LTFS as NAS Architecture provides the lowest cost form of archive storage. Total cost of ownership for tape is a fraction of that spent with disk-based storage systems. They can reliably and cost-effectively archive data for years or even decades reducing operating costs dramatically
(electricity, cooling, maintenance and capacity upgrades).

The majority of files are rarely accessed more than 30 days after their creation, and many are never opened twice. Most static files stay online by default, frequently on expensive primary and secondary storage disks. Holding so much inactive data in the original storage locations is extremely costly over the years. The QStar LTFS as NAS solution is designed specifically to combat the relentless explosion of data, cut local storage infrastructure costs and optimize data. The solution provides transparent and automatic migration of static files from local infrastructure to the LTFS as NAS archive, using attributes such as date created, modified, accessed, file owner, size and extension. Meanwhile, it restores data to its original location in real time, completely transparently to applications, network and users.

QStar has significantly enhanced LTFS functionality by including the Volume-Spanning option long before its market competitors. This function can combine all media contained within a tape library as one or multiple volumes. Basically, all media in the tape library can be made to appear as a single (or multiple) share(s) or a standard Windows folder, capable of growing in size automatically as new data is archived, through a fully automatic and unattended process. This approach not only removes the complexity of handling hundreds or thousands of volumes assigned to each single medium, but also does away with the manual cartridge selection process.

File location information is stored in an internal database within the cache. All files, even for those no longer in the library following a media export, can be discovered. Should a user or application request the exported files, the system will automatically notify the storage administrator by email, providing the barcode details of the cartridge containing the required files. Media within the spanned volume can be removed from the tape library and will continue to appear in the shared / mounted volume, provided that the extended retrieval times in question can be tolerated.

The increased popularity of Active Archive tape-based architecture was driven by the introduction of the Linear Tape File System (LTFS) standard initially introduced with LTO-5. The LTFS format complies with standard ISO/IEC 20919:2016. The format guarantees media interchange between operating systems and different archive system manufacturers who have adopted it.

3D Gateway migrates and archives data securely across multiple copies and locations and different LTO media in the local LTFS as NAS Active Archive. LTO rewritable media in general offers very high-level data archive security. For all cases where data must not be altered accidentally or must comply with regulatory archiving standards, there is also a non-rewritable LTO WORM version. The LTO WORM cartridge was developed to allow organizations to store critical data which once written cannot be overwritten or tampered with.
Another benefit of LTO WORM media is its compliance with various regulatory requirements including the 2002 Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and SEC Rule 17-a-4(f). The data can be also encrypted for an even higher level of security. LTO tapes can be encrypted with 256-bit AES-GCM encryption, and the data can be compressed prior to encryption to maximize tape capacity and provide high performance archiving.
An LTO WORM Cartridge is identical to a normal LTO cartridge except that its LTO-CM chip identifies it as WORM to the drive and the servo track is slightly different to allow verification that the data has not been modified. It may also come with tamper proof screws. WORM-capable drives immediately recognize WORM cartridges and include a unique WORM ID with every dataset written to the tape. There is nothing different about the actual tape medium in a WORM cartridge, though typically, WORM cartridges do have a different color packaging.

In recent years we have seen an enormous growth in criminal activity via malware, hacking and, above all, ransomware. This last is an incredibly effective addition to the already vast category of cyber threats that have been around for some years. Sadly, criminal activity is evolving as fast as data protection. It is quite impossible to feel safe just by installing software, even of the latest generation, to protect against such criminality. These days we need top level security measures that go beyond the traditional systems. News stories abound of organizations that have spent millions of dollars in infrastructure security only to fall hopeless victims to attack. Ransomware comes in a variety of forms. Lock-screen ransomware, as the name suggests, causes the PC to freeze and show a message demanding payment, making the computer unusable until the malware is removed. While this is a nuisance for users, it generally only involves a single PC, and is usually relatively easy to remove. The rapidly emerging ransomware cryptography, on the other hand, is a gigantic threat to companies since it can permanently block the whole corporate network. Files remain encrypted until the company pays up to receive the decryption key – always assuming that the criminals actual hand it over once they have been paid. The immediate question this raises is how can we trust such people? Not to mention the worry that decryption might not even work after paying a ransom. Companies that have suffered an attack, and unfortunately there are plenty of them, as so often happens realized too late that they had underestimated this increasingly widespread danger. Backup protection is one of the most basic ways to systematically combat the threat, but it is not sufficient on its own. Today’s company backups use storage systems with data deduplication based on hard disks and usually an internal embedded Linux server to manage the actual deduplication system, that can be easily attacked, blocking all backups! Even in the most fortunate of cases, backups do not save very recent data, so data loss is in any case inevitable. QStar has developed a specific technology and methodology to protect customers from ransomware attacks thanks to a super secure archive that does not allow direct access to its content.

“Data at rest” is a definition used to describe all data in storage; this therefore excludes all data residing in temporary memory (RAM), data to be read and/or updated or in transit across the network. Data at rest can also mean files that have not changed or are modified only rarely.

Data at rest may also refer to data that is regulated but not subject to change. Examples include all important files stored on company disks, the servers of a SAN network or files on service provider servers used for off-site backups and of course

LTFS tapes used as part of an Active Archive are by definition easily transported and read by multiple solutions on multiple operating systems. Encryption is a key element in preventing unauthorized access to this information. Using this method, cartridges can only be read by those in possession of the correct decryption key.

Active Archive LTFS as NAS primarily uses the encryption option provided by tape drives. Encrypt and decrypt operations are performed automatically as part of the tape write / read operation. There is no overhead to using tape drive encryption as each tape drive includes a specific encryption chip to undertake these operations. QStar recommends that all tape media containing confidential information be encrypted. Until recently, all encryption key management systems used their own proprietary procedures. Today tape libraries mainly encrypt data using the Key Management Interoperability Protocol (KMIP) Specification that is governed by the Organization for the Advancement of Structured Information Standards (OASIS). The KMIP Specification guarantees a key management procedure conforming to a market-approved standard and offering maximum protection for encrypted data. QStar provides an encryption option as well, although this is typically only used for non-tape based archives, such as archiving to cloud storage.

QStar developed a proprietary file system using Volume Spanning to manage tape libraries almost a decade before the current LTFS format was introduced on the market. In some respects, the TDO file system does offer certain advantages over the LTFS format. Unlike the latter, a single file can be spanned across two different media (File Spanning). Performance is slightly improved as media formatted with TDO does not use multiple partitions. TDO and LTFS file systems can coexist within the same tape library, if required.

Extreme levels of data consistency and integrity in case of disaster with the TDO QStar file system

Each TDO integral volume database remains on the cache and stores information about all activities for each individual archived file, including all replicated or copied locations. In order to guarantee data integrity, the database is written periodically to each tape media in the integral volume. Should the cached database or server be destroyed or become corrupted, the entire database can be quickly reconstructed by reading the last cartridge in each media set and rebuilding each integral volume.