Guest File Recovery

VMware Live Cyber Recovery snapshots allow you to download guest files of individual VMs to recover those files to a safe site.

Guest files downloaded as ZIP packages, which you can unzip and manually restore to the destination of your choice.

Guest files are downloaded to the browser host where guest file recovery is being performed. For example, you can use guest file recovery to find a clean guest file from an older but known good snapshot of a VM.

You can run a recovery plan for ransomware and when a VM is in validation, you can open a browser on the VM running in the recovery SDDC and download imported guest files from a more recent snapshot directly into the running VM. After clean guest files have been downloaded to the VM, you can complete security analysis and recover the VM back to production.

Every guest file download is also available as a link from the Monitor > Tasks list that you can send to other users. The download link expires after six hours. The user on the local system must have file-level permissions to unzip the package.

Note: If you are using access lists for VMware Live Cyber Recovery, only IP addresses listed in the Management access list can download a guest file for recovery.

Best Practice:

For security reasons, guest file download links are valid for six hours after the task completes. Any attempt to access an expired link results in an HTTP 403 forbidden error. Download links for this feature use enterprise grade encryption at the source and only allow SSL-based connections for download. Each download link contains both proof of identity and means of authentication, so anyone with the link can download the file. Share these links only at the discretion of the backup administrator. As a security best practice, use great caution while sharing these links.

Guest file recovery supports the following file systems:

Windows: NTFS and FAT32.
Linux: Ext3 and Ext4.

Guest file recovery does not support the following technologies:

Windows dynamic volumes.
Linux VMs that use Logical Volume Manager (LVM)
Linux VMs formatting with the XFS file system.
Microsoft Storage Spaces.

Current caveats for guest file recovery:

You can run one guest file download at a time.
During guest file recovery on Windows VMs, you might see drives or partitions that are un-selectable and listed as unsupported. These drives and partitions are reserved by Microsoft OS and are not accessible buy VMware Live Cyber Recovery.
Maximum path length of the download file directory = 255 characters.
Maximum number of files or folder paths per ZIP package = 25. A folder path that contains multiple files is only counted as one item in the ZIP package out of a maximum of 25.
Maximum individual file size allowable for download = 40 GB. This means that any given file in a download package cannot be larger than 40 GB.
Maximum ZIP package export size = 100 GB.
Windows OS unzip utility. Currently, restoring guest files does not support using the Windows OS default unzip utility in the File Explorer. Use 7ZIP or WinRAR utility on Windows systems for guest file restore operations.

Recovering Guest Files on a Recovery SDDC

If you are restoring VM guest files or folders directly on a VM in a recovery SDDC on VMware Cloud on AWS, you must first configure access to the cloud file system S3 bucket in AWS. The cloud file system, where protection group snapshots are stored, uses S3 as a repository of recovery points.

You have two options for configuring access for guest file restore from the cloud file system into a VM on a recovery SDDC;

Use an S3 endpoint in a linked customer account. Create the endpoint in a linked account, and then add VMC firewall rules, described here: Access an S3 Bucket Using an S3 Endpoint. Or
Use an internet gateway to access your S3 bucket. This method also requires deactivating the S3 option on the connected Amazon VPC for your SDDC. For information, see Access an S3 Bucket Using the Internet Gateway.