Logical Design for Cloud-Based Ransomware Recovery for VMware Cloud Foundation

The logical design provides a high-level overview of the Cloud-Based Ransomware Recovery for VMware Cloud Foundation validated solution.

The Cloud-Based Ransomware for VMware Cloud Foundation validated solution utilizes the VMware Live Cyber Recovery service from VMware to protect business workloads from a ransomware attack and to recover them to a VMware Cloud on AWS instance.

To provide failover capabilities, this validated solution defines the following logical configuration of the SDDC management components.


Management Component	Logical Configuration for Ransomware Recovery
VMware Cloud Foundation (Protected Site)	vCenter Server Cluster and ESXi hosts
VMware Cloud on AWS (Recovery Site)	vCenter Server Cluster and ESXi hosts
VMware Live Cyber Recovery	VMware Cloud Foundation instance: VMware Live Cyber Recovery Connector(s)
VMware Live Cyber Recovery	VMware Cloud Service Orchestrator Cloud File System

A VMware Cloud Foundation instance with the Standalone Workspace ONE Access instance is connected to the VMware Live Cyber Recovery service through two VMware Live Cyber Recovery Connector appliances. The onnectors support data communication between the cloud provider and the managed environment. You access VMware Live Cyber Recovery by using a user interface and API. You recover business workloads to a VMware Cloud on AWS instance through the VMware Live Cyber Recovery service. — Figure 1. Logical Design of Cloud-Based Ransomware Recovery for VMware Cloud Foundation

Table 1. Cloud-Based Ransomware Recovery Logical Components
Single VMware Cloud Foundation Instance with a Single Availability Zone	Single VMware Cloud Foundation Instance with Multiple Availability Zones	Multiple VMware Cloud Foundation Instances
Two VMware Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain.	Two VMware Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain. A vSphere Distributed Resource Scheduler VM/Host rule ensures that the VMware Live Cyber Recovery Connector appliances are running on an ESXi host group in the first availability zone of the management domain.	Two VMware Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain in each instance.