Overview
Druva Identity Resilience is a fully managed, cloud-native Software-as-a-Service (SaaS) data protection solution. It is designed to secure and restore Identity Provider (IdP) environments.
The Importance of Identity Protection
Identity is classified as Tier 0 infrastructure, meaning it is the primary gateway to all users, applications, and systems. If an IdP is compromised, recovery stalls because restoring workloads is impossible without a trusted identity foundation. Druva closes this security gap by providing:
Air-gapped Backups: Backups are physically and logically isolated from the source tenant.
Immutable Storage: Data cannot be altered or deleted during a compromise.
Security-First Recovery: Provides a clean foundation for broader system restoration.
Supported Identity Platforms
Druva Identity Resilience provides centralized backup and recovery for three primary platforms: Microsoft Active Directory, Microsoft Entra ID, and Okta.
1. Microsoft Active Directory (AD)
Druva protects on-premises Active Directory environments across both the domain and forest levels.
Key Features
Comprehensive Coverage: Users, Groups, Computers, Contacts, Organization Unit, Group Policy Objects, ADFS Configuration, Domain Controller Service Configuration
Automated Schedules: Flexible schedules (daily/weekly, etc.), with default daily full system state on each DC.
Secure Storage: Encryption in transit (TLS 1.2+) and at rest (AES-256); supports Druva KMS and BYOK.
Granular Object Restore: Restore Users, Groups, and Organization Units (OUs) without restarting DCs.
Forest-Level Recovery: Guided workflows for full forest disaster recovery.
For more information about capabilities, configuration steps, and prerequisites, see the Quick Start Guide -Active Directory.
2. Microsoft Entra ID
Druva backs up Microsoft Entra ID (formerly Azure AD) to maintain access to Microsoft 365 and Azure Cloud resources.
Key Features
Users & Relationships: Get a policy-based approach to automatically protect user objects and their associated metadata. Restore users along with their relationships, such as organizational hierarchy and reporting structures, ensuring continuity.
Groups & Memberships: Safeguard group objects and maintain the integrity of group memberships. Recover groups with their exact member lists intact, crucial for maintaining access controls and operational workflows.
Roles & Associations: Protect role objects and their associations with users and groups. Ensure that role-based access controls are quickly restored, maintaining security and compliance post-recovery.
Devices (View / Download Only): Back up device metadata and configurations. View and download device information to facilitate governance and compliance requirements.
Conditional Access Policies: Safeguard conditional access objects with their properties, assignments, and access controls, enabling seamless restoration of security policies and enforcement rules.
For more information about capabilities, configuration steps, and prerequisites, see Quick start Guide - Entra ID.
3. Okta
Druva provides automated backups for Okta org, addressing the shared-responsibility model for tenant data.
Key Features
Automated Backups: Protect critical Okta objects, including Users, Groups, App Configurations, and Policies (SSO, MFA) with efficient incremental backups.
Air-Gapped and Immutable Backups: Isolate backups from the source tenant to protect against deletion, tampering, and cyber threats.
Granular Recovery: Restore individual users, groups, or policies without overwriting the full tenant.
Full-Org Recovery: Orchestrate restores by identifying and consistently recovering objects and relationships.
Cross-Tenant Recovery: Recover to a clean instance or configure seeding across tenants. Re-establish clean instances with rapid disaster recovery and configuration seeding across tenants.
Compliance Reporting: Support resilience mandates with detailed logs and reporting.
For more information about capabilities, configuration steps, and prerequisites, see Druva for Okta: Quick Start Guide
Licensing
Druva Identity Resilience capabilities for Microsoft Active Directory, Microsoft Entra ID, and Okta are licensed under an Enterprise Per User model.
This Enterprise tier includes comprehensive access to the offering's core features across all three workloads, such as:
Autonomous, automated protection schedules
Air-gapped, immutable backups
Unlimited retention (for AD and Entra ID)
Relationship and member mapping
Access to the DruAI Intelligence Layer and agentic workflows for incident investigation
For detailed licensing information and a full list of features, see Plans & Pricing.