Active Directory Forest Recovery

Additional Info

Company size (employees)100 to 499
Type of solutionCloud/SaaS


In a cyber disaster, Microsoft Active Directory (AD) – the distributed security system that controls user authentication and system authorization in over 90% of the world’s medium and large organizations – is mission-critical because it’s foundational to recovering everything else on the network. Legacy protocol for AD recovery demands a resource-intensive and error-prone process that costs organizations days or even weeks of downtime.   

Semperis Active Directory Forest Recovery automates recovery of the entire forest (the collection of more than one domain trees) with just a few clicks – ensuring fast, clean, and painless restores. This “cyber-first” recovery approach saves millions of dollars in unnecessary business interruption.  Its fully automated forest recovery process also avoids human errors, reducing downtime to minutes instead of days or even weeks, and eliminating the risk of malware reinfection.  

Traditional Active Directory backup tools address recovery only from IT operational issues, where AD is affected but host servers are not. Legacy approaches such as bare-metal recovery (BMR) carry severe underlying issues, particularly when restoring AD after a cyberattack. For starters, BMR backups, like system state backups, contain boot files, executables, and other OS artifacts where malware can linger and reinfect restored domain controllers (DCs).  

Semperis’ patented technology separates AD from the underlying Windows operating system and restores only what’s needed for the server’s role as a DC, DNS server, DHCP server, etc. This approach eliminates the risk of malware re-infection during restore. Additionally, Semperis’ cyber-first capabilities empower organizations to recover AD to alternate hardware (virtual or physical) if servers are destroyed or their firmware is infected.  

Today, Semperis AD Forest Recovery protects more than 50 million identities and has been adopted by customers in the Fortune 500, government, financial, healthcare, and other industries worldwide. Semperis is accredited by Microsoft and recognized by Gartner. 

How we are different

Cyber-first AD recovery:  Semperis ADFR enables organizations to recover operations to a known-secure state following an Active Directory cyberattack. If Active Directory is down, business stops. With malware running rampant, the threat of an AD disaster is greater than ever. In many cases, domain controllers are being weaponized to spread ransomware and encrypt thousands of machines at once. And opportunistic attackers are compromising targeted networks several months before deploying the ransomware, waiting to monetize their attacks until they see the most financial gain. Still, only 1-in-5 organizations have a tested plan in place for recovering AD after a cyberattack. Semperis has built the market’s only backup and recovery solution capable of cleanly restoring AD within minutes or hours (rather than days or weeks) after cyber disasters such as ransomware and wiper attacks – even if domain controllers are infected or wiped out completely.  Its clean restore approach also eliminates the risk of malware re-infection from system state and bare-metal recovery. 

Simplicity and speed: When the business is down, every second counts and complexity is the enemy. Semperis AD Forest Recovery automates recovery of the entire forest (the collection of more than one domain trees) process with just a few clicks – ensuring fast, clean, and painless restores. By automating the entire forest recovery process, businesses can avoid human errors and cut downtime by 90%.  

Cost-effectiveness: Traditional AD recovery burns time and money. Semperis AD Forest Recovery doesn’t just save businesses from costly outages, it also shrinks overhead with advanced automation, anywhere recovery, and easy DR testing capabilities. Businesses can recover to alternate hardware – virtual or physical – on premises or in the cloud.