5/30/23, 4:57 PM Gartner Reprint

Licensed for Distribution

Magic Quadrant for Enterprise Backup and Recovery

Software Solutions
Published 28 July 2022 - ID G00756210 - 40 min read

By Michael Hoeck, Nik Simpson, and 2 more

Protecting hybrid, SaaS and multicloud environments, preparing for ransomware attacks, and the
need to simplify backup and data management are forcing I&O leaders to rearchitect their
backup infrastructure and explore other solutions. This research provides analyses of backup
and recovery vendors.

Market Definition/Description
Gartner’s view of the enterprise backup and recovery software solutions market is focused on
transformational technologies or approaches delivering on the emerging needs of end users. It is not
focused on the market as it is today. According to Gartner’s definition: “Enterprise backup and
recovery software solutions are designed to capture a point-in-time copy (backup) of enterprise
workloads in on-premises, hybrid, multicloud and SaaS environments and write the data to a
secondary storage target for the purpose of recovering this data in case of loss.”

Backup and recovery solutions have several core capabilities. These include backup and recovery of
operating systems, files, databases and applications in the on-premises data center; backup and
recovery of public cloud IaaS, PaaS and SaaS data; creation of multiple copies of the backup to
support resiliency, disaster recovery and other use cases; assigning multiple backup and retention
policies that align with the organization’s recovery objectives; and reporting success and failure of
backup/recovery tasks.

Additional capabilities can be provided by the solution. They are protecting other workloads including
containers, edge/remote branch office sites and endpoints; tier backup data to multiple targets
including public cloud; expand backup data use cases to data discovery, compliance, copy data
management and e-discovery; bare-metal recovery; ransomware protection, data anomaly and
malware detection, and advanced recovery; and orchestrated disaster recovery processes.

The solution can be offered as an appliance, as software-only, or as a vendor-developed and hosted

backup as a service.
[Link] 1/26
5/30/23, 4:57 PM Gartner Reprint

Magic Quadrant
Figure 1: Magic Quadrant for Enterprise Backup and Recovery
Software Solutions

Source: Gartner (July 2022)

Vendor Strengths and Cautions

Acronis

Acronis is a Visionary in this Magic Quadrant. It leads with the Acronis Cyber Protect Cloud platform,
a cloud-based backup and security service targeted at the midmarket. The product is delivered by
more than 20,000 service providers through 42 Acronis data centers spread across all major
geographies. The vendor also offers Acronis Cyber Protect, a software solution that can be deployed
on-premises, providing an integrated backup, security and endpoint management solution for
physical servers, on-premises virtual machines (VMs), SaaS workloads and endpoints. During the

[Link] 2/26
5/30/23, 4:57 PM Gartner Reprint

evaluation period, Acronis introduced new features such as immutable backups and integration with
VMware Cloud Director; acquired 5nine, DeviceLock and Nyotron; and opened 12 new data center
locations.

Strengths
Integrated cyber and data protection capabilities — Acronis delivers a broad integrated portfolio
that combines comprehensive security, backup and disaster recovery (DR), and IT management in
a single unified solution.

Scale Computing support — Acronis Cyber Protect fully supports agentless backup/recovery for
Scale Computing HC3 hypervisor to expand edge use case capabilities.

Global edge environments and endpoint protection strategy — Acronis offers a strong and
differentiated data protection solution for remote sites/edge locations and endpoints localized in
more than 25 languages.

Cautions
Limited enterprise and public cloud capabilities — Acronis trails the competition in enterprise
capabilities, running behind on supporting enterprise databases, cluster architectures, operating
systems, NAS, storage integration and public cloud integration.

Limited focus for enterprise workloads — Acronis’ overall portfolio and acquisition strategy is
highly targeted toward endpoint functionality, providing management, security, protection and
collaboration solutions in a unified solution.

High dependency on managed service providers (MSPs) — Acronis focuses mostly on selling
through MSPs to provide a managed solution delivering backup, DR, cybersecurity, collaboration
and endpoint management. Commercial relationships and customer experience, including
support, security and performance, will be the responsibility of the chosen MSP.

Arcserve

Arcserve is a Challenger in this Magic Quadrant. Arcserve’s backup portfolio includes Arcserve UDP,
Arcserve Backup, Arcserve UDP Appliances, Arcserve Cloud Direct, Arcserve UDP Cloud Hybrid
Secured by Sophos, Arcserve OneXafe storage appliances and Arcserve SaaS Backup. Arcserve’s
operations are geographically diversified, and most of its clients are in the midmarket segment.
During the evaluation period, Arcserve merged with StorageCraft, launched new N Series Appliances
based on Nutanix, expanded UDP appliance capacity to 1PB, released new Arcserve SaaS Backup via
OEM agreement with Keepit, and released UDP 8.1, which includes support for Oracle Standard
Edition and multifactor authentication.

Strengths

[Link] 3/26
5/30/23, 4:57 PM Gartner Reprint

Secure appliance offering — Arcserve expanded its appliance offerings to include an integrated
offering based on Nutanix Mine Integrated Backup that includes Arcserve UDP and Sophos
Intercept X for Server.

Immutable storage option — Arcserve’s merger with StorageCraft has expanded its backup
storage target options with its OneXafe storage appliance offerings. Bundled with UDP, OneXafe
adds the ability to store backups to immutable storage.

Free Sophos malware detection — Arcserve provides clients a free copy of Sophos Intercept X
with eligible purchases of its Arcserve Appliances, UDP software and UDP Cloud Hybrid.

Cautions
Limited ransomware detection and recovery capabilities — Arcserve UDP lacks support for
anomaly detection, limiting its ability to detect suspicious activity such as encryption. Arcserve
UDP doesn’t offer an isolated recovery environment or guidance to the best recovery point.

Limited native cloud workload support — Arcserve lags major players in support of agentless
backup of cloud workloads such as AWS EC2, AWS VMware Cloud, Azure VM, VMware on Azure,
GCE or VMware on GCP.

Lacks container backup — Arcserve does not provide backup capabilities for container workloads.

Cohesity

Cohesity is a Leader in this Magic Quadrant. Its backup product portfolio consists of DataProtect and
DataProtect delivered as a service, a backup as a service (BaaS) offering that is part of the Data
Management as a Service (DMaaS) portfolio. Cohesity’s operations are distributed across North
America, Western Europe and Asia/Pacific. Its clients tend to be in the upper midmarket and
enterprise segments. During the evaluation period, Cohesity introduced its SiteContinuity disaster
recovery (DR) as a service, expanded DataProtect integrations with Oracle ZDLRA, PostgreSQL,
CockroachDB, IBM Db2, SAP IQ, VMware snapshots on HPE Alletra, NetApp and Nutanix, Amazon
C2S and Azure Stack Hub. It added continuous data protection for MongoDB, Cloud Archive and
Cloud Archive Direct. The BaaS offering added workload support for physical machines, Hyper-V and
Oracle.

Strengths
Unified and simplified management — Ease of administration is provided with centralized
management of multiple Cohesity environments. These include self-managed and Cohesity-
managed BaaS operations activities such as backup, ransomware detection/alerts and disaster
recovery. Efficiency of scale is available without the need for added backup servers, multiple
proxies or separate hardware; and optimizations of deduplication, global search and efficient
restore resonate with customers.

[Link] 4/26
5/30/23, 4:57 PM Gartner Reprint

Threat defense — Cohesity’s comprehensive layered security approach features built-in

capabilities along with integrations with third-party security partner solutions to combat
ransomware and other vulnerabilities.

Flexible licensing — Cohesity has introduced new flexible licensing that allows clients to move
existing licenses between self-managed infrastructure and Cohesity-managed BaaS.

Cautions
Inconsistent time to market for product releases — Cohesity’s recent product release cadence
and length of time between announcement and general availability lags in comparison to previous
years.

Current BaaS solution is limited in capability — Cohesity BaaS does not support a localized copy
of the backup dataset, impacting performance of backup and restore, and availability when
network outages occur at a client’s data center.

Complex BaaS pricing — Cohesity pricing for its BaaS offering is comparatively complex, based on
a combination of multiple criteria including front-end capacity and retention, requiring additional
licensing for back-end consumption capacity beyond 30 days.

Commvault

Commvault is a Leader in this Magic Quadrant. Its backup/recovery portfolio mainly comprises
Commvault Complete Data Protection, Commvault Backup & Recovery, Commvault HyperScale X and
Commvault Metallic BaaS. Commvault’s operations are geographically diversified, and its clients tend
to be large enterprises. During the evaluation period, Commvault enhanced centralized management
of its Metallic and on-premises offerings, Hyper-V live recovery and ransomware services offerings;
added cloud workload support for Dynamics 365, Azure Data Lake and Azure Cosmos; and
introduced a new Metallic security dashboard and Nutanix Mine with Commvault. It also acquired
TrapX to improve threat detection in its Metallic offering.

Strengths
Comprehensive workload support — Commvault Complete Data Protection supports a broad set
of workloads in a consistent way, whether it is in the cloud or on-premises.

Flexible deployment options — Commvault delivers a BaaS solution with Commvault Metallic, a
hybrid-software-based solution with Commvault Complete, a scale-out appliance solution with
HyperScale X and a managed cloud-based storage solution. All can be managed either by
Commvault Command Center or Metallic web console.

Broad geographic coverage — Commvault’s Metallic expansion to multiple geographies aligns

with its existing broad worldwide coverage supported by Commvault services, which includes a
large partner ecosystem of resellers, integrators and managed service providers. This makes

[Link] 5/26
5/30/23, 4:57 PM Gartner Reprint

Metallic a good candidate for large enterprises with holdings across mature and emerging
markets.

Cautions
Complexity of operations — Commvault’s strategy of supporting almost everything in a single
product adds complexity, making Commvault Complete Data Protection a lesser fit for smaller
enterprise customers.

Variable Commvault Metallic customer experience — Some Gartner inquiries point to client
challenges and inconsistent experiences primarily with the initial onboarding and newer supported
workloads of Commvault Metallic.

Secure by configuration — Commvault Complete security and ransomware detection capabilities

require advanced design and implementation services to deliver and enable them.

Dell Technologies

Dell Technologies is a Leader in this Magic Quadrant. Its backup and recovery software portfolio
mainly consists of the Dell Data Protection Suite, composed of Avamar, NetWorker and PowerProtect
Data Manager, and APEX Backup Services. Its appliance portfolio includes PowerProtect DP series
(integrated appliances) and PowerProtect DD series (target-based appliances). Dell’s operations are
geographically diversified, and its clients tend to be large enterprises, with some presence in the
midmarket. In the last 12 months, PowerProtect Data Manager enhancements include Transparent
Snapshots for VMware, Dynamic NAS protection and Cloud Snapshot Manager integration. Dell also
introduced APEX Backup Services, PowerProtect Cyber Recovery for Amazon AWS and Smart Scale
for PowerProtect DD series appliances.

Strengths
Cyber Recovery vault deployments — Customers have accelerated deployment of Dell’s
PowerProtect Cyber Recovery solution to augment their existing production and DR backup copies
to improve their resilience posture.

PowerProtect Data Manager advancements — PowerProtect Data Manager is now more

frequently deployed by customers, as it includes features such as Dynamic NAS protection,
Transparent Snapshots and Kubernetes support, which are not available in Dell’s traditional backup
solutions.

VMware relationship — Dell is first to market with Transparent Snapshots capability, leveraging
new integrations with VMware, which eliminates requiring proxies and mitigates virtual machine
stun.

Cautions

[Link] 6/26
5/30/23, 4:57 PM Gartner Reprint

Limited new features in Avamar and NetWorker products — Dell has reduced the inclusion of new
features in its Avamar and NetWorker products, requiring customers to accelerate implementation
of Data Manager to meet new requirements.

Traditional software with PowerProtect DP appliances — PowerProtect DP appliances use

Avamar, and Dell has yet to introduce an integrated appliance that uses PowerProtect Data
Manager backup software.

Data Domain restore performance concerns — Some Gartner clients report Data Domain
performance issues, particularly for large restore operations using Avamar.

Druva

Druva is a Visionary in this Magic Quadrant. The Druva Data Resiliency Cloud platform is a BaaS
offering that leverages AWS infrastructure for running, storing and managing backups. The platform
consists of multiple products that provide on-premises and cloud VM backup and DR; AWS cloud-
native and Kubernetes backup and DR; and SaaS application and endpoint backup. Druva’s
operations are geographically diversified, with most of its customers in North America. Its clients
tend to be in the midmarket and enterprise segments. During the evaluation period, Druva added
cloud-native support for AWS EC2 and AWS Kubernetes and support for Nutanix AHV, and enhanced
Cloud Cache for VMware instant restore integration, long-term retention and reporting capabilities.

Strengths
Mature SaaS-based BaaS solution — Druva Data Resiliency Cloud offers a mature BaaS solution
for protection of a mix of on-premises workloads, IaaS and cloud-native applications, multiple
SaaS-based workloads and endpoints.

Comprehensive data management capabilities — Druva Data Resiliency Cloud offers

comprehensive capabilities for handling storage deduplication, multiple storage tiers, ransomware
recovery and disaster recovery.

Consumption-based licensing — Druva’s pricing model removes long-term commitments and is

based on paying only for the storage capacity customers use, leveraging the benefits of its
deduplication process across multiple storage tiers.

Cautions
Data center network bandwidth requirements — Druva Data Resiliency Cloud solution for
enterprise data center workloads — also known as Druva Phoenix — requires customers to
provision sufficient cloud network bandwidth to support Druva’s backup direct to cloud, populating
cache from the cloud and 30-day local backup cache limit.

Limits native cloud support to AWS — Druva is highly focused on protecting workloads within
AWS, with limited native capabilities for protecting multicloud environments, which may also

[Link] 7/26
5/30/23, 4:57 PM Gartner Reprint

include Azure and Google.

Product packaging — Druva Data Resiliency Cloud is marketed and presented as a single solution,
but it remains based on three disaggregated products (Phoenix for server backup, InSync for SaaS
applications and endpoint backup, and CloudRanger for cloud-native backup and DR), which
results in different user experiences across the platform.

HYCU

HYCU is a Visionary and a new entrant in this Magic Quadrant. HYCU Protégé is a multicloud BaaS
platform that spans across Azure, AWS and Google to support IaaS, DBaaS, PaaS, SaaS and on-
premises workloads. HYCU’s operations are geographically diversified, with the majority of its
customers in North America. Its clients tend to be in the upper midmarket with a high concentration
of customers supporting the Nutanix Platform. During the evaluation period, HYCU enhanced support
for on-premises, Azure and Google backups, and added support for AWS and Kubernetes. It also
entered into an OEM agreement to support Microsoft 365 backups, switched to a subscription-based
model and initiated R-Score to assess ransomware readiness.

Strengths
Ease of use — Gartner customers indicate a high level of satisfaction for ease of use, product
stability, and management of backup and disaster recovery for the HYCU Protégé hybrid
management solution.

Multicloud and hybrid support — HYCU Protégé simplifies protection of multicloud and hybrid
environments by supporting Azure, AWS, Google and data center workloads with a single unified
SaaS solution.

Deep Nutanix integration — HYCU Protégé is completely integrated and optionally managed from
the Nutanix Prism interface.

Cautions
On-premises limitations — HYCU’s on-premises offering lags leading vendors in features such as
global data deduplication, continuous data protection (CDP), support for container workloads and
enterprise clusters such as Oracle RAC, and support for non-x86 workloads such as Power/AIX.

Lacks integrated appliance offering — HYCU lacks an integrated appliance offering for on-
premises deployment, relying on integrations with third-party solutions such as Nutanix Mine.

Limited ransomware detection capabilities — HYCU is missing advanced backup data analysis-
based ransomware detection, such as encryption and entropy detection, and recovery point
guidance capabilities found in competitive offerings.

IBM

[Link] 8/26
5/30/23, 4:57 PM Gartner Reprint

IBM is a Challenger in this Magic Quadrant. Its backup portfolio consists of Spectrum Protect,
Spectrum Protect Plus, Spectrum Protect Snapshot, Spectrum Protect Plus Online Services for
Microsoft 365 and Spectrum Copy Data Management. IBM’s operations are geographically
diversified, and its clients tend to be large enterprises. In the past year, the vendor released three
updates for Spectrum Protect and Spectrum Protect Plus. Spectrum Protect additions include
multifactor authentication, multisite replication, cloud object storage retention sets and support for
Google cloud storage tiers; and Spectrum Protect Plus additions include Red Hat OpenShift
Virtualization support, incremental forever file copy of PVC snapshot to vSnap, and backup
containers direct to object.

Strengths
OpenShift container backup — IBM leads major players in support of Red Hat OpenShift
Kubernetes and IBM Cloud Paks backup and recovery. Key advantages include fully containerized
deployment of Spectrum Protect Plus, integration with Spectrum Fusion, support for OpenShift on
Azure, IBM and Red Hat certifications, and extensive CSI integrations, including NetApp and
Hitachi.

Comprehensive portfolio selling — Enterprise customers leverage IBM backup and recovery
solutions as part of packaged offerings including IBM systems, storage, security and containers,
which simplifies vendor management and provides a one-stop-shop experience.

Product strategy — IBM’s bundling of Spectrum Protect Suite, including Spectrum Protect Copy
Data Management, and its introduction of Spectrum Protect Plus Online Services for Microsoft
365 indicate a direction of simplifying and supporting SaaS workloads via BaaS for the portfolio.

Cautions
Multiproduct management and architectures — IBM Spectrum Protect and Spectrum Protect Plus
integrated storage targets and converged administrative interface remain works in progress,
requiring use of distinct management consoles and storage targets for each.

Limited native cloud support — Spectrum Protect Plus lacks support for cloud databases, such as
AWS RDS, AWS RedShift, Azure SQL Database and Google Cloud SQL, and agentless backup of
Azure VM, VMware on Azure, Google Compute Engine, and VMware on GCP.

Limited cloud service options — IBM lags major players in offering vendor-managed cloud backup
services such as BaaS for IaaS and PaaS cloud and on-premises workloads; and backup cloud
storage solutions.

Micro Focus

Micro Focus is a Niche Player in this Magic Quadrant. Its backup product portfolio consists of two
separate products: Data Protector for on-premises workloads and Data Protector for Cloud
Workloads covering cloud IaaS and SaaS workloads. The vendor’s operations are geographically
[Link] 9/26
5/30/23, 4:57 PM Gartner Reprint

diversified, and its clients tend to be mainly in the midmarket segment. In the past year, Micro Focus
enhanced Data Protector by improving VMware backup performance and SAP HANA integration,
expanded software-based deduplication scale to 1PB, and introduced Data Protector for Cloud
Workloads, which supports a variety of virtual environments, cloud IaaS systems and Microsoft 365.

Strengths
Subscription pricing — Micro Focus’ already low price per socket and TB-based perpetual license
models are now complemented by subscription-based licensing models.

BaaS offering introduced — Micro Focus introduced Data Protector for Cloud Workloads through
an OEM agreement. This offering provides Micro Focus customers its initial cloud capabilities to
protect Microsoft 365, and AWS EC2 and Kubernetes workloads.

Broad storage target support — Data Protector supports a broad range of purpose-built backup
appliances, multiple storage protocols and tape libraries.

Cautions
Lack of integration — Covering a full range of data center and cloud workloads requires separate
products from Micro Focus, which lack any meaningful integration.

No ransomware detection features — Micro Focus lacks integrated capabilities to detect

ransomware anomalies or malware.

Software-only options — Micro Focus lags major players that provide multiple deployment
strategies and architectures including integrated backup appliances, a SaaS control plane and
vendor-managed cloud storage services.

Rubrik

Rubrik is a Leader in this Magic Quadrant. Its backup product portfolio mainly consists of Rubrik
Security Cloud and multiple offerings for data observability and advanced recovery. Rubrik’s
operations are geographically diverse, and its clients are mainly large enterprises. During the
evaluation period, Rubrik added multifactor authentication, NetApp SnapMirror support, additional
cloud tiering for Azure and AWS, direct backup to AWS S3 and Azure Object Store, threat hunting, and
enhanced integration with Nutanix AHV. It also introduced Rubrik Cloud Vault, Microsoft 365 backup
as a service and ransomware recovery warranty.

Strengths
Ease of deployment and use — Gartner inquiries indicate continued customer satisfaction in
Rubrik’s ease of deployment, policy configuration and administration, simplified scaling processes,
global search and index, and integration of deployments through a centralized management
console.

[Link] 10/26
5/30/23, 4:57 PM Gartner Reprint

Ransomware protection and recovery features — Rubrik has a comprehensive and secure product
offering that protects the backup system and data against cyberattacks, detects anomalies and
malware within the backup data, and provides efficient recovery features.

Enterprise adoption — Rubrik’s scaling capabilities and customer support are leading to more
customers in large enterprise organizations within mature markets, replacing a variety of different
competitive solutions.

Cautions
Pricing impacts — Rubrik’s evergreen hardware program, which provided refresh hardware at
renewal, is no longer available for new customers. Existing customers will now receive software
credits for Rubrik’s SaaS-based offerings, which requires an evaluation of licensing options to
avoid impact to total cost of ownership.

Limited SaaS backup — Rubrik lags in support of SaaS applications beyond Microsoft 365, lacking
support for solutions such as Salesforce, Google Workspace, Slack and MS Dynamics.

Narrow NAS Cloud Direct integration — Integration of acquired Igneous technology remains a
work in progress, lacking integration with Rubrik’s Ransomware Investigation and Sensitive Data
Discovery capabilities, limiting features such as anomaly detection and sensitive data
identification.

Unitrends

Unitrends is a Niche Player in this Magic Quadrant. Its backup portfolio consists of the Unitrends
Backup Software, Recovery Series Backup Appliance and Spanning Backup for SaaS application
backup. The vendor’s operations are geographically diverse, and its customers tend to be in the
midmarket segment. In the last 12 months, Unitrends released 10 software updates from version
10.5.3 through 10.6.2. New products include Recovery Assurance and image-level replicas, as well as
new agents for Oracle 19C and Red Hat 8. Continued refinements to the UniView central
management platform include automated agent deployment, unified Google backups and KaseyaOne
SSO.

Strengths
Unified administration — Unitrends provides UniView, offering single administrative access to all
components of the solution including management of appliances, endpoint backup and SaaS
applications.

Appliance portfolio — Unitrends continues to expand its appliance offerings with the addition of
ION and ION+ series desktop appliances for edge and small offices.

Kaseya integration — Unitrends continues to more fully integrate with Kaseya’s IT Complete
portfolio. This will streamline access to technical, billing and support resources, and provide more
features for its customers.
[Link] 11/26
5/30/23, 4:57 PM Gartner Reprint

Cautions
SMB and midsize enterprise focus — Unitrend’s growth initiatives focused on SMB and midsize
enterprise markets and its limited scalability of appliances contribute to lower suitability to large
enterprise accounts.

Limited BaaS strategy — Unitrends lags behind other major players whose vendor-managed BaaS
solutions support multiple cloud and on-premises workloads.

Lack of container support — Unitrends has not introduced any capabilities to protect container
workloads.

Veeam

Veeam is a Leader in this Magic Quadrant. It leads with the Veeam Platform, which is composed of
Veeam Backup & Replication and Veeam ONE for backup monitoring and analytics. Backup for public
cloud environments and DR orchestration are enabled through stand-alone modules. Veeam’s
operations are geographically diversified, and its clients tend to be in the enterprise and midmarket
segments. In the last 12 months, it released 30 product updates as well as plug-ins for eight OEM
partners. Veeam introduced Universal Licenses to replace socket-based licenses, integrated Kasten
with its Veeam 11 backup repository, and added AWS S3 Glacier and S3 Glacier Deep Archive
support.

Strengths
Any size, anywhere customer base — Veeam’s unique product design supports customers of all
sizes using the same codebase, whether a home user or large enterprise. It has extensive
geography and partner relationships to support customers of all sizes and locations.

Kubernetes container support — Veeam acquired Kasten in October 2020 and has integrated its
functionality into its core Veeam scale-out backup repository to provide robust support for
container-based workloads.

Workload and platform support — The Veeam Platform integrates with a wide range of platforms,
servers, storage systems and applications, and all major public cloud service providers to support
data center, cloud and edge use cases.

Cautions
BaaS/DRaaS/storage reliance on partners — Veeam does not have a native BaaS, DRaaS or
storage offering for its customers. These services depend entirely on the Veeam Cloud & Service
Provider (VCSP) partner network, which can be inconsistent in offerings and customer experience,
and defers support and responsibility to the VCSP.

[Link] 12/26
5/30/23, 4:57 PM Gartner Reprint

Overall complexity — Gartner customer inquiries indicate that Veeam can become more complex
to manage as the size of the backup environment increases. This includes deployment of separate
Veeam agents per protected environment, management of multiple backup proxies, and proper
selection of compute and storage infrastructure to align to performance and storage
requirements.

Secure by implementation requirement — Implementing a secure platform together with advanced

ransomware immutability, detection and recovery requires clients to carefully design, deploy and
manage the deployment to mitigate ransomware threats.

Veritas Technologies

Veritas Technologies is a Leader in this Magic Quadrant. Its backup product portfolio mainly consists
of NetBackup, NetBackup Appliances and Backup Exec. Veritas’ operations are geographically
diversified. Its clients tend to be large enterprises and it has some presence in the midmarket. Veritas
announced two major updates to NetBackup — 9.1 and 10.0. These updates include additions for
Kubernetes backup, integrated IT analytics, AI-based anomaly detection and malware scanning, CDP
backups, immutable Object Lock support, and autoscaling architecture for AWS and Azure. Veritas
also announced new offerings of NetBackup SaaS Protection, Access Appliance for long-term data
retention and NetBackup/Recovery Vault cloud-based data storage.

Strengths
Multiple deployment options — NetBackup provides clients multiple deployment options including
scale-out and scale-up appliances, bring your own storage, and virtualized and containerized
appliances.

Cloud-native architecture — The updated architecture of NetBackup now provides autoscaling

cloud client and snapshot services to dynamically scale cloud resources as needed to reduce
dedicated cloud infrastructure.

Large enterprise and multigeography focus — Veritas’ focus on large enterprise organizations
across multiple geographies is supported by sizable investments in sales and presales teams and
a well-established partner ecosystem to advance customer experience.

Cautions
Product features tied to subscription licensing — Veritas clients must transition to new
subscription licensing to gain access to new cloud-based features added to their product offering.

SaaS protection transition — Clients utilizing Veritas SaaS Backup, an OEM arrangement with
Keepit, must transition support to Keepit or enter a new license agreement with Veritas and start
over with new backup jobs in its new NetBackup SaaS Protection offering.

[Link] 13/26
5/30/23, 4:57 PM Gartner Reprint

Technical support challenges — Some Gartner clients have expressed frustration with the quality
and timeliness of customer support responses.

Zerto

Zerto is a Niche Player in this Magic Quadrant. The Zerto platform is a converged backup and DR
solution aimed at protecting workloads both on-premises and in the cloud. Zerto’s
Zerto operations are
geographically diversified. Its clients tend to be large enterprises, and it has some presence in the
midmarket. During the evaluation period, it announced Zerto 9.0, Zerto for Kubernetes, Zerto In-Cloud
for AWS and Zerto Backup for SaaS. Zerto 9.0 included instant VM restore from CDP journal, S3-
compatible storage, data tiering for AWS and Azure, immutability for AWS S3, and self-service file
restore and download. Kubernetes support includes AKS, GKE, IKS, EKS, VMware Tanzu and
OpenShift. Backup for SaaS supports Microsoft 365, Google Workspace, Salesforce, Active Directory
and Dynamics 365.

Strengths
HPE solution selling — Acquired by HPE in September 2021, Zerto is now able to scale its visibility
across multiple regions and expand its alignment directly with HPE customers.

CDP capabilities — Zerto

Zerto’s solutions resonate with customers requiring continuous data protection
and DR capabilities supporting near-zero and granular recovery point objectives of VMs in on-
premises, hybrid and multicloud environments.

Kubernetes support — Zerto has expanded its continuous data protection and DR solutions to
Kubernetes using its journaling technology to recover protected applications to granular recovery
points.

Cautions
Incomplete backup replacement — Zerto has a limited number of customers using its offering for
traditional point-in-time backup requirements. It continues to be primarily deployed for CDP and DR
uses.

Lacking support for nonvirtual workloads — Zerto

Zerto’s solution is focused specifically on virtual
workloads, excluding its offerings from consideration for protecting network-attached storage and
physical servers.

Not everything is CDP — Zerto

Zerto’s latest offering for managing AWS disaster recovery across
regions integrates using cloud native EBS snapshots and APIs rather than a refactored version of
Zerto’s on-premises CDP.
Zerto

Vendors Added and Dropped

We review and adjust our inclusion criteria for Magic Quadrants as markets change. As a result of
these adjustments, the mix of vendors in any Magic Quadrant may change over time. A vendor's
[Link] 14/26
5/30/23, 4:57 PM Gartner Reprint

appearance in a Magic Quadrant one year and not the next does not necessarily indicate that we
have changed our opinion of that vendor. It may be a reflection of a change in the market and,
therefore, changed evaluation criteria, or of a change of focus by that vendor.

Added
HYCU

Dropped
None
Inclusion and Exclusion Criteria
The following criteria represent the specific attributes that analysts believe are necessary for
inclusion in this research:

The vendor must meet at least one of the following revenue criteria. Revenue must be derived
solely from its backup and recovery product portfolio. This revenue should not include revenue
generated from implementation services, BaaS hoster or managed services.

The vendor must have generated license (perpetual and/or subscription) and maintenance
revenue (GAAP) of greater than $50 million over the last four quarters ending 28 February 2022;
(or) The vendor must have generated licenses (perpetual and/or subscription) and maintenance
revenue (GAAP) of greater than $25 million, combined with a year-over-year growth rate of 20%,
over the last four quarters ending 28 February 2022.

The vendor’s qualifying backup and recovery solution(s) must be sold and marketed primarily to
upper-end midmarket and large enterprise organizations. Gartner defines the upper-end midmarket
as being 500 to 999 employees, and the large enterprise as being 1,000 employees or greater.

The vendor must employ at least 100 full-time employees in engineering, sales and marketing
functions combined.

The vendor’s qualifying backup and recovery solution must focus on protecting enterprise
environments running in the data center (traditional data center or a colocation facility) plus
protect cloud-based IaaS, PaaS and SaaS workloads. Remote site protection is seen as an
extension to these core capabilities.

The vendor must have at least one qualifying backup and recovery solution commercially available
for use by enterprises for three calendar years prior to 1 March 2022; i.e., it must have been
commercially available at least as early as 1 March 2019.

New products or updates to existing products that were released in the last 12 months must be
generally available on or before 31 March 2022 to be considered for evaluation. All products and
updates must be publicly available, shipping and included on the vendor’s published price list as of

[Link] 15/26
5/30/23, 4:57 PM Gartner Reprint

this date. Products shipping after this date will only have an influence on the Completeness of
Vision axis.
The vendor must serve an installed base of at least 1,000 customers within the market as defined
in this Magic Quadrant. In addition, at least 250 of the 1,000 customers must have deployed the
backup solution for a minimum of 100 physical servers or 300 virtual servers in a single
deployment site or cloud region. This excludes endpoint backups.

The vendor must actively sell and support its backup and recovery products under its own brand
name in at least three of the following major geographies — North America, EMEA, Asia/Pacific
and South America. At least 25% of total revenue must originate from outside its major geography.

The product must be installed in at least three of the following major geographies (North America,
EMEA, Asia/Pacific and South America). Vendor will provide evidence of a minimum of 50
production customers brought to revenue in each of the three geographies.

The vendor solution must support backup and granular restores of data in each of the following
environments:

Hypervisor: VMware and Hyper-V via integration with backup frameworks provided by these
hypervisors.

Applications: Microsoft Exchange and Microsoft SharePoint or support Microsoft 365 backup.

Operating Systems: Windows, Linux.

Databases: Database consistent backup of Oracle and Microsoft SQL Servers.

Product may be sold as a software-only offering, as an integrated backup storage appliance

(backup application plus backup storage in a single integrated offering) or a backup as a service
(BaaS) offering.

The following exclusion criteria apply:

Vendors offering products or solutions whose software is sourced entirely from a third-party
independent software vendor (ISV).

Products that serve only as a target or destination for backup but do not actually perform the
backup and restore management function. Examples include purpose-built deduplication
appliances, SAN, NAS or object storage.

Vendors that backup directly to the public cloud without storing a local copy on-premises.

[Link] 16/26
5/30/23, 4:57 PM Gartner Reprint

Vendors whose main source of product revenue (more than 75% of total revenue) is from data
center hosters and managed service providers.

Products or solutions that are designed and positioned as solutions for backing up endpoints such
as laptops, desktops and mobile devices.

Products or solutions that are designed and positioned as solutions to back up remote offices,
edge locations and lower midmarket/SMB environments.

Products or solutions designed for homogeneous environments — such as tools designed to back
up only Microsoft Hyper-V, VMware, Red Hat or containers.

Products or solutions designed to back up specific storage or hyperconverged systems vendors.

Products that serve only as replication and disaster recovery tools.

Products that serve primarily for managing snapshot and replication capabilities of storage arrays.

Products that are positioned mainly for copy data management.

Products that are mainly continuous data protection solutions.

Honorable Mentions
Gartner tracks more than 30 vendors in this market. Fourteen met the inclusion criteria for this Magic
Quadrant; however, the exclusion of a provider does not mean that the vendor and its products lack
viability. Below are noteworthy vendors that did not meet all inclusion criteria but could be
appropriate for clients, contingent on requirements.

Bacula Systems: This enterprise backup and recovery software solutions vendor is headquartered in
Switzerland. Bacula Systems provides software-based offerings as OpenSource and as commercially
licensed and supported products. Bacula Systems’ solutions support a variety of workloads in data
center, cloud and edge use cases.

NAKIVO: This enterprise backup and recovery software solutions vendor is headquartered in Sparks,
Nevada, U.S. NAKIVO provides software-based solutions that support a variety of workloads in data
center, cloud and edge use cases.
Evaluation Criteria
Ability to Execute

Table 1: Ability to Execute Evaluation Criteria

[Link] 17/26
5/30/23, 4:57 PM Gartner Reprint

Evaluation Criteria Weighting

Product or Service High

Overall Viability High

Sales Execution/Pricing High

Market Responsiveness/Record High

Marketing Execution Low

Customer Experience High

Operations NotRated

Source: Gartner (July 2022)

Completeness of Vision

Table 2: Completeness of Vision Evaluation Criteria

Evaluation Criteria Weighting

Market Understanding High

Marketing Strategy Medium

Sales Strategy Medium

[Link] 18/26
5/30/23, 4:57 PM Gartner Reprint

Evaluation Criteria Weighting

Offering (Product) Strategy High

Business Model Medium

Vertical/Industry Strategy Medium

Innovation High

Geographic Strategy Medium

Source: Gartner (July 2022)

Quadrant Descriptions

Leaders
Leaders have the highest combined measures of Ability to Execute and Completeness of Vision.
They have the most comprehensive and scalable product portfolios. They have a proven track record
of established market presence and financial performance. For vision, they are perceived in the
industry as thought leaders and intellectual property (IP) creators, and have well-articulated plans for
enhancing recovery capabilities, improving ease of deployment and administration, and increasing
their scalability and product breadth. For vendors to have long-term success, they must aim to
support data protection requirements of hybrid IT. A cornerstone for Leaders is the ability to
articulate how new requirements will be addressed as part of their vision for recovery management.

As a group, Leaders can be expected to be considered as part of most new purchase proposals and
to have high success rates in winning new business. This does not mean, however, that a large
market share alone is a primary indicator of a Leader. Leaders are strategic vendors that are well-
positioned for the future, having established success in meeting the needs of upper-midsize and
large enterprise data centers.

Challengers

[Link] 19/26
5/30/23, 4:57 PM Gartner Reprint

Challengers can execute today, but may have a more limited vision than Leaders, or have yet to fully
produce or market their vision. They have capable products and can perform well for many
enterprises. These vendors have the financial and market resources and the capabilities to
potentially become Leaders. Yet, the important question is whether they understand the market
trends and market requirements to succeed tomorrow, and whether they can sustain their
momentum by executing at a high level over time.

A Challenger may have a robust backup portfolio, but not yet been able to fully leverage its
opportunities or does not have the same ability as Leaders to influence end-user expectations and/or
be considered for substantially more or broader deployments. Challengers may not aggressively
compete outside their existing account base and focus mainly on retention. These vendors may not
devote enough development resources to delivering products with broad industry appeal and
differentiated features in a timely manner, or may not effectively market their capabilities and/or fully
exploit enough field resources to result in a greater market presence.

Visionaries
Visionaries are forward-thinking, advancing their portfolio capabilities ahead, or well-ahead, of the
market, but their overall execution has not propelled them into being Challengers or possibly Leaders.
Often, this is due to limited sales and marketing, or elongated time to initially install and configure,
but is sometimes due to scalability or breadth of functionality and/or platform support. These
vendors are predominantly differentiated by product innovation and perceived customer benefits.
However, because some are relatively new to the market, they have not yet achieved solution
completeness or sustained broad sales, and marketing and mind share success, nor demonstrated
the continued successful large-enterprise deployments required to give them the higher visibility of
Leaders.

Some vendors move out of the Visionaries quadrant and into the Niche Players quadrant because
their technology is no longer visionary (the competition caught up to them). In some cases, they have
not been able to establish a market presence that justifies moving to the Challengers or Leaders
quadrants, or even remaining in the Visionaries quadrant.

Niche Players
It is important to note that Gartner does not recommend eliminating Niche Players from customer
evaluations. Niche Players are specifically and consciously focused on a subsegment of the overall
market, or they offer relatively broad capabilities without very-large-enterprise scale or the overall
success of competitors in other quadrants. In several cases, Niche Players are very strong in the
upper-midsize-enterprise segment, and they also opportunistically sell to large enterprises, but with
offerings and overall services that, at present, are not as complete as other vendors focused on the
large-enterprise market.

Niche Players may focus on specific geographies, vertical markets, or a focused backup deployment
or use-case service; or they may simply have modest horizons and/or lower overall capabilities
[Link] 20/26
5/30/23, 4:57 PM Gartner Reprint

compared with competitors. Other Niche Players are too new to the market or have fallen behind,
and, although worth watching, have yet to fully develop complete functionality or to consistently
demonstrate an expansive vision or the Ability to Execute.
Context
Infrastructure and operations (I&O) leaders tasked with backup operations must redesign the backup
infrastructure to include the following aspects of technology, operations and consumption:

Invest in backup solutions that address data protection requirements in the data center, public
cloud and edge environments. Favor solutions that offer a single pane of glass to manage these
distributed environments.

Choose backup solutions that provide a comprehensive solution for ransomware anomaly and
malware detection, and expedited recovery capabilities from ransomware attacks.

Understand thoroughly the level of resilience provided on the primary backup copy and the need to
invest in additional backup copies to ensure backup resilience.

Choose products that offer a secure and granular recovery testing experience.

Align the backup architecture with their organization’s operational recovery needs. Optimize
backup storage usage by using disk-based backup appliances or SAN storage for operational
recovery, and either on-premises tape or object storage or public cloud storage for long-term
retention.

Thoroughly understand the long-term total cost of ownership of moving from perpetual licensing
to subscription-based licensing models. For subscriptions, understand the cost implications of
annualized payments versus upfront payments, and of exiting the subscription before the term is
complete.

Understand the long-term cost implications of various pricing models offered by vendors — VM-
based, socket-based, node-based, universal-based, front-end TB, back-end TB and agent-based.
Invest in the right model based on the application and infrastructure roadmap of the organization.

Select vendors that support tiering of backup copies to the public cloud and in the public cloud to
save on on-premises storage costs. Choose solutions that support recovery of applications from
backup copies in the public cloud to address test/development or DR use cases.

Select vendors that are able to augment the value of backup data by making it available to address
compliance requirements, support analytics, reuse backup data for test/development and provide
add-on capabilities such as DR.

Market Overview
[Link] 21/26
5/30/23, 4:57 PM Gartner Reprint

The enterprise backup and recovery software market underwent significant transformation in the
past two years. Backup vendors evaluated in this Magic Quadrant mainly focused on the following
areas:

Centralized management: As enterprises move toward a hybrid IT model, and workloads are
distributed across the data center, public cloud and the edge, protecting these workloads,
irrespective of location, is critical. Leading backup vendors are addressing this by offering a
management platform that can be deployed either in the main data center or increasingly as a
service hosted in the public cloud.

Ransomware resilience, detection and remediation: The increase in the number of ransomware
attacks has resulted in vendors taking concrete steps toward providing ransomware detection and
remediation as well as a resilient backup infrastructure. While most vendors support the creation
of immutable second copies of backup through write once, read many (WORM)-enabled storage,
more vendors are aiming to make the primary backup repository more resilient by supporting
immutable snapshots. Leading vendors have built capabilities to detect ransomware attacks by
monitoring behavioral anomalies of protected data and are adding malware detection provided by
partnering with security vendors or by developing these capabilities in-house. Most vendors also
aim to simplify the ransomware recovery process through creation of an isolated test environment
and provide a clean backup copy to recover specific files. Such efforts remain largely works in
progress.

BaaS offerings: Leading backup vendors are expanding BaaS capabilities to include on-premises,
IaaS, PaaS and SaaS environments. While generally not replacing on-premises backup
deployments, Gartner clients are investing in BaaS offerings to complement these deployments to
simplify protection of environments, including selected on-premises workloads and edge and
public cloud.

Support for public cloud IaaS and PaaS backup: During the evaluation period, leading on-premises
backup vendors increased their investment toward building capabilities to protect cloud-native
workloads, particularly VMs and applications hosted in AWS, Microsoft Azure and Google Cloud
Platform. Some backup vendors are also supporting backup of DBaaS products such as Amazon
RDS, Amazon Aurora and Microsoft Azure SQL. While some vendors integrated the backup
software with the native snapshot capabilities offered by these cloud providers, most continue to
reuse their existing backup software “as is” in the cloud to provide agent-based backup of the
applications hosted in the cloud.

Support for SaaS-based applications: I&O leaders have begun to include SaaS applications such
as Microsoft 365, Google G Suite and Salesforce as a part of their backup strategy. Most vendors
evaluated in this research have started delivering Microsoft 365 backup via partners or developing
these capabilities in-house. Protecting other SaaS applications, such as Salesforce, Microsoft
Dynamics 365, ServiceNow and Workday, remains largely a work in progress.

[Link] 22/26
5/30/23, 4:57 PM Gartner Reprint

Tiering to the public cloud: Most vendors evaluated in this Magic Quadrant support tiering backup
data to the public cloud. This reduces on-premises backup storage costs. The most commonly
supported public cloud storage targets are Amazon Simple Storage Service (Amazon S3) and
Azure Blob storage. Backup data in most cases is self-describing, meaning that if the on-premises
data and catalog are lost, then an instance of the backup software can be reinstalled in the cloud
and data can be restored. Some vendors also integrate with the life cycle policies of cloud
providers (for example, data migration from AWS S3 to Glacier, or Azure Blob to Azure Archive Blob
storage).

Recovery in the public cloud: Today, leading backup vendors support restoring backup data to
servers in the public cloud. An instance of the backup software can be installed in the public cloud,
and backup data can be restored to a compute instance in the public cloud. This provides quick
operational recovery if the on-premises environment is not available. The backup data can also be
used for test/development purposes in the public cloud.

NoSQL database backup: While traditional enterprises continue to run their core business
applications on relational database management system (RDMS) databases such as Oracle and
Microsoft SQL, Mode 2 projects such as big data usually leverage NoSQL databases such as
MongoDB and Cassandra. As these projects begin to scale and deliver tangible value, there is a
growing need to protect such environments. Established vendors such as Commvault, Dell
Technologies and Veritas Technologies have started addressing these backup requirements by
building such capabilities natively into the backup platform. Vendors such as Rubrik and Cohesity
have made strategic acquisitions in this space.

Instant recovery of databases, virtual machines and file systems: A majority of vendors support
instant recovery of VMs by mounting the backed-up VM directly on the production host via NFS.
VMs can thus become instantly available, while the actual recovery process can be initiated in the
background. Vendors such as Cohesity and Rubrik offer instant recovery of databases such as
Microsoft SQL and Oracle, while Veeam also offers point-in-time file share access from backups
via read-only SMB file share.

Container backup: Leading vendors announced support for container backup either by building
these capabilities natively into their existing platform or through acquisitions. While Gartner client
inquiries show low interest for container backup, we anticipate that it will increase in adoption, as
more containers using persistent storage are deployed to support production workloads.

Licensing models: While some perpetual licensing options remain available, all major vendors in
this market have transitioned to providing their software offerings through subscription-based
licensing models. Most subscription-based licensing offers are multiple-year-term agreements.
Consumption-based licensing is an emerging trend for licensing that provides the ability to license
what is in use based on metering at more frequent intervals.
Evaluation Criteria Definitions
[Link] 23/26
5/30/23, 4:57 PM Gartner Reprint

Ability to Execute
Product/Service: Core goods and services offered by the vendor for the defined market. This
includes current product/service capabilities, quality, feature sets, skills and so on, whether offered
natively or through OEM agreements/partnerships as defined in the market definition and detailed in
the subcriteria.

Overall Viability: Viability includes an assessment of the overall organization's financial health, the
financial and practical success of the business unit, and the likelihood that the individual business
unit will continue investing in the product, will continue offering the product and will advance the
state of the art within the organization's portfolio of products.

Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that
supports them. This includes deal management, pricing and negotiation, presales support, and the
overall effectiveness of the sales channel.

Market Responsiveness/Record: Ability to respond, change direction, be flexible and achieve

competitive success as opportunities develop, competitors act, customer needs evolve and market
dynamics change. This criterion also considers the vendor's history of responsiveness.

Marketing Execution: The clarity, quality, creativity and efficacy of programs designed to deliver the
organization's message to influence the market, promote the brand and business, increase
awareness of the products, and establish a positive identification with the product/brand and
organization in the minds of buyers. This "mind share" can be driven by a combination of publicity,
promotional initiatives, thought leadership, word of mouth and sales activities.

Customer Experience: Relationships, products and services/programs that enable clients to be

successful with the products evaluated. Specifically, this includes the ways customers receive
technical support or account support. This can also include ancillary tools, customer support
programs (and the quality thereof), availability of user groups, service-level agreements and so on.

Operations: The ability of the organization to meet its goals and commitments. Factors include the
quality of the organizational structure, including skills, experiences, programs, systems and other
vehicles that enable the organization to operate effectively and efficiently on an ongoing basis.

Completeness of Vision
Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate
those into products and services. Vendors that show the highest degree of vision listen to and
understand buyers' wants and needs, and can shape or enhance those with their added vision.

Marketing Strategy: A clear, differentiated set of messages consistently communicated throughout

the organization and externalized through the website, advertising, customer programs and
positioning statements.

[Link] 24/26
5/30/23, 4:57 PM Gartner Reprint

Sales Strategy: The strategy for selling products that uses the appropriate network of direct and
indirect sales, marketing, service, and communication affiliates that extend the scope and depth of
market reach, skills, expertise, technologies, services and the customer base.

Offering (Product) Strategy: The vendor's approach to product development and delivery that
emphasizes differentiation, functionality, methodology and feature sets as they map to current and
future requirements.

Business Model: The soundness and logic of the vendor's underlying business proposition.

Vertical/Industry Strategy: The vendor's strategy to direct resources, skills and offerings to meet the
specific needs of individual market segments, including vertical markets.

Innovation: Direct, related, complementary and synergistic layouts of resources, expertise or capital
for investment, consolidation, defensive or pre-emptive purposes.

Geographic Strategy: The vendor's strategy to direct resources, skills and offerings to meet the
specific needs of geographies outside the "home" or native geography, either directly or through
partners, channels and subsidiaries as appropriate for that geography and market.

© 2023 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its
affiliates. This publication may not be reproduced or distributed in any form without Gartner's prior written
permission. It consists of the opinions of Gartner's research organization, which should not be construed as
statements of fact. While the information contained in this publication has been obtained from sources believed to
be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information.
Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment
advice and its research should not be construed or used as such. Your access and use of this publication are
governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its
research is produced independently by its research organization without input or influence from any third party. For
further information, see "Guiding Principles on Independence and Objectivity." Gartner research may not be used as
input into or for the training or development of generative artificial intelligence, machine learning, algorithms,
software, or related technologies.
[Link] 25/26
5/30/23, 4:57 PM Gartner Reprint

About Careers Newsroom Policies Site Index IT Glossary Gartner Blog Network Contact Send Feedback

© 2023 Gartner, Inc. and/or its Affiliates. All Rights Reserved.

[Link] 26/26