Top Banner
PowerWire Logo
The trusted voice of the IBM Power community
IBMi Featured

IBM FlashSystem and IBM i: Built for the Ransomware Era

Ed Yeats

5 min read
IBM FlashSystem and IBM i: Built for the Ransomware Era

For IBM i shops, operational resilience isn’t a feature you can turn on later, it’s the price of admission. The new IBM FlashSystem 5600, 7600 and 9600 don’t just raise the bar on performance; they rethink what storage-level protection looks like for mission-critical workloads.

Being able to recover quickly from a cyber-attack is no longer optional. But here’s the harder question: can you afford to rely on a tape restore? Is last night’s backup really a safe enough point to return your business data to? If the honest answer to either of those is “no” (for most IBM i operations today it could be) then IBM FlashSystem’s Safeguarded Copy deserves your attention. 

What Safeguarded Copy Actually Does

 

Safeguarded Copy is a policy-driven snapshot technology. It creates immutable, isolated recovery points that cannot be deleted, overwritten, or encrypted by ransomware, or a malicious insider, not by anyone. They are logically air-gapped, and immutability here is total: the snapshots can’t even be moved. That’s worth sitting with for a moment, because it means Safeguarded Copy is fundamentally a recovery solution, not a backup solution.

For IBM i specifically, this matters enormously. Your most critical recovery asset, which is a clean, known-good copy of your system is preserved at the storage layer, completely outside the reach of anything running in the OS. This protects you whether you’re dealing with a full ransomware compromise of your production environment or something far more mundane: an accidental data corruption caused by a failed application change.

A note on terminology: On the FlashSystem, your IBM i disks are called volumes. By enrolling those volumes into a volume group, the FlashSystem maintains consistency aligned with IBM i single-level storage and it applies pre-configured policies to schedule, manage, and age-out snapshots automatically. Your IBM i partition won’t know a copy is being taken, and your users certainly won’t notice.

When you need to recover, the FlashSystem provides a guided wizard with two clear paths:

  • Restore - returning the production volume group back to a snapshot point in time
  • Recover - creating a fresh copy that can be presented to a different partition for testing and validation before you commit

That second option matters, it means you can verify a snapshot is clean and corruption-free before you bet your business on it.

In a ransomware event, that difference between two hours and twelve hours isn’t just a productivity issue. It’s often the difference between a manageable incident and a business-threatening crisis.

Flash Core Modules: The Storage Intelligence Layer

So how much extra capacity does Safeguarded Copy need? It depends on your data change rates and retention window, but the answer is probably less than you expect, here’s why.

The physical drives inside IBM FlashSystem are called Flash Core Modules (FCMs), now at their fifth generation (FCM5). IBM describes them as AI-powered computational storage devices, and that’s not marketing gloss, they carry their own on-board processor chips that do real work. Every I/O is analysed in real time for ransomware behaviour. Connect your FlashSystem to IBM Storage Insights via call-home and you get ransomware detection alerts within 60 seconds, at no performance cost whatsoever.

At the same time, data is automatically encrypted and compressed at the drive level as it’s written, without touching your performance headroom. That compression is where the capacity story gets interesting for IBM i.

IBM i data is gloriously well-ordered and its integrated database and object architecture lends itself to excellent compression ratios. On FCM drives, you can realistically expect 2:1 to 4:1 compression of your IBM i data. If WRKSYSSTS shows 9TB of actual data, the FlashSystem may only consume 3TB of its physical capacity. The overhead for a policy of hourly Safeguarded Copy snapshots is therefore much smaller than most people assume.

Unlike IBM i journals, Safeguarded Copy storage use is not cumulative in the way you might fear. Only data that has changed since a snapshot was taken is written to disk to preserve that recovery point. If the same block of data changes a thousand times, only the one copy needed to maintain the snapshot’s integrity is stored, not a thousand versions of it.

Replication: Smarter, Not Just Faster


Replication has been meaningfully improved in the new FlashSystem generation. By assigning a replication policy to your volume group, the FlashSystem continuously optimises your Recovery Point Objective based on actual replication throughput and available bandwidth. Gone are the days of configuring cycling mode and accepting that you’re permanently five minutes behind… the system manages this dynamically.

That said, IBM i’s standard replication considerations haven’t changed. To invoke DR or switch replication direction, you still need to wait for an abnormal IPL to make target disks available. And you still can’t upgrade the target system’s OS independently and then switch to it, OS maintenance still means a production outage. Those are platform constraints, not FlashSystem limitations.

Policy Based High Availability



Policy Based High Availability (PBHA) is the technology that supersedes the older Hyperswap. It brings improved fault tolerance, lower latency, and meaningfully better performance. The concept is straightforward but powerful: enrol your IBM i volume group into a Storage Partition, then assign a two-site HA topology. This creates resilience across two independent FlashSystem devices, and IBM i’s built-in multipath drivers handle the rest, keeping the OS, data, and I/O flowing even if one of those storage devices is completely lost.

PBHA is part of a broader shift in how IBM FlashSystem approaches workload mobility,  whether that’s a planned migration, a maintenance window, or an unplanned DR invocation. It’s storage infrastructure that actively participates in keeping you operational, rather than passively waiting to be recovered from.

The Bottom Line

IBM FlashSystem’s Safeguarded Copy offers something genuinely unique for IBM i: operational resilience and cyber recovery built into the storage layer, not bolted on top of it. You don’t need to be a career-long storage administrator to set it up because IBM has designed these tools to be accessible.

The question for any IBM i architect today isn’t whether a ransomware event is plausible. It’s whether your recovery capability is already in place when it happens. If your honest answer today is “we’d be relying on tape,” it’s probably time to look into FlashSystem and what it can do for you. 

By Edward Yeates – Celerity · 5 min read