Federal agencies and enterprises managing massive unstructured data environments have long faced an impossible tradeoff: a choice between robust security isolation and modern, scalable data management.
That’s why we are excited to announce the general availability of Rubrik Protection for Unstructured Data on Rubrik Security Cloud-Private (RSC-P) 2.0. This purpose-built solution brings petabyte-scale data protection, Zero Trust Security, and advanced threat analytics to the most security-sensitive environments. All of this is delivered as a hardened, converged appliance that operates entirely within your organization’s perimeter.
The Unstructured Data Challenge
With 80% of enterprise data now living in unstructured formats like documents, images, and log files, securing this sprawl across complex environments has become a critical priority. For organizations operating within strict security boundaries, legacy data protection solutions create serious gaps:
Fragmented management tools that create overwhelming operational overhead.
Expanding attack surfaces from deploying multiple operating systems and software components.
Forced tradeoffs between security and scale, leading to storage sprawl and degraded performance.
Zero visibility into data threats or the blast radius of an attack.
What Unstructured Data Protection on RSC-P 2.0 Delivers
Unstructured Data Protection on RSC-P 2.0 brings cloud-inspired architecture entirely within your security perimeter. It delivers a centralized management console for unified visibility, consistent policy enforcement, and comprehensive reporting across all protected workloads, without requiring any external connections. Here’s how:
Purpose-Built, Hardened Appliance: The solution is delivered as a converged 4-node appliance designed from the ground up for high-security environments. It operates without relying on a vulnerable general-purpose operating system or hypervisor. It features STIG-based image hardening, and secures all communications with FIPS 140-2 validated cryptography and mutual TLS authentication.
Petabyte-Scale Performance: By processing NAS data in parallel streams, Rubrik achieves backup speeds up to 10x faster than legacy NDMP solutions. The architecture is engineered to scan, index, and move billions of files across on-premises NAS environments, supporting SMB, NFS, and S3 protocols with broad vendor interoperability, including NetApp, Dell Isilon, VAST Data, Qumulo, Pure Storage, Nutanix Files, and more.
Zero Trust Data Protection: Security is foundational to Unstructured Data Protection on RSC-P 2.0. Built-in Multi-Factor Authentication (MFA) and granular Role-Based Access Control (RBAC) enforce the principle of least privilege. Backup data is natively immutable, preventing unauthorized modification or deletion by ransomware or insider threats. Logically air-gapped protection isolates backup data from production environments, ensuring a clean, recoverable copy always exists.
Advanced Data Threat Analytics: Going beyond passive backups, it actively monitors and analyzes data to detect and remediate cyber threats faster. Anomaly Detection uses machine learning to flag ransomware indicators such as unusual access patterns and mass encryption. Threat Monitoring proactively scans backups for the latest Indicators of Compromise (IOCs) using intelligence from Google Mandiant and Rubrik Zero Labs. Turbo Threat Hunting allows administrators to scan backups at scale to pinpoint the exact origin, time, and scope of an infection for clean recovery.
Rapid, Granular Recovery: When downtime strikes, administrators can use global search to instantly locate specific data across billions of files and directories, then recover individual files, folders, or entire shares from immutable snapshots. Cross-platform restores support recovery to original or alternate locations, and surgical incident response capabilities allow targeted restoration of just the affected files without a full system restore.
Architectural Overview
The architecture relies on these core components, all communicating via encrypted HTTPS:
Unstructured Data Source and Target: Rubrik protects massive on-prem file and object stores via APIs or Generic NFS/SMB/S3 connectors. The backup target can be the same storage platform as the source, or an entirely different locations.(For a complete list of supported vendors, refer to the compatibility matrix.)
RSC-P Control Plane: The centralized management console for creating policies, performing recovery, and monitoring all operations. Delivered as a secure, plug-and-play appliance with SSO, MFA, and RBAC.
Stateless Data Mover VM: A lightweight VM deployed adjacent to source data systems, providing secure connectivity to both the control plane and backup targets. Supports VMware ESXi, Nutanix AHV, Hyper-V, and KVM.
Rubrik Managed Control Plane: Houses the Cloud Slab (central data storage layer) and Index Database, enabling rapid search across billions of files for granular recovery.
Hardware Options
This configuration uses RSC-P 2.0 hardware designed specifically for appliance RSC-P and NAS CD use cases and is not intended or supported as a primary target for data storage. There are three converged 4-node appliance models available, each featuring built-in High Availability that can withstand a full node failure without disruption:
R7404: 24 TB usable capacity
R7416: 60 TB usable capacity
R7424: 90 TB usable capacity
Configurations scale up to 48 CPUs and 768 GB of memory to handle the most demanding enterprise workloads.
Get Started Today
Unstructured Data protection on RSC-P 2.0 is available now. For federal agencies and enterprises that need to protect petabyte-scale unstructured data without compromising security boundaries, this solution eliminates the tradeoff between isolation and modern data management.
For additional information, visit rubrik.com or contact your Rubrik Account Team.