Choosing the Right DR Attributes for Your Applications
When you are buying a car, you start with your needs list. Do you want great gas mileage, or zero to 60 miles / 96 km per hour in under 4 seconds, or seating for 7 passengers, or the cheapest way to get from point A to B? Usually though, rather than choosing based on just one, you look at a combination of attributes that will best meet your needs. In my case, I needed a car with good power for camping and skiing in the mountains, 7-8 seats to carpool kids, and reasonable gas mileage. So, I bought a mid-sized sports utility vehicle with third-row seats and a roof rack and hitch for my gear.
Deciding on the right disaster recovery solution is similar – you should look at multiple attributes that will best meet your needs. Depending on your application requirements, you select the right combination of RTO, RPO, TCO (total cost of ownership), and other DR attributes for each protection group.
With the latest release of VMware Cloud Disaster Recovery, we are excited to provide customers greater choice by delivering RPOs as low as 30 minutes, which enhances what customers already have with instant VM power-on and low TCO (60% lower than on-premises DR).
Greater Flexibility and Choice with 30-minute RPOs
RPOs as low as 30 minutes give customers up to 48 snapshots per day. Combined with the Scale-out Cloud File System’s ability to store a deep history of snapshots, customers now have greater choice in the frequency of snapshots, how many to keep, and for how long. This flexibility is important to balance DR readiness and total cost of ownership when preparing and recovering from ransomware attacks or other disaster events.
Let’s look at recent ransomware statistics to illustrate why this flexibility and choice are important. According to securityweek.com (citing FireEye’s Mandiant incident response data), the median dwell time in 2020 was 24 days for all malicious hacker attacks and 5 days if you only look at ransomware attacks. 5 days median may not sound like very long but approximately one-third of those ransomware attacks took 14+ days before it was detected and some even went undetected for 400+ days! (Note: some ransomware reveal itself after just a few days, which shortens the dwell time. But other variants try to go undetected for as long as possible so it can spread as widely as possible before revealing itself.)
So, in a good scenario, you detect the ransomware in 5 days or less. But you also need to prepare for when it has been in your environment for much longer. Hence, when we do customer DR planning sessions, we start with a default ransomware protection retention policy of:
- Keep at least 6 snapshots per day for 2 days
- Keep daily snapshots for 7 days
- Keep weekly snapshots for 4 weeks
- Keep monthly snapshots for 6 months
With the new enhancement, you can now keep up to 48 snapshots per day for 2 days, while still retaining a deep history for longer-term protection.
Easy to Set-up
Using the new 30-minute RPO enhancement is straight forward – view the 90-second demo video for a quick overview.
Essentially, when you create a new protection group, you select “high-frequency snapshots”.
For that protection group, you now can set up snapshots to occur as frequently as every 30 minutes. Of course, you can also select other schedules based on your business requirements (hourly, every 2 hours, every 4 hours, etc.).
VMware vCenter Server and ESXi hosts on the source site need to be upgraded to version 7.0 Update 2c-vcdr to support the 30-minute RPO. The patch files can be downloaded from the VMware Cloud DR console. Check out the release notes and the “Creating Protection Groups” documentation for more details and requirements for this new enhancement.
New Ways to Quickly Get Started
With estimates of one organization being attacked by ransomware every 11 seconds in 2021, it’s important to get started soon if you don’t already have a robust DR plan in place. We created a step-by-step guide and enabled credit card online purchasing for VMware Cloud DR to make it easier and faster for your organization to become “DR Ready.” Check them out, and if you have additional questions, reach out to your VMware partner or VMware salesperson.
 Dwell time is defined as the number of days an attacker is present in the target’s environment before they are discovered.