The appendix aggregates design decisions that determine the deployment configuration to support Cloud-Based Ransomware Recovery for VMware Cloud Foundation validated solution. You can use this design decisions list for reference related to the end state of the environment and potentially to track your level of adherence to the design and any justification for deviations
Deployment Specification
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-CFG-001 |
Deploy two VMware Live Cyber Recovery Connector appliances in the default management vSphere cluster. |
Required to establish secure communication between the VMware Cloud Foundation instance and VMware Live Cyber Recovery. |
The VMware Live Cyber Recovery Connector appliances must be able to connect to the internet through a firewall. |
CBR-CDP-CFG-002 |
Protect the VMware Live Cyber Recovery Connector appliances by using vSphere High Availability. |
Supports the availability objective without requiring manual intervention during an ESXi host failure. |
None. |
CBR-CDP-CFG-003 |
Place the VMware Live Cyber Recovery Connector appliances in a designated virtual machine folder. |
Provides organization of the appliances in the management domain vSphere inventory. |
You must create the virtual machine folder during deployment. |
CBR-CDP-CFG-004 |
Apply vSphere Distributed Resource Scheduler anti-affinity rules to the VMware Live Cyber Recovery Connector appliances. |
vSphere Distributed Resource Scheduler prevents the VMware Live Cyber Recovery Connector appliances from residing on the same ESXi host and impacting the performance of replications. |
|
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-CFG-005 |
When using two availability zones, add the VMware Live Cyber Recovery Connector appliances to the VM group of the first availability zone. |
Ensures that the VMware Live Cyber Recovery Connector appliances run in the primary availability zone hosts group. |
After the implementation of the second availability zone for the management domain, you must update the VM group for the primary availability zone virtual machines to include the VMware Live Cyber Recovery Connector appliances. |
Network Design
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-NET-001 |
Place the VMware Live Cyber Recovery Connector appliances on the management VLAN. |
|
None. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-NET-002 |
Allocate statically assigned IP addresses from the management VLAN to the VMware Live Cyber Recovery Connector appliances. |
Using statically assigned IP addresses ensures stability of the deployment and simplifies maintenance and tracking. |
Requires precise IP address management. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-NET-003 |
Configure forward and reverse DNS records for the VMware Live Cyber Recovery Connector appliance IP addresses. |
Ensures the appliances are accessible by using a fully qualified domain name instead of using IP addresses only. |
|
CBR-CDP-NET-004 |
Configure DNS servers on the VMware Live Cyber Recovery Connector appliances. |
Ensures the appliance has accurate name resolution. |
|
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-NET-005 |
Use VMware Tools™ to synchronize time from ESXi hosts for the VMware Live Cyber Recovery Connector appliances. |
Prevents time mismatches between the the VMware Live Cyber Recovery Connector appliance and its dependencies. |
|
VMware Cloud on AWS Design
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-AWS-CFG-001 |
Deploy a pilot light VMware Cloud on AWS recovery SDDC. |
|
A minimal footprint VMware Cloud on AWS SDDC is always online. |
CBR-AWS-CFG-002 |
Deploy a VMware Cloud on AWS recovery SDDC with a minimum of two nodes. |
Ensures that the pre-provisioned recovery SDDC remains available. A single node expires after 60 days. |
A pre-provisioned recovery SDDC consumes infrastrucutre that incurs a regular charge. |
CBR-AWS-CFG-003 |
Configure the management gateway to allow access to VMware Cloud on AWS recovery SDDC vCenter Server over the internet. |
Ensures that users can access the vCenter Server UI of the recovery SDDC over the internet. |
You must manually manage access to the vCenter Server by using an NSX group. |
VMware Live Cyber Recovery Design
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-VLCR-CFG-001 |
Deploy a cloud file system in the same availability zone inside one AWS region as the recovery SDDC. |
Cloud file systems and recovery SDDCs must be in the same availability zone inside one AWS region. |
None. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-VLCR-CFG-002 |
Create a protected site for your VMware Cloud Foundation instance using a public internet connection. |
Defines the VMware Cloud Foundation instance where business workloads will be protected. |
None. |
CBR-VLCR-CFG-003 |
Associate the VMware Live Cyber Recovery Connector appliances with the protected site. |
Provides secure communication over the internet between the on-premises vCenter Server and the VMware Live Cyber Recovery service. |
Deploy the VMware Live Cyber Recovery Connector appliances manually into your VMware Cloud Foundation management domain vCenter Server. |
CBR-VLCR-CFG-004 |
Register the VI workload domain vCenter Server with the protected site in the VMware Live Cyber Recovery service. |
Connects the on-premises vCenter Server of the VI workload domain with the VMware Live Cyber Recovery service to enable protection of business workloads. |
Requires at least one VMware Live Cyber Recovery Connector appliance deployed within the on-premises vCenter Server. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-VLCR-CFG-005 |
Attach the pilot light VMware Cloud on AWS recovery SDDC to the VMware Live Cyber Recovery service. |
Provides a target SDDC for virtual machine recovery. |
None. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-VLCR-CFG-006 |
Configure the VMware Live Cyber Recovery service to send SLA status alerts. |
Ensures that if any SLA status alerts are triggered, they are communicated to support representatives. |
VMware Live Cyber Recovery uses the AWS mail service. Recipients must respond to the AWS email address verification request before receiving an email from VMware Live Cyber Recovery. |
Life Cycle Management Design
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-CDP-LCM-001 |
Use the VMware Cloud Services automatic over-the-air service to perform the upgrades to the VMware Live Cyber Recovery Connector appliances. |
The VMware Live Cyber Recovery service pushes upgrades automatically. |
None. |
Information Security and Access Control Design
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-IAM-SEC-001 |
Limit the use of local accounts for interactive or API access and solution integration. |
Local accounts are not specific to user identity and do not offer complete auditing from an endpoint back to the user identity. |
You must define and manage service accounts, security groups, group membership, and security controls in Active Directory. |
CBR-IAM-SEC-002 |
Limit the scope and privileges for accounts used for interactive or API access, and for solution integration. |
The principle of least privilege is a critical aspect of access management and must be part of a comprehensive defense-in-depth security strategy. |
You must define and manage custom roles and security controls to limit the scope and privileges used for interactive access or solution integration. |
CBR-IAM-SEC-003 |
Assign VMware Live Cyber Recovery service roles to designated users. |
To provide access to VMware Live Cyber Recovery service, you assign users to service roles. |
You must maintain the service roles required for users of your organization. |
CBR-IAM-SEC-004 |
Assign VMware Cloud on AWS service roles to designated users. |
To provide access to VMware Cloud on AWS service, you assign users to service roles. |
You must maintain the service roles required for users of your organization. |
CBR-IAM-SEC-005 |
Assign VMware Carbon Black Cloud service roles to designated users. |
To provide access to VMware Carbon Black Cloud service, you assign users to service roles. |
You must maintain the service roles required for users of your organization. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-IAM-SEC-006 |
Define a custom vCenter Server role for VMware Live Cyber Recovery with minimum privileges required to support the registration of a vCenter Server. |
VMware Live Cyber Recovery integrates with each workload domain vCenter Server instance using a minimum set of privileges required to support registration. |
|
CBR-IAM-SEC-007 |
Assign the custom vCenter Server role to a user from the vsphere.local domain as a service account for each VI workload domain vCenter Server instance for application-to-application communication between VMware Live Cyber Recovery and vCenter Server. |
|
You must maintain the life cycle, availability, and security controls for the account in the vsphere.local domain. |
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-IAM-SEC-008 |
For each vCenter Server, change the VMware Live Cyber Recovery service account password on a recurring or event-initiated schedule. |
To maintain a secure platform, you should rotate the VMware Live Cyber Recovery service account passwords on a regular basis. |
Performing password rotation for a service account is a manual process. You update the associated credentials in the VMware Live Cyber Recovery service. |
Solution Interoperability
Decision ID |
Design Decision |
Design Justification |
Design Implication |
---|---|---|---|
CBR-MON-IOM-001 |
Add a Ping adapter for the VMware Live Cyber Recovery Connector appliances. |
Provides metrics on the availability of the VMware Live Cyber Recovery Connector appliances. |
You must add the adapter instances manually. |
CBR-MON-IOM-002 |
Configure the Ping adapter for the VMware Live Cyber Recovery Connector appliances to use the remote collector group. |
Offloads data collection for local management components from the analytics cluster. |
None. |