosystem
Acronis 2 2 3 2 3 3 2
Arcserve 2 2 2 3 2 2 2
Asigra 2 2 2 2 3 3 3
Bacula Systems 2 3 2 3 3 2 2
Barracuda 2 2 2 2 3 2 2
Clumio 3 3 1 2 3 3 1
Cobalt Iron 2 3 3 3 3 3 3
Cohesity 3 3 3 3 3 3 3
Commvault 3 3 3 3 3 2 3
Dell Technologies 2 3 2 3 3 3 3
Druva 3 3 2 3 3 3 2
HPE (Zerto) 3 2 2 3 2 3 2
HYCU 3 3 3 2 2 3 2
IBM 2 2 2 2 2 2 3
Rubrik 3 3 3 2 3 3 2
Unitrends 2 2 2 2 2 2 2
Veeam 3 2 3 3 2 3 3
Veritas 3 3 3 3 3 2 3
3 Exceptional: Outstanding focus and execution
2 Capable: Good but with room for improvement
2 Limited: Lacking in execution and use cases
2 Not applicable or absent

By combining the information provided in the tables above, the reader can develop a clear understanding of the technical solutions available in the market.

4. GigaOm Radar

This report synthesizes the analysis of key criteria and their impact on evaluation metrics to inform the GigaOm Radar graphic in Figure 1. The resulting chart is a forward-looking perspective on all the vendors in this report, based on their products’ technical capabilities and feature sets.

The GigaOm Radar plots vendor solutions across a series of concentric rings, with those set closer to the center judged to be of higher overall value. The chart characterizes each vendor on two axes—balancing Maturity versus Innovation, and Feature Play versus Platform Play—while providing an arrow that projects each solution’s evolution over the coming 12 to 18 months.

Figure 1: GigaOm Radar for Hybrid Cloud Data Protection: Enterprise

Several changes are apparent in the 2022 edition of this Radar compared to last year’s report due to new evaluation criteria being introduced.

This year, the two frontrunners of this report are Commvault and Cohesity, which are also two of the three companies noted as Outperformers. Both offer a complete feature set across all key criteria, have a compelling strategy, and deliver outstanding execution. In this report, Commvault offers a platform-driven approach with strong integration across the portfolio, a best-in-class BaaS experience, outstanding data management capabilities, and cyber resiliency features. Cohesity proposes a compelling solution that offers balanced workload coverage in hybrid cloud scenarios, strongly differentiated cyber resiliency features, great data management capabilities, and disaster recovery (DR), all under a single umbrella. The third Outperformer, Veritas, is also in an interesting position. The company has dramatically innovated and improved its portfolio, introducing solid cyber resiliency capabilities. It is thus depicted as crossing from a Mature/Platform Play to the Platform/Innovation quadrant.

Among the Leaders, Druva, Cobalt Iron, and Dell are also noteworthy. Druva has moved significantly from last year, going from Feature Play to a well-balanced Platform Play, both from an innovation perspective and a platform breadth of scope standpoint, offering strong data management and cyber resiliency capabilities. Cobalt Iron impressed with a compelling BaaS offering based on a versatile and efficient architecture, strong cyber resiliency, and analytics. Disaster recovery (DR) and data management are, however, two areas ripe for improvement. Dell Technologies moved from a Mature/PlatformPlay Challenger to an Innovation Leader, thanks to a good balance between self-managed multicloud data protection (with PowerProtect), comprehensive cyber resiliency capabilities, and a great BaaS offering (now branded APEX Backup Services), based on its partnership with Druva.

Right outside of the Leader’s circle, Rubrik and Veeam are placed closely together. Rubrik has recently focused on improving its cyber resiliency capabilities and still offers an interesting data protection approach, but it is less scalable than some of its direct competitors. Veeam’s solution remains a popular and compelling option for large enterprises. However, stronger cyber resiliency capabilities are required for the enterprise market, and the absence of a direct BaaS offering might be offputting to customers looking for cloud-like consumption options (Veeam can be consumed as BaaS, but only through Veeam partners).

A third group of Challengers in the Innovation/Platform Play quadrant includes Acronis, Zerto, HYCU, and Asigra. While platform-oriented, these solutions often lack in some areas and require further improvements. Acronis offers a great feature set for this market segment with a strong focus on cyber resiliency. But its BaaS solution is currently limited, and some advanced features, such as Kubernetes support and data management, are missing. Zerto is still a reference point in DR and continuous data protection, with emerging data management features; however, proactive ransomware detection should be added.

HYCU proposes an interesting approach, with deep technological integrations for each support platform on the one hand, and a unified management experience on the other. It offers some BaaS capabilities and good support for Microsoft 365. Asigra’s solution proposes great value with strong cyber resiliency capabilities, ease of management, and good support for SaaS workloads. Some other areas remain underdeveloped, such as Kubernetes support, disaster recovery, and data management; these are all opportunities for further improvement.

IBM, Bacula, Arcserve, and Unitrends also offer a Platform Play approach, although built on more mature architectures. IBM has increased the pace of its data protection portfolio with IBM Spectrum Protect Plus, adding multiple capabilities such as BaaS for cloud-native workloads (SaaS apps and cloud storage), great Kubernetes support, and a promising roadmap. Bacula’s open-source foundation and strong modularity are particularly appreciated by large organizations that require a high level of customization, especially within complex environments such as the defense industry, at the cost of a steeper learning curve. Arcserve’s position has slightly improved due to the merger with StorageCraft. The technology remains mature; however, new features are gradually implemented, with immutability options to combat ransomware. Unitrends proposes a suite of products that offers disaster recovery as a service (DRaaS), SaaS application support, and BaaS capabilities, although some capabilities are still missing.

Among Feature Play solutions, Clumio continues to deliver strong data protection capabilities for Amazon Web Services (AWS) workloads, but still doesn’t offer any other options, confining the solutions to limited use cases. Barracuda has moved from last year’s niche area (Maturity/Feature Play quadrant) toward a more holistic approach and BaaS capabilities, which is now reflected in its Innovation/Feature Play position. The company has a promising roadmap that may gradually move it toward the Innovation/PlatformPlay quadrant, once new features are released and offerings are integrated further.

Inside the GigaOm Radar

The GigaOm Radar weighs each vendor’s execution, roadmap, and ability to innovate to plot solutions along two axes, each set as opposing pairs. On the Y axis, Maturity recognizes solution stability, strength of ecosystem, and a conservative stance, while Innovation highlights technical innovation and a more aggressive approach. On the X axis, Feature Play connotes a narrow focus on niche or cutting-edge functionality, while Platform Play displays a broader platform focus and commitment to a comprehensive feature set.

The closer to center a solution sits, the better its execution and value, with top performers occupying the inner Leaders circle. The centermost circle is almost always empty, reserved for highly mature and consolidated markets that lack space for further innovation.

The GigaOm Radar offers a forward-looking assessment, plotting the current and projected position of each solution over a 12- to 18-month window. Arrows indicate travel based on strategy and pace of innovation, with vendors designated as Forward Movers, Fast Movers, or Outperformers based on their rate of progression.

Note that the Radar excludes vendor market share as a metric. The focus is on forward-looking analysis that emphasizes the value of innovation and differentiation over incumbent market position.

5. Vendor Insights


Acronis CyberProtect, Acronis’ data protection solution, covers a broad range of systems: cloud compute instances, edge infrastructures, and SaaS applications. It can be deployed on-premises and in the cloud, or consumed as a SaaS application directly or through partners. It proposes a modular approach with base features and additional feature packs that customers can choose to enable with an additional license. This approach is praised by MSPs, which constitute one of the key markets for Acronis. It’s worth noting that Acronis provides two editions of its data protection solution: Acronis CyberProtect (for SMBs and enterprises), and Acronis CyberProtect Cloud (for MSPs and IT as a service enterprise).

The solution includes a simple and easy-to-use management interface; it also implements a complete and multitenant DR orchestration engine that takes advantage of Acronis’ continuous data protection capabilities and provides automated failover, testing of DR runbooks, and universal restore capabilities. In addition, it is capable of failing over to a malware- and ransomware-free restore point.

As a company, Acronis is intensely focused on cyber resilience across its entire product stack, delivering a multilayered security approach. Acronis’ data protection solution leverages an AI-driven engine that analyzes data in real time, detects anomalies, and is capable of determining whether data is being encrypted. This analytics engine is complemented by integrated antimalware scanning, vulnerability assessment capabilities, and other features. On the remediation side, immutable backups can be used with previously highlighted DR orchestration capabilities to recover from a ransomware attack.

Data management capabilities are limited, although Acronis has developed an interesting blockchain-based data notarization solution that validates whether restored data is a 100% match with backed-up data. This can be useful in legal cases, and the competition may later develop similar features.

Acronis offers a cloud storage solution branded Acronis Cloud. Provided through a BaaS model, this solution allows organizations to perform direct-to-cloud backups to a growing number of cloud regions worldwide, either on Acronis Cloud DCs or on Microsoft Azure or Google Cloud Platform (GCP).

The solution offers more than 50 third-party integrations and supports Microsoft 365 Cloud-to-Cloud backup and Google Workspace backup. Acronis has roadmap plans to build a new abstraction layer to facilitate plug-in integration in the future. Kubernetes support is currently lacking but on the roadmap.

Strengths: Acronis offers a solid data protection solution with a strong focus on cyber resiliency, great disaster recovery orchestration options, and broad ecosystem support. SaaS backup capabilities and the company’s cloud data center footprint are continuously growing. The solution is strongly focused on MSPs, providing a modular approach in terms of capabilities and licensing costs, with multitenant capabilities even at the DR level.

Challenges: Data management capabilities are limited, and Kubernetes support is currently absent.


Arcserve Unified Data Protection (UDP) offers proven and robust capabilities with multiple deployment options. Arcserve’s UDP solid architecture enables fast backup and recovery operations with two instant recovery methods: instant virtual machine (IVM) and virtual standby (VSB). IVM uses data reconstituted in real time from the data backup repository to create a VM, while VSB enables a fully formed image to be built as a warm standby in whatever environment the customer chooses. Global deduplication is another strength that provides value to distributed organizations with many data sources to be protected.

Arcserve UDP offers fast and reliable backup and recovery options. The UDP software is delivered as an on-premises solution, managed through an on-premises console. There is also a cloud-based backup solution, called Arcserve Cloud Hybrid, delivered as a service with the same look and feel as the on-premises console.

Arcserve partners with security vendor Sophos to build a solution that integrates UDP with Sophos Intercept X Advanced for Server to protect against ransomware. This advanced security protection with UDP is provided for both the cloud hybrid and the on-premises appliance-based solution. Since March 2021, any Arcserve UDP software-only deployment acquired under the Arcserve Universal License also offers this integration.

Arcserve UDP integrates with AWS S3 buckets and uses its Object Lock facility to deliver a cloud-based immutable storage repository. In addition, organizations can use Arcserve OneXafe scale-out storage appliances for on-premises immutable storage capabilities.

As with other data protection players, new capabilities to handle cloud workloads and SaaS applications are being added with a standalone Microsoft 365 SaaS backup product.

BaaS capabilities are delivered through Arcserve Cloud Direct for direct-to-cloud backup under a BaaS model and Arcserve Cloud Services, providing DRaaS capabilities to SMBs. There are no Kubernetes data protection capabilities currently.

Strengths: Arcserve is a mature solution with robust and flexible deployment options, including hybrid data protection capabilities and ransomware protection capabilities from Sophos Intercept X. OneXafe appliances also provide immutable storage, a foundational capability for recovering from ransomware attacks.

Challenges: Kubernetes, data management, and SaaS workload support capabilities are limited compared to what competitors offer in the large enterprise segment.


Asigra Tigris is a platform that uses multiple components, including an agentless data collector deployed on the LAN at the source location (single deployment per LAN) and a data repository manager. Users can store their data wherever they like, in the cloud, on-premises, or in a hybrid scenario. Additionally, it offers an integrated six-layer security stack focused on protecting backup data from ransomware.

Asigra Tigris is an agentless, multitenant, hardware- and OS-agnostic data backup solution. It supports backing up physical servers, VMs, enterprise applications and databases, desktops, laptops, Microsoft 365, Google Workspace, and Salesforce.

The Asigra Management Console offers a single pane of glass for MSPs or centralized IT departments to easily manage multiple customers or departments. It ensures backup operators have visibility of all customer backup data, including logs, reports, and notifications. MSPs can offer secure self-service capabilities to customers when needed, and multitenant and multitier architectures simplify deployment and management of an MSP’s customer. The MSP’s data repository is separated and uniquely encrypted for each customer.

Asigra doesn’t have a robust DR solution yet, but it has enhancements planned on the roadmap that should give customers a better DR solution.

Unlike solutions that depend on well-known ransomware protection capabilities, immutability, and air-gapped backups, Tigris goes much further, proactively hunting threats with bidirectional antimalware scanning and advanced multifactor authentication. Asigra’s cybersecurity module includes bidirectional malware scanning to detect advanced ransomware attacks that penetrate immutable and air-gapped backups. Deep multifactor authentication (MFA) protects against credential theft and is a critical strategy used in ransomware 2.0 attacks.

The Asigra Management Console offers basic data management capabilities including GDPR certificates that can be generated when PII data is deleted from the backup repository to comply with the end user’s “right to be forgotten.”

Asigra offers support for deploying the DS-Client data collector in Docker containers, but there’s no talk of Kubernetes support as its customers have not yet demanded it.

Asigra has always focused on supplying a secure multitenant solution, which is a perfect fit for MSPs that offer BaaS. Ease of management and a centralized console allow a service provider to handle multiple customers easily. Additionally, the advanced security features provide next-gen ransomware protection that can be offered easily to BaaS customers.

The solution supports backups of on-premises physical or virtual machines and multiple types of databases, application servers, and file storage servers. It also supports SaaS apps like Microsoft 365, Google Workspace, and Salesforce, and can send backup data to any public or private cloud with the option of storing it on-premises.

Strengths: Asigra has a balanced and secure offering for MSPs and end users. The solution has been around for a long time and has proven successful, especially in the MSP market, where multitenancy and ease of management are important elements.

Challenges: Asigra still has some work to do when it comes to data management, DR, and Kubernetes support. These capabilities are becoming increasingly prevalent in modern-day IT environments, and Asigra customers would benefit from having them supported.


Bacula Systems offers a modular data protection solution tailored for the high-end enterprise segment. The solution is highly scalable, ranging from single-node systems to those consisting of thousands of nodes. Originally started as an open-source solution heavily focused on the Linux ecosystem, Bacula gained popularity among large, Linux-focused organizations in verticals such as biotechnology, military, fintech, and research (particularly for HPC), as well as with CSPs/MSPs.

The solution is highly customizable and will meet flexibility requirements of large organizations. It is, however, very Linux-centric and less suited for predominantly Microsoft-centric organizations.

Bacula offers a rich management console with detailed insights and reporting capabilities. Organizations can monitor backup effectiveness (including overall deduplication), backup storage usage and performance, information about protected objects, and so on. The same information can also be queried through a command-line interface (CLI).

DR orchestration is flexible and relies on scriptable recovery tools. It encompasses various recovery capabilities including VM image and container levels, database and application levels, cabinet volume, and file level. It also allows recovery on alternative infrastructures, including in the cloud. Image conversion is not yet available, but is on the roadmap.

From a cyber resilience perspective, Bacula currently offers an antivirus plug-in, immutable backup on AWS, in-flight and at-rest encryption, and comprehensive security hardening measures—including automated system checks, volume protection (both immutable and append-only), and tape encryption. It also implements powerful intrusion detection systems that can operate independently from backup and restore operations. This system can identify hostile modifications and track changes made on files. Roadmap security capabilities include security information and event management (SIEM) integration, automated malware and ransomware scans during backup and restore operations, and new encryption techniques.

The solution includes basic data management capabilities such as indexing, search, and data classification. It also provides an open application programming interface (API) that external data management solutions can use.

Bacula supports both Kubernetes and Red Hat OpenShift. Besides persistent volume claims (PVCs), the solution can also back up other resources such as services, pods, and deployments, delivering comprehensive data protection and restore capabilities. It also offers native integration to Swift object storage.

Thanks to its modular, plug-in-based architecture, Bacula supports many operating systems, multiple hypervisors, SaaS applications (currently Microsoft 365), and databases, including mission-critical systems such as Oracle and SAP/SAP HANA. Support for Google Workspace and Salesforce is on the roadmap.

Although Bacula itself doesn’t offer its data protection solution through a BaaS model, the solution can be used by CSPs and MSPs to implement their own BaaS solutions.

Strengths: Bacula offers a modular and scalable data protection solution with extensive platform and application support. It’s highly flexible and will fit the needs of large, demanding organizations requiring an extremely customizable solution that can integrate seamlessly with complex environments. Great Kubernetes support is available.

Challenges: Bacula can deliver outstanding value but organizations must take into account initial deployment complexity and the need for Linux expertise. SaaS support and data management capabilities are currently limited. Cyber resiliency lacks ransomware detection. This is not a first choice for heavily Microsoft-oriented environments.


Barracuda is a well-established data protection company with a mature solution that, while primarily appealing to SMBs, also has a significant footprint with MSPs. Its two products are Barracuda Backup (for on-premises workloads) and Cloud-to-Cloud Backup (for SaaS workloads).

Barracuda Backup offers flexible deployment options (software-only or physical appliance) and cloud-based management. The solution provides comprehensive data protection coverage for a broad range of use cases, with ample replication possibilities, instant VM recovery, and good data efficiency, thanks to inline deduplication. Organizations also can use Barracuda cloud storage as a DR target, with six regions currently supported.

The solution includes a cloud-based management interface branded Barracuda Cloud Control, which offers ease of use and an overview of all Barracuda Backup and Barracuda Cloud-to-Cloud Backup deployments; the user interfaces are slightly different, however, both solutions are managed from the same UI with a single login. Barracuda can perform a cloud live boot for disaster recovery, but orchestration capabilities are a work in progress.

Security is a strong focus for Barracuda. Beyond backup and recovery, the company has a holistic data protection strategy and a broad product portfolio covering multiple functional areas, notably in network and application security. Barracuda has built a very solid ransomware protection solution into its data protection products, which works well on its own and even better when integrated with other Barracuda security products to provide a multilayered data protection approach.

Lately, Barracuda has focused on building a solid SaaS backup solution (Barracuda Cloud-to-Cloud Backup) and adding ransomware protection features to its products. Currently, only Microsoft 365 is supported (across 10 regions worldwide), but the company is working on adding more SaaS capabilities soon. BaaS support is currently available only for Barracuda Cloud-to-Cloud Backup.

Data management capabilities are available through Data Inspector, Barracuda’s classification engine used to identify sensitive data, support regulatory compliance, and identify malware or ransomware. Kubernetes support is currently lacking.

Strengths: Barracuda offers a very good feature set that can be interesting for cloud or managed service providers, with a strong focus on security and multilayered protection against ransomware across its product line.

Challenges: SaaS capabilities remain limited. Disaster recovery orchestration capabilities need to be improved. Kubernetes support is lacking.


Clumio is a true SaaS solution that does not require managing or deploying any AWS resources to start using it. It’s a consumption-based service with infinite scale built in; users can start small and then scale to protect massive amounts of data without planning or management—it’s all seamlessly handled by the platform. The onboarding process is simple; users can start protecting their AWS assets in 15 minutes or less.

Clumio enables fast backup by automating the entire process through global policies across different AWS assets and accounts. Using massive serverless compute resources in parallel to run backup jobs and do incremental backups, reduces the backup window significantly. Just as important as fast backups, Clumio also enables quick recovery to ensure business continuity. An intuitive calendar view provides a quick and simple way to find recoverable data (snapshots, instances, files, records, and so forth) and restoring the data takes just a few clicks. By enabling rapid and granular data recovery, Clumio reduces recovery times significantly to meet low recovery time objective (RTO) and recovery point objective (RPO) service level agreements (SLAs).

The Clumio platform is designed with a security-first mindset. Backups are saved to SecureVault, a Clumio service for ransomware protection of Tier 1 applications that is independent of and separated from the user’s AWS account. This provides true turnkey air-gap functionality and protection against ransomware and other attacks, with indexing and granular file recovery features. Backups are immutable, and to safeguard against bad actors, there’s no delete option and all data processing and storage is handled with end-to-end encryption. Additionally, in August 2022, Clumio will launch its SecureVault Lite offering, offering a simpler feature set and a more compelling price point for less critical workloads. The platform also complies with the latest security certifications and standards, such as ISO, HIPAA, PCI, and SOC 2.

Clumio recently released Clumio Protection Group functionality for Amazon S3 that provides comprehensive data protection coverage, filling gaps left by S3 versioning and replication. Now, users can selectively back up only important S3 objects within a bucket, providing much-needed data classification capabilities. This sorting results in a much more efficient and optimized backup, providing big TCO savings to users. This data classification feature proves to be a powerful advantage when recovering data. Using global search and browse functionalities, users can granularly recover S3 objects instead of recovering entire buckets and laboriously going through the different objects to find the right ones. Faster recovery means business continuity remains undisrupted.

Clumio focuses heavily on AWS, and support for VMware Cloud on AWS is included. Clumio’s strong bond with the AWS ecosystem makes the solution best suited for organizations with a cloud-first approach in which AWS is the preferred cloud provider. At this time, the solution is suitable primarily for customers in the US market. The vendor is rapidly adding support for key data services with regular new features. It’s interesting to note that backup for Microsoft 365 is also available.

Clumio Discover, a utility launched in the second half of 2021, is the perfect companion for this data protection solution. It enables users to analyze their entire environment, identify unprotected systems, and do an effective cost analysis on top of current and hypothetical backup policies. Through a simple dashboard, users can see their ransomware risk profile and actionable insights to reduce those risks.

Strengths: Clumio is specifically designed for cloud-native applications and workloads. It’s an easy-to-use SaaS application, and the company plans to build a data protection and data management platform.

Challenges: The notable lack of disaster recovery capabilities and Kubernetes support is a concern in the enterprise segment. As a cloud-first company, support for public cloud vendors other than AWS is lacking. The current focus on the US market limits broader adoption.

Cobalt Iron

Cobalt Iron offers a unified data protection platform branded Compass and delivered through a BaaS consumption model. The solution is primarily implemented through one or more Cobalt Iron Accelerator physical, virtual, or cloud appliances that provide management and storage capabilities (from a few TBs to more than 4 PBs per Accelerator appliance, with no limit to the number of appliances).

Because Accelerator appliances come as a service, sizing and deployment are included in the subscription fees. At edge locations, Accelerators can be deployed as virtual appliances to reduce the infrastructure footprint. In addition, Cobalt Iron supports AWS, Azure, Google Cloud, IBM Cloud, and Alibaba, with Compass Cloud Accelerators delivered as public cloud images.

The solution is managed through an intuitive cloud-based Commander interface that provides an overview of backup operations and environmental conditions. It’s also used to configure data protection policies and is backed by advanced analytics with extensive data collection and monitoring. The analytics engine also provides predictive analytics with trends, out-of-space projections, and future capacity modeling based on past growth rates.

Some disaster recovery capabilities exist, but disaster recovery orchestration is only partial because automation doesn’t cover all the steps of a DR workflow. Cobalt Iron usually assists customers with DR testing and recovery activities.

Cobalt Iron provides strong cyber resiliency features at both the predictive and remediation levels. Cyberattack detection includes monitoring multiple anomalies and abnormal behaviors, including baselining the normal environmental behavior and observing deviations. These capabilities are regularly improved and made available to customers. The architecture includes isolation and strengthened security measures, and backups are immutable, with the ability to place data in multiple locations.

Compass integrates some data management features, primarily related to policy-based backup management. These can be used to enforce data locality requirements and generate reports about adherence to policies. The solution also supports Kubernetes and Red Hat OpenShift through an integrated technology module.

In addition to virtualization platforms and cloud systems, a broad set of platforms and applications is supported, including mission-critical databases (Oracle, DB2, Informix, SAP R3, SAP HANA, and others) and a very comprehensive range of operating systems, going beyond x86 operating systems to systems such as AIX, HP/UX Itanium, Solaris SPARC, and IBM i.

Strengths: Cobalt Iron proposes an optimized and strongly secure data protection solution delivered as a service. It has robust ransomware protection mechanisms, advanced analytics, and comprehensive workload support, including Kubernetes.

Challenges: Disaster recovery orchestration and data management are two areas that require improvements. Although consumed as BaaS, when deployed as physical appliances, Compass would have a data center footprint impact.


Cohesity offers a compelling solution that meets data protection, cyber resiliency, and data management challenges in hybrid cloud scenarios.

The solution offers a comprehensive analytics engine that delivers a unified view through self-managed and BaaS deployments. It provides anomaly detection, user activity alerting, and warns of data ingest anomalies. It delivers predictive capacity modeling and alerting based on historical trends, plus the ability to perform simulations based on Cohesity learning models. This feature allows administrators to perform fine-tuned, “what-if” analysis that considers sensitivity factors for burstiness and workload seasonality. Other analytics capabilities include proactive fault isolation for sick or underperforming nodes and proactive support case opening.

Disaster recovery orchestration is supported via Cohesity SiteContinuity, a fully fledged solution that converges backup, continuous data protection, and automated failover and failback orchestration with a unified policy engine. Failover can be performed either on self-managed data centers or to a Cohesity-managed environment in the cloud, effectively providing a DRaaS option.

The solution includes strong cyber resiliency features, such as ML-based early detection of attacks gleaned from data changes against normal patterns, using several criteria. Cohesity also supports immutable snapshots and protects against attempts to modify them. The solution implements various techniques to prevent network time protocol (NTP) attacks that could be used to artificially expire immutability flags on locked datasets. It also enforces strong multifactor authentication with quorum-based approval for sensitive actions in the environment. Cohesity also offers its FortKnox isolated data vault, a secured cloud air gap solution delivered as a service.

Cohesity will soon introduce Cohesity DataGovern, a SaaS data management offering that will help identify and reduce security and compliance risks by leveraging source-side anomaly detection, data classification, and threat shields. Cohesity Spotlight gives customers visibility into who has access to what data and for how long, making the solution suitable for auditing and compliance.

Kubernetes data protection is present with VMware Tanzu and OpenStack currently supported, and more distributions on the roadmap. The solution supports autodiscovery and protection through labels, which can also be used to include or exclude namespaces. It protects data and the application state, delivering flexibility in what the customer wants to protect, whether entire Kubernetes clusters or specific resources.

Organizations can consume Cohesity through a BaaS model, with broad workload support including cloud workloads (Microsoft 365, AWS EC2, AWS RDS), virtual environments (VMware), databases (Oracle, SQL), physical servers (Windows, Linux), and NAS systems (NetApp, Isilon). The solution was available only in the US a year ago, but is now offered in 10 regions worldwide.

When running the self-managed version of Cohesity DataProtect, customers can protect a wide range of data sources that would be tedious to fully enumerate.

Strengths: Cohesity offers a comprehensive and coherent data platform that includes strong data protection features, remarkable cyber resiliency capabilities, and a growing set of data management features, all managed under a single umbrella.

Challenges: Kubernetes support is expected to grow but is currently limited. Isolated Data Vault (FortKnox) has been recently released.


Commvault is one of the few providers whose data protection solution can manage and protect a broad ecosystem of workloads across physical servers, VMs, the cloud, containers, SaaS, and more. The solution goes beyond data protection and extends into security and data management. Organizations can choose either an on-premises, self-managed consumption model, or a full BaaS approach with Metallic SaaS. The portfolio also includes storage capabilities with HyperScale X appliances or Commvault Distributed Storage.

Management and analytics capabilities are delivered through the Commvault Command Center, providing a unified experience across the Commvault portfolio, and full management of the Metallic BaaS offering. The solution is API-based, and all activities can be automated through API calls.

Disaster recovery is handled through Commvault Disaster Recovery, a product that delivers complete DR orchestration capabilities across platforms, locations, and clouds. This solution implements DR scripting, one-click failover and failback, and automated detection of outages. Commvault also partners with MSPs to deliver this capability through a DRaaS model. It’s worth mentioning that Commvault Disaster Recovery can be purchased bundled with Commvault Backup & Recovery in the Commvault Complete Data Protection offering.

Cyber resiliency capabilities are delivered through the Data Security Intelligent Data Service, which includes AI/ML-based anomaly detection and alerting capabilities. In addition, Metallic SaaS includes Metallic ThreatWise, which leverages recently acquired TrapX technology for integrated cyber deception and ransomware detection, including AI/ML-based anomaly detection across the live file system and backup jobs. Alerting capabilities and honeypots further aid in the detection and neutralization of threats. On the remediation side of cyber resiliency, the solution implements immutable backups and can also leverage immutable cloud-object repositories as a target for backups. Finally, organizations can leverage the Metallic SaaS solution to store immutable backups in the cloud.

The company provides a comprehensive data management experience with the Data Insights Intelligent Data Service. The solution offers ML-driven insights to enable other services such as data governance and compliance, which is oriented towards regulatory and privacy matters. The service can go beyond backup data to include production data in its analysis. Customers can proactively identify sensitive data (PII, for example) and act on it.

Another module allows relevant stakeholders to respond to disclosure and legal requests related to e-discovery and compliance, with automated workflows for compliance tasks. The solution also includes an auditable chain of custody that demonstrates adherence to compliance processes. In addition, the File Storage Optimization service can leverage this data to enforce and automate policy-based data placement decisions.

Commvault supports all CNCF-certified distributions, including cloud services (Google Anthos, Azure AKS, Amazon EKS, Google, GKE), and on-premises Kubernetes distributions (Red Hat OpenShift, VMware Tanzu). The solution offers comprehensive Kubernetes protection beyond the storage layer and autodiscovery for applications and containers.

Commvault delivers a best-in-class BaaS experience with Metallic. The solution offers a broad set of services, including excellent cyber resiliency features and regulatory compliance. It supports a very broad range of platforms including multicloud, databases, unstructured data, Kubernetes, and SaaS applications, making it perfectly capable of replacing a traditional on-premises data protection solution for most use cases. The solution is currently available in 32 countries worldwide.

The breadth of the solution is extensive and covers multigenerational workloads, whether on-premises, in the cloud, or modern SaaS applications, and includes mission-critical applications such as SAP and Oracle. It also extends to Kubernetes workloads, both on-premises and in the cloud.

Strengths: Commvault delivers a comprehensive hybrid cloud data protection portfolio with excellent data management and cyber resiliency capabilities. It also offers one of the best BaaS solutions available in the market with Metallic, an offering that’s constantly growing its services and available locations.

Challenges: Commvault is often perceived as a complex solution due to its comprehensive feature set (which can lead to time-intensive deployments, training, and so on); however, the company is working on changing this perception, both through Metallic and improvements to its Command Center.

Dell Technologies

Dell Technologies delivers data protection capabilities through PowerProtect Data Manager, a self-managed, next-generation hybrid cloud data protection software solution, and APEX Backup Services (formerly PowerProtect Backup Service), Dell’s BaaS offering based on Druva technology. Both target a broad spectrum of customers and can cater effortlessly to the needs of large enterprises, particularly when used with Dell EMC PowerProtect DD appliances.

PowerProtect Data Manager and APEX Backup Services can be managed through a common management console that enables data protection orchestration and self-service backup and restore operations. The dashboard provides various insights around job status, assets and their protection status, overall system health, SLA adherence, capacity consumption, and space optimization status. The solution can also configure alerts and generate reports.

DR is provided with PowerProtect Data Manager through Cloud Disaster Recovery, an included solution that leverages public clouds as secondary DR sites for cost-effective DR operations with VMware environments, either on-premises or on public clouds. The solution supports AWS, Azure, and GCP, as well as their government-focused counterparts, and offers DR orchestration capabilities.

Dell PowerProtect Cyber Recovery enhances PowerProtect Data Manager with a host of cyber resiliency capabilities to prevent and recover from ransomware attacks. The solution includes an ML detection engine (CyberSense), which identifies suspicious activity and monitors data integrity. It also provides data immutability with an additional layer of security and controls, and allows the creation of an air-gapped backup vault. PowerProtect Cyber Recovery also implements other features such as NTP tamper protection to prevent premature expiration of immutability flags.

Organizations can use PowerProtect Data Manager to protect Kubernetes in AWS, Azure, and Google Cloud; to protect Kubernetes clusters in multicloud environments; and protect EKS, AKS, and GKE. PowerProtect Data Manager builds on top of the open-source Velero platform to provide a data protection solution that enables application-consistent backups and restores and is always available for Kubernetes workloads, VMware hybrid cloud environments, and Tanzu modern applications.

PowerProtect Data Manager enables the protection of traditional workloads, including Oracle, Exchange, SQL, SAP HANA, AIX, and file systems, as well as Kubernetes containers and virtual environments.

Dell Technologies also offers a BaaS solution to its customers with APEX Backup Services (formerly PowerProtect Backup Service). The solution is based on Druva’s technology and supports a diverse set of workloads, including SaaS applications (Microsoft 365, Google Workspace, Salesforce), desktops, laptops, mobile devices, and hybrid workloads (virtualized environments, databases, file servers, and NAS). It also includes several compliance and governance capabilities such as federated search, automated compliance, legal hold, long-term retention, and reporting capabilities.

Strengths: Dell Technologies delivers a modern data protection experience with PowerProtect Data Manager and APEX Backup Services. PowerProtect Data Manager, combined with PowerProtect Cyber Recovery, delivers comprehensive multicloud data protection and cyber resilience capabilities, while APEX Backup Services provides SaaS data protection and a strong set of compliance and governance features, thanks to the partnership with Druva.

Challenges: Although Dell Technologies offers two compelling data protection solutions, they are based on a different technology. This can be a challenge for growing organizations looking at unifying their data plane, particularly for advanced data management use cases. There are no particular data management capabilities in PowerProtect Data Manager.


The Druva Data Resiliency Cloud provides centralized protection and management across end-user and enterprise data sources and is offered under a BaaS model. By unifying distributed data across endpoints, data center workloads, AWS workloads, and SaaS applications, organizations have a single place to manage backup and recovery, disaster recovery, archiving, cyber resilience, legal hold, and compliance monitoring. This unification minimizes data risks and ensures continuity for employee productivity.

The solution offers an easy-to-use, feature-rich management console that provides useful metrics and statistics. Druva’s dashboards give users summary level information and federated search capabilities (including e-discovery and legal hold queries), but also provide storage insights and recommendations.

Cloud Disaster recovery is provided for VMware vSphere, VMware Cloud, and AWS workloads. Druva allows organizations to orchestrate DR in the cloud with “one-click,” policy-driven failover and failback. The feature is available in all AWS regions, offering an RPO of up to an hour and RTO in minutes. For AWS workloads, EC2 and RDS resources, along with their associated VCP settings, can be recovered across AWS regions or accounts for improved business continuity. Druva also makes validating and testing DR plans easy and offers an end-to-end, automated, non-disruptive testing capability for AWS workloads.

Druva implements multiple cyber resiliency capabilities. It monitors unusual data activity using its AI/ML-based anomaly detection engine to proactively identify potential ransomware attacks. It also implements an accelerated ransomware recovery feature that performs quarantine and orchestrated recovery and allows the recovery of curated snapshots.

Legal hold, e-discovery, and compliance features (GDPR, CCPA, and others) are a great plus in data management, as regulations apply to small, medium, and large businesses. Druva helps legal teams save on cost and time on legal hold and e-discovery by silently collecting and preserving data in place as part of the backup process. Pre-culling, audit trails, and API integrations with tools like Exterro make it easy to prepare and present data during litigation proceedings. Druva also makes it easy to stay compliant with both prebuilt and customizable templates to identify and manage sensitive data using powerful federated search. Administrative, security, legal, and forensic teams can conduct global metadata searches across workloads, including Microsoft 365, Salesforce, Google Workspace, and endpoint devices. Various attributes, such as email-related information, can be used to search.

The solution also delivers application-centric Kubernetes data protection for AWS-based cloud-native applications, on Amazon EC2 or EKS. Druva supports application discovery, allowing it to back up application groups and namespaces while also protecting underlying storage on EBS. It also offers customizable long-term retention options and provides granular recovery options, application mobility across regions, and centralized, policy-based Kubernetes data protection management.

Druva was one of the first data protection solutions built with a BaaS mindset. The service is 100% cloud-native, with a user-centered design and a microservices architecture that provides a simple experience with infinite scale. The outcome is a straightforward cloud consumption model with different service tiers.

Besides traditional on-premises workloads (virtualization, databases, edge endpoints) and SaaS applications (Microsoft 365, Google Workspace, Salesforce), the company protects one of the most comprehensive sets of AWS services. This coverage, combined with Druva’s consumption model, makes Druva ideal for organizations with a “cloud first” and OPEX-oriented IT infrastructure spend strategy.

Strengths: As a very well-designed platform with innovative features, Druva provides strong data management capabilities and ease of use under a BaaS consumption model. Druva is ideally suited to organizations with a cloud-first approach to the AWS ecosystem. It has excellent e-discovery and compliance features and offers strong cyber resiliency capabilities.

Challenges: The solution is not ideal for customers with large amounts of data that must be maintained on-premises (over 100 TB) or legacy workloads (such as Solaris, DB2, and others). While Druva supports protecting files and databases across multiple clouds, the lack of native VM support for Microsoft Azure and GCP is a concern.

HPE (Zerto)

Hewlett Packard Enterprise (HPE) acquired Zerto in September 2021, and the Zerto division is now officially branded “Zerto, a Hewlett Packard Enterprise company” (shortened hereafter to Zerto for readability). This report focuses only on the Zerto capabilities of the HPE portfolio. Zerto offers well-designed and efficient DR and backup features ideal for the enterprise market. It is rapidly evolving from a feature-oriented solution toward a platform-oriented approach with central management capabilities. The solution is granular and flexible, setting the standard for advanced DR capabilities. Its robust DR orchestration offers ample workload recovery options, including different target on-premises and cloud platforms.

Zerto offers a SaaS-based analytics platform branded Zerto Analytics. This platform provides monitoring capabilities that include capacity and performance metrics, adherence to SLAs, and a dashboard showing protected sites and applications. It also offers predictive analytics in compute, storage, and network resources needed to keep up with growth in data protection requirements, and provides “what if” modeling capabilities. Furthermore, CSPs and MSPs can use the analytics platform to segment the overview and metrics through filters for each tenant. Some data management capabilities are also offered by Zerto Analytics, such as compliance reporting for PCI, ISO, HIPAA, SEC, SOX, and GDPR.

Disaster recovery orchestration is the essence of Zerto’s solution. Combined with continuous data protection, Zerto DR provides the ability to create comprehensive DR orchestration with visual workflow creation. It also allows testing of failover and failback, and the ability to select failover and recover points in time. In addition, the most advanced organizations can take advantage of Zerto’s REST API to further automate DR activities.

From a cyber resiliency perspective, Zerto offers data-at-rest encryption and immutable storage capabilities for long-term retention of copies. For infection and ransomware protection, Zerto relies on its journaling architecture and point-in-time backups to restore an environment to a time before the infection happened.

Zerto proposes a compelling Kubernetes data protection solution that runs on Kubernetes and offers multiple deployment modes. Zerto for Kubernetes is application-centric, handling not only the storage layer of a containerized application but also all associated services and dependencies. This approach enables data mobility and ensures the applications can be restored in any environment. In addition, Zerto for Kubernetes integrates into application lifecycle management processes with a “Data Protection as Code” approach.

The solution supports diverse workloads such as virtualized environments (VMware vSphere and Microsoft Hyper-V), containers, cloud workloads, and Microsoft SQL Server. SaaS data protection capabilities are available through Zerto Backup for SaaS, a service powered by Keepit, a SaaS data protection specialist. The service supports Microsoft 365, Salesforce, Google Workspace, and Microsoft Dynamics.

Compared to its competitors, Zerto doesn’t offer any BaaS capabilities, but instead indirectly proposes DRaaS through certified service providers.

Strengths: Still a reference point in terms of continuous data protection and disaster recovery orchestration, Zerto has put a lot of effort into building a compelling SaaS analytics platform. It also proposes a great application-centric, Kubernetes-native data protection solution.

Challenges: Ransomware protection capabilities rely primarily on recoverability, while proactive detection is lacking. Data management capabilities are nascent and could be improved given the breadth of scope of the SaaS analytics platform.


HYCU offers data protection capabilities through HYCU Protégé. The solution provides deep integration with every platform it supports, whether on-premises or in the cloud, using architecture native to each supported platform, such as Nutanix, Google Cloud, Azure, VMware, and AWS. It implements an agentless, application-aware, and multitenant solution that offers elastic scalability.

The solution has an intuitive management interface that shows several metrics, such as target capacity utilization, and compliance with backup policies including SLA adherence. It can inform users if applications and resources are unprotected and generates reports on metrics, such as capacity consumption and showback of departmental usage of resources, for further analysis.

Disaster recovery capabilities cover on-premises workloads and AWS workloads, enabling DR from AWS to on-premises, or between AWS regions. This functionality includes the re-imaging of on-premises workloads to the cloud or in the opposite direction. Later in 2022, HYCU will also implement a one-click, cross-cloud migration and DR feature.

From a cyber resiliency standpoint, the solution leverages cloud-based immutable object stores on AWS, GCP, or Azure, and prevents backup deletion. The company proposes a free “R-Score” ransomware protection readiness assessment that helps organizations assess their security posture and suggests mitigation strategies.

HYCU Protégé also supports Kubernetes workloads with application-aware protection, including storage resources and application dependencies. This protection can be consumed either through a subscription or as a service.

HYCU offers a BaaS solution that supports three workload types: Kubernetes environments (as seen above), public clouds (AWS, Azure, GCP), and Microsoft 365. These can be managed from a single pane of glass and the service comes without egress fees. The Microsoft 365 offering also includes Microsoft Teams support. It allows granular recovery of objects and supports data compliance requirements by providing e-discovery features such as audit trails, retention policies, legal holds, and data analytics around email correspondence. In addition, the solution protects Microsoft 365 data in the same native Microsoft 365 regions, enforcing and respecting data sovereignty laws.

The breadth of the HYCU solution covers virtualization environments, public clouds, Nutanix, Microsoft 365, Kubernetes, and Dell Technologies PowerScale (Isilon). Specific support for databases, physical systems, or other environments is missing.

Strengths: Native, deep integration with the supported platforms and laudable Microsoft 365 data protection implementation are strong points. The solution offers a BaaS consumption model that includes SaaS applications (Microsoft 365 currently) and cloud workloads.

Challenges: Besides e-discovery capabilities of the Microsoft 365 BaaS offering, there are no particular data management capabilities. SaaS data protection is currently limited to Microsoft 365.


IBM offers multiple data protection products under its IBM Spectrum Protect Suite. Among these, IBM Spectrum Protect Plus provides a flexible solution for enterprises, particularly when used with the other IBM Spectrum Protect Suite components.

At the analytics level, IBM Spectrum Protect Plus provides a simple and intuitive management interface. However, advanced data insights are available either through IBM Spectrum Sentinel (for cyber resiliency, available Q2 2022) or through IBM Spectrum Discover.

Although there’s no native disaster recovery orchestration capability in IBM Spectrum Protect Plus, the IBM Spectrum Protect Suite contains IBM Spectrum Copy Data Management, a solution that automates snapshot replication and offers control over testing and cloning use cases, instant recovery, and full disaster recovery. The solution also leverages native snapshot capabilities from IBM FlashSystem arrays to accelerate data copy and replication operations. CDM supports IBM SVC, IBM Spectrum Virtualize, Pure Storage, and NetApp storage systems.

Cyber resiliency capabilities include a layered approach that is balanced among proactive detection capabilities, basic security features, and ransomware recovery. Proactive detection capabilities currently rely on integration with SIEM platforms such as QRadar for log monitoring and analysis. Another interesting feature is the implementation of strong multifactor authentication controls and zero-trust capabilities such as dual control, by which two individuals must approve the execution of destructive actions. Immutable data copies and object lock are also supported.

IBM recently announced (June 2022) the availability of IBM Spectrum Sentinel, a solution that builds upon IBM Safeguarded Copy and uses anomaly detection and machine learning to identify potential threats. Spectrum Sentinel can create immutable, application-specific snapshots on primary storage, and orchestrate recovery from verified and validated backup copies. In this first release, support is limited to Caché and Iris databases used by the EPIC healthcare system. IBM plans to support additional workloads with SAP HANA in the second half of 2022 and other major databases in 2023.

Data management capabilities are currently provided through another product of the IBM solutions portfolio, IBM Spectrum Discover. This solution can be used to identify, organize, and classify Spectrum Protect backup data.

Spectrum Protect Plus implements a mature Kubernetes data protection feature that supports vanilla Kubernetes environments and Red Hat OpenShift. It includes automated discovery of resources, policy-based snapshot management for PVCs, the ability to protect etcd and Kubernetes metadata, and has centralized or policy-based SLA management with disaster recovery capabilities.

A native IBM BaaS solution branded IBM Spectrum Protect Plus Online Services is currently available, but focuses only on Microsoft 365 (including Microsoft Teams). It also reports and monitors data protection status for the various Microsoft 365 components. The service runs on Microsoft Azure data centers and allows customers to leverage self-managed storage, either on-premises or in public clouds. IBM’s roadmap includes support for Salesforce, Azure AD, Microsoft Dynamics, and Google Workspace. The company is also planning to expand geographic coverage of its BaaS solution.

Organizations seeking more comprehensive BaaS capabilities can take advantage of a partnership with IBM and Cobalt Iron, although Cobalt Iron’s Compass solution is tailored more for the enterprise market. Alternatively, IBM also partners with third-party MSPs to deliver its solution through a BaaS model.

In addition to BaaS support for Microsoft 365, Spectrum Protect Plus protects common workloads (including physical, virtualized, AIX, and containerized environments), as well as cloud workloads on AWS, Azure, and IBM Cloud.

Strengths: IBM Spectrum Protect Plus offers a robust data protection solution with a modular approach, allowing organizations to start small and grow their feature set as needed. Kubernetes support is a strong differentiator, while other features are being actively developed and/or expanded. The roadmap is promising for SaaS solutions support and cyber resiliency.

Challenges: Although IBM offers a comprehensive data protection suite, integration between the various components could be improved.


Rubrik is one of the newer data protection companies introducing fresh approaches to data protection. Its product portfolio is quickly evolving to cover an increasing number of applications and workloads, with a flexible architecture that enables users to design hybrid-cloud infrastructures efficiently. Rubrik provides protection for on-premises, cloud, and SaaS offerings and is scalable to meet the needs of enterprise environments. The product is easy to use and provides its customers with a well-balanced and usable protection tool.

Enterprises can run Rubrik through appliances on-premises, as software on qualified hardware, or in the cloud. With Rubrik, you can search for a backup and then select the right point in time to recover from for near-zero RTOs, minimal business interruption, and near-instant recovery.

Rubrik stores all data in an immutable format that prevents ransomware from accessing backed-up data. Additional security measures include MFA, zero-trust cluster design, and retention lock support. With Rubrik’s Radar, data is proactively analyzed and flagged when any unusual activity occurs.

Rubrik provides its customers an easy-to-use data protection tool with a centralized management user interface (UI) that allows the expansion of the infrastructure across on-premises and cloud environments. It is flexible, with a modern approach to data protection and a growing number of features for data governance and basic data management.

Compared to its direct competitors, Rubrik is still a bit lacking in data management and data governance, although the Polaris SaaS product is updated regularly. The suite of data governance and management features is still limited, and even though the ecosystem is quite large, the tools for in-depth data analysis are lacking compared to the competition.

Strengths: The ease of use of the Rubrik tooling and its integration with the cloud and applications provide a flexible and scalable platform that helps enterprises protect their data. Also, a huge focus on data security is beneficial to organizations.

Challenges: Although Rubrik has a great solution, its development seems slow and steered more directly toward cybersecurity than its main competitors. Some features, especially on the data management side, are still lagging.


Unitrends offers a suite of data protection solutions delivered either through backup appliances (Recovery Series) or software-based solutions such as Unitrends Backup Software, and a portfolio of complementary solutions for DRaaS, SaaS backup, ransomware recovery, and more.

These solutions are managed by UniView, a centralized platform that can manage backup and recovery solutions for an organization’s data centers and endpoints, as well as Microsoft 365 and Google Workspace. UniView is a SaaS-based management platform that provides UI and API integration across three best-of-breed approaches to backup and recovery. With UniView, enterprises can manage these backup and recovery solutions easily from one elegant portal.

From a DR perspective, Unitrends DRaaS delivers rapid spin-up of critical systems and applications in the secure Unitrends Cloud, at a significantly lower cost than building and managing self-owned, offsite DR sites. It also protects AWS or Azure cloud workloads with automated failover, failback, and integrated VM conversion.

Cyber resiliency capabilities combine proactive detection on Unitrends backup appliances with an AI engine that runs during every backup and analyzes the randomness of file changes to identify backups infected by ransomware. Upon detection, email and dashboard alerts are provided, and suspect backups are flagged. The solution also supports immutable backups when Unitrends Cloud is used to offload backups in the cloud.

Unitrends offers its own BaaS solution, which offers geo-redundant cloud data centers built for resilience with cutting-edge, self-healing hardware and software that detects and corrects issues even before they arise. Automated application-level recovery testing and proactive monitoring by cloud experts keep Forever Cloud running at optimal efficiency and availability. Customers can also use MSP partners for this purpose, and with DRaaS Unitrends, can eliminate the need for a second data center.

At the moment, Unitrends doesn’t offer support for Kubernetes, nor does it provide any data management capabilities.

Strengths: Unitrends offers a capable suite of products in its data protection portfolio with noteworthy cyber resiliency features, DRaaS, and a BaaS offering that includes support for SaaS workloads. The solution also provides options for MSPs.

Challenges: Several capabilities, such as Kubernetes and data management, are lacking. Ransomware detection is currently available only on physical appliances. Although managed centrally by Uniview, Unitrends’ approach is more that of a portfolio of solutions than a platform.


The Veeam platform protects a broad spectrum of workloads, has a robust, flexible, and scalable architecture, and allows organizations to use a wide range of backup targets and tiers. The company also has a strong and reliable partner ecosystem, which translates into several strategic partnerships with major storage vendors, enabling deeper data protection integrations and simplifying backup and recovery operations.

The data protection suite consists of multiple products aimed at protecting various workloads. Its modular architecture provides ample customization opportunities, making it easy for large enterprises and MSPs/CSPs (a key market for Veeam) to integrate Veeam with their infrastructure and security environments.

Analytics capabilities are delivered through a combination of the various Veeam management consoles for data protection, and Veeam ONE for infrastructure monitoring. The company is currently going through a consolidation exercise to replatform its Windows-based management systems toward a virtual appliance approach based on Linux.

DR capabilities are delivered through Veeam Disaster Recovery Orchestrator, a comprehensive platform that provides ample customization options and a graphical workflow designer, and is suitable even for the most complex DR scenarios.

From a cyber resiliency standpoint, Veeam provides a comprehensive set of ransomware remediation features, immutable image-based backups, and the ability to leverage immutability features on AWS S3 or on-premises object repositories. In addition, Veeam provides recovery verification through its Secure Restore feature, with support for security products from Symantec, ESET, Kaspersky Security, and Microsoft (Windows Defender).

Veeam ONE provides out-of-the-box alarms capable of signaling potential ransomware activity; it also allows custom alarms based on metrics that can highlight potential ransomware activity. Although Veeam has most of the building blocks needed to create a fully-fledged proactive ransomware detection solution, it hasn’t moved in that direction yet. While this is a challenge for SMBs, it is less of an issue for large enterprises, which often implement a multilayered security approach to combat security threats.

Kubernetes support is delivered through Kasten, offering one of the most comprehensive cloud-native data protection solutions currently available.

SaaS application coverage currently includes only Microsoft 365 along with Microsoft Teams. Salesforce SaaS backup has been in beta since December 2021 and will be made generally available in 2022. While in beta for the general public, the solution is stable because Veeam used it internally before making it a public offering.

Even though BaaS consumption models are gaining traction, Veeam focuses on enabling its MSP and CSP partners to deliver BaaS with Veeam instead of offering a direct BaaS solution to its customers. Third-party BaaS offerings enabled by Veeam are searchable on Veeam’s website.

Strengths: Veeam offers efficient and highly flexible solutions that strike the right balance between features and usability. It provides ample customization and integration opportunities for MSPs/CSPs and large enterprises alike. The solution includes outstanding disaster recovery orchestration, excellent Kubernetes support with Kasten, and comprehensive ransomware remediation capabilities.

Challenges: Proactive ransomware detection is loosely implemented. There are several opportunities for integration across the various management interfaces. Data management capabilities are still absent, which can be a concern for large enterprises. BaaS is available only through third-party providers, making it difficult for multinational enterprises to adopt a simple and manageable solution that’s globally available.


Veritas has comprehensive data protection solutions for the enterprise market, covering many platforms and applications. With the addition of Cloud and Kubernetes support, the Veritas products are well balanced and flexible. The company is investing further in these solutions to bring even more flexibility. Veritas has been in business for over 30 years, modernized its user interface a couple of years ago with NetBackup version 8.1, and continues to provide a better, simpler user experience.

Veritas provides three essential layers of cyber resiliency: protect, detect, and recover. NetBackup protects all data—edge, core, and cloud—from a centralized platform. It writes and stores that data in a secure and encrypted manner and writes it to immutable storage. NetBackup Resiliency provides simple execution of recovery at scale, and easy-to-use tools to ensure recovery success.

NetBackup IT Analytics delivers unified backup and storage insights for heterogeneous IT environments across on-premises and cloud services. It gains actionable insights through a single pane of glass for enterprise data wherever it resides. Veritas Data Insight helps customers better understand the data assets and risks across their IT environment and inform more effective cost, compliance, and threat management.

Beginning with NetBackup version 10, Veritas added a number of improvements to make managing complex hybrid cloud environments easier. With better role-based access control (RBAC) capabilities, customers now have easier ways to delegate ownership, visibility, and control over specific cloud tenants.

The Veritas portfolio includes NetBackup SaaS Protection, with options for Microsoft 365, Slack, Dropbox, and Google Cloud Workspace. But it is lacking support for SaaS offerings like Salesforce.

Strengths: Veritas is a widely deployed solution in the enterprise market with a rock-solid and mature architecture that supports traditional backup operations and keeps investing in bringing future-proof solutions into its products.

Challenges: Data management and data governance still need attention. Another point deserving of attention is adding more SaaS capabilities, like for Salesforce.

6. Analysts’ Take

As the collection point toward which all of an organization’s data flows, data protection infrastructures create data lakes that become a critical aspect of an organization’s security and regulatory posture. Besides the fundamental requirement to protect these data assets, large enterprises need to address the challenges posed by cybersecurity threats, regulatory compliance, and infrastructure complexity.

The challenges listed above often overlap: data protection vendors acknowledge the convergence between data protection, cyber resiliency, and data management. In fact, some companies have anticipated these trends and built comprehensive platforms that combine data protection, cyber resiliency, and data management capabilities under a single umbrella. This approach defines the next generation of data protection solutions, for which data protection becomes, in a way, a subset of data management.

In addition, organizations need to protect swaths of applications and infrastructure components across technology stacks and locations, and often with different delivery and consumption models. This complexity requires modular and scalable solutions that offer a comprehensive breadth of scope, ranging from traditional workloads to Kubernetes and cloud-native services, even in multicloud contexts, yet with the ability to comply with data protection and sovereignty laws.

Finally, with infrastructure spending under scrutiny, customers want the benefits of flexible consumption models. Instead of capital investments in data protection infrastructure, some are increasingly opting for BaaS, shifting data protection spending from CapEx to operational expenses, which may better suit some CFOs’ investment and budgeting cycles that have shortened from multi-year horizons to 12 to 24 months at most.

All these changes are profoundly transforming the enterprise data protection market. The expected outcome remains the same: protection of data. But increased complexity and new challenges make data protection a much more interesting and demanding discipline.

There is a clear separation between vendors that have understood these challenges and are designing products around a comprehensive, innovative approach, and those that continue to focus on data protection as an isolated discipline. Without significant investments, pure data protection players are poised to lose momentum and become less relevant unless they operate in highly customized environments or organizations with less stringent requirements.

7. About Max Mortillaro

Max Mortillaro is an independent industry analyst with a focus on storage, multi-cloud & hybrid cloud, data management, and data protection.

Max carries over 20 years of experience in the IT industry, having worked for organizations across various verticals such as the French Ministry of Foreign Affairs, HSBC, Dimension Data, and Novartis to cite the most prominent ones. Max remains a technology practitioner at heart and currently provides technological advice and management support, driving the qualification and release to production of new IT infrastructure initiatives in the heavily regulated pharmaceutical sector.

Besides publishing content/research on the blog, Gestalt IT, Amazic World, and other outlets, Max is also regularly participating in podcasts or discussion panels. He has been a long-time Tech Field Day Alumni, former VMUG leader, and active member of the IT infrastructure community. He has also continuously been running his own technology blog since 2008, where his passion for content creation started.

Max is an advocate for online security, privacy, encryption, and digital rights. When not working on projects or creating content, Max loves to spend time with his wife and two sons, either busy cooking delicious meals or trekking/mountain biking.

8. About Arjan Timmerman

Arjan Timmerman is an independent industry analyst and consultant with a focus on helping enterprises on their road to the cloud (multi/hybrid and on-prem), data management, storage, data protection, network, and security. Arjan has over 23 years of experience in the IT industry and worked for organizations across various verticals such as the Shared Service Center for the Dutch Government, ASML, NXP, Euroclear, and the European Patent Office to just name a few.

Growing up as an engineer and utilizing that knowledge, Arjan currently provides both technical and business architectural insight and management advice by creating High-Level and Low-Level Architecture advice and documentation. As a blogger and analyst at blog, Gestalt IT, Amazic World, and other outlets, Arjan is also from time to time participating in podcasts, discussion panels, webinars, and videos. Starting at Storage Field Day 1 Arjan is a long-time Tech Field Day Alumni, former NLVMUG leader, and active member of multiple communities such as Tech Field Day and vExpert.

Arjan is a tech geek and even more important he loves to spend time with his wife Willy, his daughters Rhodé and Loïs and his son Thomas sharing precious memories on this amazing planet.

9. About GigaOm

GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands.

GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises.

GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level.

10. Copyright

© Knowingly, Inc. 2022 "GigaOm Radar for Hybrid Cloud Data Protection: Large Enterprises" is a trademark of Knowingly, Inc. For permission to reproduce this report, please contact