# Storage overview

**Xopero Unified Protection (XUP) implements a multi-layered data immutability architecture to mitigate the impact of ransomware attacks and reduce the risk of threat propagation within the storage infrastructure.**

***

## General information

The **Xopero ONE** system compresses and encrypts data, storing it in non-executable formats. The solution uses immutable storage compliant with the WORM standard, preventing accidental or intentional encryption, modification, or deletion of backup data. Authentication mechanisms restrict access to the storage, ensuring that ransomware cannot access stored data, even if the source machine is compromised.

The **AirGap** data protection method, based on xSAIR (Secure AirGap Immutable Repository) technology, provides an additional layer of security by isolating data within a demilitarized zone (DMZ) and enabling replication to the isolated environment (an additional **XUP** appliance). As part of **Xopero Unified Protection**, the **AirGap** solution helps ensure resilient, threat-resistant data storage systems.

***

## Data retention and protection mechanisms

To ensure the highest level of security, **XUP** data storage uses advanced protection rules to prevent unauthorized or accidental data deletion. It is based on two key mechanisms: versioning and compliance.

### <mark style="background-color:blue;">Versioning</mark>

The versioning feature is configured with a 7-day retention period — each modification or overwrite attempt creates a new data iteration, while previous versions are retained for one week. This allows users to restore data from any backup point within that period.

### <mark style="background-color:blue;">Compliance</mark>

An additional layer of protection is based on the compliance mechanism, configured with a 24-hour retention window. In this mode:

* Data can be deleted only after the minimum retention period of 7 days has elapsed.
* After this period, an additional 24-hour buffer is activated, preventing final data deletion.
* **During the compliance lock period, no user (including the root administrator) can delete protected data earlier.**

The combination of these mechanisms creates an effective security barrier that significantly extends the time required to execute a destructive attack on the data.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helpcenter.xopero.com/xopero-one-en/xopero-unified-protection/device-information/storage-overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.