VMware Live Cyber Recovery Design for Cloud-Based Ransomware Recovery for VMware Cloud Foundation

You configure the VMware Live Cyber Recovery service to replicate and orchestrate the recovery of workloads running on a VMware Cloud Foundation instance.

Cloud File System

A cloud file system provides storage capacity in the cloud for storing virtual machine snapshots that are replicated from the protected site. A cloud file system and recovery SDDC must be in the same availability zone inside a single AWS region.

Table 1. Design Decisions on Cloud File System for VMware Live Cyber Recovery
Decision ID	Design Decision	Design Justification	Design Implication
CBR-VLCR-CFG-001	Deploy a cloud file system in the same availability zone inside one AWS region as the recovery SDDC.	Cloud file systems and recovery SDDCs must be in the same availability zone inside one AWS region.	None.

Protected Site

A protected site encompasses vCenter Servers, protection groups, and recovery plans. When you create the protected site, you deploy a minimum of two VMware Live Cyber Recovery Connector appliances into your vSphere environment for availability.

After you set up a protected site, you create protection groups to replicate snapshots to a cloud file system. You can then use available snapshots from the cloud file system to recover protected VMs into your recovery SDDC using recovery plans.

Table 2. Design Decisions on Protected Site for VMware Live Cyber Recovery
Decision ID	Design Decision	Design Justification	Design Implication
CBR-VLCR-CFG-002	Create a protected site for your VMware Cloud Foundation instance using a public internet connection.	Defines the VMware Cloud Foundation instance where business workloads will be protected.	None.
CBR-VLCR-CFG-003	Associate the VMware Live Cyber Recovery Connector appliances with the protected site.	Provides secure communication over the internet between the on-premises vCenter Server and the VMware Live Cyber Recovery service.	Deploy the VMware Live Cyber Recovery Connector appliances manually into your VMware Cloud Foundation management domain vCenter Server.
CBR-VLCR-CFG-004	Register the VI workload domain vCenter Server with the protected site in the VMware Live Cyber Recovery service.	Connects the on-premises vCenter Server of the VI workload domain with the VMware Live Cyber Recovery service to enable protection of business workloads.	Requires at least one VMware Live Cyber Recovery Connector appliance deployed within the on-premises vCenter Server.

Recovery SDDC

The VMware Live Cyber Recovery service uses a VMware Cloud on AWS SDDC as the recovery target. When configuring the VMware Live Cyber Recovery service, you attach a VMware Cloud on AWS SDDC to provide compute, storage and networking resources for the recovery of business workloads.

Table 3. Design Decisions on Recovery SDDC for VMware Live Cyber Recovery
Decision ID	Design Decision	Design Justification	Design Implication
CBR-VLCR-CFG-005	Attach the pilot light VMware Cloud on AWS recovery SDDC to the VMware Live Cyber Recovery service.	Provides a target SDDC for virtual machine recovery.	None.

Email Alerts

You can configure the VMware Live Cyber Recovery service to send an email alert when SLA statuses change and when a recovery plan finishes running. Email addresses added here also receive emails for VMware Live Cyber Recovery system alerts.

To send an email to users when a recovery plan finishes running, you first must add their email addresses in the alerts page of a recovery plan.

Table 4. Design Decisions on Email Alerts for VMware Live Cyber Recovery
Decision ID	Design Decision	Design Justification	Design Implication
CBR-VLCR-CFG-006	Configure the VMware Live Cyber Recovery service to send SLA status alerts.	Ensures that if any SLA status alerts are triggered, they are communicated to support representatives.	VMware Live Cyber Recovery uses the AWS mail service. Recipients must respond to the AWS email address verification request before receiving an email from VMware Live Cyber Recovery.