A logical air gap, on the other hand, refers to the use of software and configuration strategies to create a separation or isolation between systems or networks. This does not remove the physical connectivity but uses technologies like firewalls, virtual LANs (VLANs), and other network segmentation techniques to control and limit access between isolated systems and the wider network or internet.

Your privacy preferences for Zerto's websites has been saved. We will serve only essential cookies moving forward on this browser

While still a foundational rule for an effective backup strategy, the 3-2-1 rule has evolved to adapt to new threats such as cyberattacks—among them, ransomware attacks. In this scenario, a bad actor may gain access to the whole network, and therefore all the copies of the data, including potentially copies stored in the cloud, if not managed and secured in a different fashion.

A physical air gap refers to the complete physical isolation of a computer or network from other networks, including the internet. This means there is no physical connection (such as Ethernet cables, fiber optics, or wireless connections) that links the air-gapped system or network to any external devices or networks.

From the definition of ransomware, description of how a ransomware attack unfolds, right down to cyber resilience and ransomware recovery, we cover everything in this ultimate Ransomware Recovery guide.

Air-gapped systems are commonly utilized in environments where data security is of utmost importance such as, government agencies, military, and critical infrastructure sectors.

The term “air gap” refers to a security measure that involves physically isolating a computer or network from other networks, including the internet, to protect against unauthorized access, cyberattacks such as ransomware, and data breaches.

This 8 to 12 inch lead free repair kit is used for the stainless steel double check valve and detector assembly. The contents of this kit are used for proper maintenance to the first check parts. This kit consists of a first check assembly, check O-ring, and lube.

The only way to transfer data in and out of a physically air-gapped system is through manual methods, such as carrying data on a USB flash drive or other removable media. This method is considered highly secure because it significantly reduces the attack surface for cyber threats.

The convenience of a logical air gap comes at the cost of increased vulnerability to sophisticated cyber-attacks that can potentially bypass logical controls.

Cloud air gap leverages the cloud as infrastructure as a service (IaaS) and uses digital technologies and advanced technics for access control as a way to implement the air gap between your environment and the cloud where your data might be stored.

Logical air gaps are designed to reduce the risk of unauthorized access or data leakage between the segregated parts of the network, but since the systems remain physically connected, the security is not as robust as a physical air gap.

Learn about data protection principles and technologies, and understand why it is important to prevent data loss and mitigate downtime .

When used together over an air-gapped network, an immutable data vault and an isolated recovery environment offer a powerful combination for cyber resilience.

Leveraging zero-trust principles, the Zerto Cyber Resilience Vault enables rapid air-gapped recovery in the event of a serious cyberattack. If all else fails, Zerto's disconnected clean room, combined with a secure immutable data vault, allows organizations to get back up and running within a matter of hours.

Air gapping is one way to strengthen the 3-2-1 rule, along with immutable backups. This adds the requirement to have one copy of the data offline, or air-gapped, and forms the 3-2-1-1 rule. For a logical air gap, that means enhanced security (hardware, access management with additional credentials) and maybe using different accounts in the case of cloud air gap.

Many vault solutions claim complete isolation or air-gapped systems. However, most vaults have numerous connections to outside networks for management, providing only partial network isolation.

This characteristic provides the ability to manage the backup infrastructure, in terms of storage volume and cost, while ensuring the integrity of the data, making it an effective defense against ransomware and malicious tampering, as attackers can't alter the backups to compromise data recovery processes.

The Zerto Cyber Resilience Vault is a truly isolated, offline environment that uses physical and logical air gaps to guarantee true isolation.

Air gapping is security by isolation. An air gap is a security measure that physically and/or logically isolates a system from unsecured networks. The primary purpose is to create a barrier that prevents unauthorized access to sensitive data.

An isolated recovery environment, is a secure, controlled space that's segregated from the main network. It's used for safely analyzing and recovering from cyberattacks without risking further contamination of the network or compromising the recovery process.

This synergy enhances an organization's ability to recover from cyber incidents swiftly and securely, leveraging the strengths of both approaches to provide a robust defense against a wide range of cyber threats.

However, backup immutability is about securely storing data that cannot be modified or deleted for a set period. Once past that retention period, the backup can be replaced.

As already mentioned, air-gapping is the mechanism used to create the actual isolation, or segregation between environments—production vs recovery. And the air gap can be physical or logical.