← All servicesBackup · Replication · Disaster Recovery

Enterprise backup and ransomware protection

Enterprise backup, replication and disaster recovery solution with global deduplication, WORM immutability and ransomware detection — to protect data, ensure predictable RPO/RTO and keep your business running, with local support from OpenTechs.

Global dedupWORM / ImmutableAnti-ransomwareCloud storageDRMulti-platform

What it is

What enterprise backup is and why it became a matter of survival

Enterprise backup is not copying files to an external disk. It is a data-protection discipline that ensures that, in the face of any failure — a server that dies, a corrupted database, an employee who deletes the wrong folder, or a ransomware attack that encrypts everything — the company can get back to operating within an acceptable time and with controlled data loss.

Two numbers govern this discipline. The RPO (Recovery Point Objective) defines how much data you can tolerate losing — if the backup runs hourly, the RPO is one hour. The RTO (Recovery Time Objective) defines how quickly the service must be back up. Defining these two targets, per system, is what separates a backup plan from a vague promise.

The market’s golden rule is 3-2-1: at least 3 copies of the data, on 2 different media, with 1 copy off-site. The modern version adds 3-2-1-1-0: one immutable (WORM) copy and zero validated errors on restore. Backup that has never been tested in a restore is not backup — it is hope.

NG Backup delivers this discipline end to end. It performs global deduplication — at the source (client) or in the storage — eliminating repeated blocks across all servers and versions, with up to 99% reduction in stored volume. It is multi-platform: it protects VMs, databases, containers, M365, Google Workspace, NAS and endpoints from a single console, with policies, retention, immutability and off-site replication for DR.

The cost of downtime. Ransomware does not ask permission: it encrypts production and the backups reachable on the network. Every hour of downtime costs revenue, contracts and reputation — and the ransom, when paid, rarely returns 100% of the data. The only reliable defense is an immutable, isolated copy that the malware cannot alter or delete. That is exactly what NG Backup guarantees.
Architectures

3-2-1 centralization and immutability for DR

Robust backup combines two ideas: centralizing the protection of all assets under a single catalog (the 3-2-1 model) and shielding one copy against alteration and deletion (immutability + off-site replica). NG Backup does both — and OpenTechs designs the ideal layout for your environment.

Centralization

Centralized backup (3-2-1)

Agents collect data from each asset and send it to the backup server, which maintains the single catalog and writes copies to multiple media — disk, tape and cloud.

Clients / agents — VMs, databases, M365, NAS, endpoints
↓ deduplicated collection
Backup server + central catalog
↓ writing to media
Media — disk · LTO tape · cloud (cloud storage)
Resilience

Immutability & DR

A copy of each point is written to immutable media (WORM) and replicated to an off-site location. Neither ransomware nor an operator can alter it within the retention window.

WORM diskimmutable retention
S3 Object Lockimmutable cloud
LTO tapephysical air-gap
Immutable copies + off-site replica (DR) — recovery guaranteed even after an attack or disaster

Dedup at the source or in the storage?

  • Dedup at the source (client) — deduplication happens before sending. It drastically reduces network traffic and the backup window; ideal for branch offices, limited WAN links and backup to the cloud, where bandwidth is the bottleneck.
  • Dedup in the storage (target) — the server deduplicates on write. It offloads CPU from the clients and centralizes the global index; ideal for data centers with ample internal networks and large consolidated volumes.
  • Hybrid — source for remote sites and cloud, storage for the data center core. NG Backup supports both models and OpenTechs defines the combination by policy.
How it works

The pillars of NG Backup

Global deduplication

NG Backup breaks data into blocks and stores each unique block only once — across all servers, all versions and all points in time. Identical operating systems, cloned VMs and repeated files no longer take up multiple copies of space, reaching up to 99% reduction and making it viable to keep far more retention on the same storage.

Immutability and WORM (anti-ransomware)

Protection copies are written in WORM (Write Once, Read Many) mode — on immutable disk, S3 Object Lock in the cloud or LTO tape with air-gap. Within the retention window, no one — not an administrator, not ransomware with stolen credentials — can alter or delete the backup. It is the technical guarantee that there will always be a clean copy to restore.

Replication and Disaster Recovery

NG Backup replicates recovery points to an off-site location or to the cloud automatically and deduplicated. In the event of a disaster at the primary site, operations resume from the replica within the agreed RTO — with DR runbooks tested and validated by OpenTechs.

BWeb console (auditing, self-restore, ACLs)

The entire operation lives in the BWeb console: scheduling, job monitoring, reports and alerts in a single web interface. It enables delegated self-restore (each team restores its own data), ACLs by role and tenant, and a complete audit trail — meeting compliance and separation-of-duties requirements.

Scope

From the essentials to the full ransomware shield

NG Backup is delivered in three scope levels, from a well-built backup project to a complete cyber-resilience program. OpenTechs deploys, operates and supports all of them — you choose the depth according to the criticality of the environment.

Essential Backup

Protection done right
  • Deployment of NG Backup and the central catalog
  • Design of policies, retention and windows
  • Global deduplication on disk
  • Scheduling, monitoring and reporting in BWeb
  • Validated restore tests

NG Backup Enterprise

Critical production · recommended
  • Everything in Essential
  • WORM immutability on disk and cloud
  • Copy to cloud storage (S3 Object Lock)
  • Multi-platform: VMs, databases, M365, containers
  • 24x7x365 SLA support in English

DR & Ransomware Shield

Cyber resilience
  • Everything in Enterprise
  • Off-site replication and DR runbooks
  • Full WORM across all media layers
  • In-line ransomware detection in the jobs
  • Integration with SIEM and incident response
How the numbers add up: global deduplication reduces the required storage by up to 99%, which often funds the project itself. And a single successful restore after an incident pays for years of backup investment — the cost of not having it is business downtime.
Comparison

NG Backup vs. competitors

Criterion Proprietary competitors NG Backup (OpenTechs)
Price and TCO License per capacity/VM, rising Best TCO — no per-capacity license
Global dedup Limited or per silo Global, source and storage — up to 99%
Immutability (WORM) Paid add-on WORM on disk, S3 and LTO, included
Multi-platform Partial coverage / extra modules VMs, databases, M365, containers, NAS
Cloud storage Locked to a provider Any S3 / Object Lock, no lock-in
Data sovereignty Vendor-dependent Full — on your infrastructure/jurisdiction
Local support Limited / outsourced 24x7x365 OpenTechs, with an SLA
Coverage

What we protect

Virtual machines

Agentless and agent-based protection for VMware, Proxmox, Hyper-V, Nutanix and KVM — with consistent backup and granular restore of a VM, disk or file.

Databases

Consistent, point-in-time backup of PostgreSQL, MySQL, Oracle, SAP HANA and MongoDB, with granular restore and without stopping the application.

M365 & Google Workspace

An independent copy of emails, files, Teams and sites from M365 and Google Workspace — because SaaS replicates, but does not replace your backup.

Containers

Protection of Docker and Kubernetes volumes and state, including namespaces, PVs and configurations, to restore cloud-native workloads with integrity.

Storage & NAS

Backup of large volumes of files on NAS and network storage, with global dedup and long-term retention on disk, LTO tape or cloud.

Endpoints and servers

Protection of physical servers and Windows, Linux and macOS workstations, with bare-metal restore and delegated self-restore via BWeb.

For the business

What changes for leadership

  • Business continuity — recovery guaranteed after a failure, disaster or attack, without relying on luck.
  • Compliance — retention, immutability, ACLs and an audit trail that meet LGPD and sector requirements.
  • Lower TCO — global dedup of up to 99% and the end of per-capacity licensing reduce storage and product costs.
  • Ransomware protection — an immutable, isolated copy that malware cannot encrypt or delete.
  • Data sovereignty — backups on your infrastructure and in your jurisdiction, with no lock-in to a foreign vendor.
  • Predictable RPO/RTO — recovery targets defined per system, tested and documented in runbooks.
FAQ

Frequently asked questions

Does NG Backup protect against ransomware?
Yes. Beyond in-line anomaly detection during jobs, NG Backup writes immutable copies in WORM mode (disk, S3 Object Lock and LTO tape). Within the retention window, not even an attack with administrator credentials can alter or delete these copies — always guaranteeing a clean version to restore.
Which platforms does NG Backup support?
It is multi-platform: VMs on VMware, Proxmox, Hyper-V, Nutanix and KVM; PostgreSQL, MySQL, Oracle, SAP HANA and MongoDB databases; M365 and Google Workspace; Docker and Kubernetes containers; plus storage/NAS and Windows, Linux and macOS endpoints — all from a single console.
Does NG Backup store in the cloud?
Yes. It replicates and writes deduplicated copies to S3-compatible cloud storage, with Object Lock for immutability. You choose the provider — there is no lock-in — and the cloud copy serves as the off-site layer of your 3-2-1 for DR.
How much storage do you save with dedup?
Global deduplication stores each unique block only once across all servers and versions, reaching up to 99% reduction in environments with many similar VMs and versions. In practice, this multiplies the retention possible on the same hardware and reduces the cost per protected terabyte.
Does OpenTechs do tuning and support?
Yes. OpenTechs deploys, sizes, tunes deduplication and policies, tests restores and offers 24x7x365 support in English, with an SLA — including DR runbooks and ransomware incident response.

Would your backups survive a ransomware attack today?

Get a free assessment of your data-protection environment: coverage, real RPO/RTO, ransomware exposure and an estimate of savings from deduplication. No obligation.

Request a free assessment

Disponível em: pt-brPortuguês (Portuguese (Brazil))enEnglishesEspañol (Spanish)