Unified Cyber Resilience for the AI Era

Start with Commvault Cloud SaaS via the AWS or Azure Marketplace in minutes — no infrastructure to provision. Alternatively, deploy the Commvault software on-premises or implement a HyperScale appliance for integrated compute and storage.

SaaS deployment requires no on-premises servers. The Commvault Command Center unified web console is available immediately. For on-premises or appliance deployments, the setup wizard guides configuration of storage pools, dedupe databases, and initial policies in a single session.

Metallic AI automatically scans your cloud accounts, hypervisor hosts, and SaaS tenants to discover every workload — VMs, databases, containers, M365, Salesforce, and on-premises file systems — and classifies data by sensitivity.

Discovery works across VMware vCenter, Hyper-V, AWS, Azure, GCP, Oracle Cloud, Kubernetes clusters, and SaaS APIs. AI classification categorises data (PII, financial, regulated) to support GDPR, HIPAA, and SOC 2 compliance. Unprotected resources are flagged with risk scores.

Metallic AI recommends optimal backup policies based on workload type and data classification. Define schedules, retention windows, immutability settings, and storage targets — including immutable repositories and Object Lock cloud storage.

Policies enforce AES-256 encryption at-rest and in-transit, RBAC role separation, and Zero Trust access controls. Automated backup copy jobs create off-site or cloud copies for the 3-2-1 rule. SLA dashboards track policy compliance across all workloads in real time.

Metallic AI continuously analyses backup telemetry for anomalies — data entropy changes, backup size spikes, unusual deletion patterns — that indicate an active ransomware attack. Alerts are raised before production is fully compromised.

The threat detection engine correlates signals across backup jobs, repositories, and workloads simultaneously. Identity Resilience monitors Active Directory and Entra ID for suspicious account modifications, privilege escalation, and group policy changes that signal lateral movement.

Before any production restore, Commvault's Cleanroom Recovery provisions an isolated cloud environment, instantiates the backup there, and runs malware scanning, YARA rule checks, and application integrity tests — confirming data is clean.

Cleanroom environments are ephemeral and air-gapped from production. Recovery Readiness reports are generated automatically for audit evidence. Only verified-clean restore points are presented to operators — eliminating the risk of restoring a compromised workload back to production.

Auto Recovery orchestrates automated application restart in near real-time — restoring VMs, databases, and containers in the correct sequence. Granular recovery retrieves individual files, emails, SQL rows, AD objects, or SharePoint items without a full restore.

RPO and RTO targets are validated against SLA dashboards. For full DR failover, Commvault orchestrates cross-cloud failover to Azure or AWS with sequenced runbook execution. Post-recovery compliance documentation is automatically generated for cyber insurers and regulators.