Protection groups allow you to schedule recurring snapshots of VMs on your protected site and replicate them to a cloud file system.

After snapshots replicate to a cloud file system, those snapshots can be accessed by DR Plans, for recovery and test recovery operations. When you configure a DR Plan, you can choose protection groups that have scheduled replication to a cloud file system, and when you initiate a failover operation, you can select snapshots to use for recovery.

Snapshot Frequency

VMware Cloud Disaster Recovery provides two types of snapshots for protection groups, based on snapshot frequency:
  • Standard-frequency snapshots. Standard-freqeuncy snapshots allow you to set snapshots schedules every hour, 4, 6, 8, or 12 hours, daily, weekly, or monthly.
  • High-frequency snapshots. With high-frequency snapshots, you can set snapshots schedules every 30 minutes, every hour, 2, 4, 8, and 12 hours, as well as daily, weekly, or monthly.

    To use high-frequency snapshots, you need to upgrade to VMware vCenter Server 7.0 Update 2c-vcdr and VMware ESXi 7.0 Update 2c-vcdr. This version of vCenter and ESXi is only available to download from in the VMware Cloud Disaster Recovery UI. For more information, see Getting the Software for HIgh-Frequency Snapshots.

    If you are not sure if all hosts on a protected site are fully compatible, you can run a host compatibilty check.

    Additionally, before you use high-frequency snapshots, read about these caveats and limitations for using the feature.

Dynamic Group Membership

A protection group query dynamically defines the protection group membership at the time a snapshot is taken. Protection groups provide three types of queries: 

  • VM name pattern. A VM name pattern is a string of characters that matches the names of VMs in your vSphere inventory, either for inclusion or exclusion in the protection group snapshot. Any VMs that match the pattern specified become included (or explicitly excluded from) the protection group for snapshots.
  • Folders. You can add VM folders that are present in your vSphere inventory to a protection group, so that all VMs in those folders are included in snapshots. Folder selection does not include sub folders. To include sub folders, select them manually.
    Note: Folder based snapshots are not supported for VMs that are a part of vApp.
  • vSphere tags. You can use tags to determine protection group membership. Any VMs that match the tags you specify are included in the protection group snapshot. You can select any tags defined in vSphere on the protected site. For successful failover operations, ensure that the selected tags also exist on the target Recovery SDDC vCenter, or the compliance check display warnings, and the failback operation will fail.
    Note: Creating, deleting, and assigning vSphere tags on VMs are not immediately visible to protection groups. For example, if you create a new tag and associate it with 10 VMs, a protection group might not immediately show the VMs associated with this tag. Typically, it can take up to 15 minutes for vSphere tags to appear in protection groups, but usually is much faster.
    Note: Protection groups queries based on a vSphere tags are not supported on protected sites running vSphere 6.0. This means that if your protected site is running vSphere 6.0, you cannot create a tag query.

Before a protection group takes a snapshot, VMs that match any name patterns are evaluated first, and then are combined with any defined folder and tag queries.

Hence, if you use an exclusion name pattern in your query for a protection group, it is possible that other Folder or tag queries defined in protection group override the previously excluded name pattern. For example, if one of your queries excludes a VM by name, if that same VM lives inside a folder you have selected in a Folders query, that VM is included in the snapshot.

To verify the snapshot before a scheduled job, take a manual snapshot.

Note: If you want to create a VM name pattern to match VMs that are named using the following specical characters, they must be escaped (prefixed with \ ) in the specified name pattern: ? , * .

Snapshot Retention

A protection group snapshot retention policy defines how long snapshots are stored on the cloud file system. You can set retention for any duration of hours, days, weeks, months, or years.