Hi vAdmins,
Let’s talk about Data Protection, protect and recover VMs against accidental and Malicious activities.
vSAN 8 Update 3 enhances the robust ESA snapshot engine to provide heightened levels of data protection and flexibility.
Data Protection for VMware vSAN ESA enables VCF administrators to effortlessly safeguard and restore VMs from various incidents like accidental deletions and ransomware attacks. By defining protection groups, you can easily specify which VMs you would like to protect, how frequently a snapshot must be created, and the retention. Additionally, snapshots can be set as immutable to provide extra safeguarding, especially for unique requirements such as basic Ransomware Defense. Integration with VMware Live Cyber Recovery (VLCR) further enhances Cloud-Based Ransomware protection.
This advancement in snapshot protection and portability within vSAN promises to unlock fresh possibilities for enhanced security and efficiency for your (private) Data Center.
How does it work?
You can manage and view all the Data Protected related actions from the vSAN Data Protection UI
Utilizing vSAN 8 update 3 opens up numerous possibilities for enhancing data protection through the utilization of snapshots. In practice you will often define data protection groups. These data protection groups contain members (virtual machines) including properties like the snapshot schedule and the desired retention time for vSAN ESA immutable snapshots.
Of course it is also possible to take a snapshot manually, which You could use to revert an existing VM or to create a linked clone VM based on this snapshot. A linked clone can be an ideal solution of scenarios where you would like to run a subset of VMs for the purposed of development and testing.
From the vSAN Data Protection UI you can view the consumed and available capacity per cluster.
There is also an snapshot overview offering a comprehensive view of both protected and unprotected VMs.
In accordance with the retention policy, vSAN technology autonomously removes outdated snapshots while enforcing a maximum limit of 200 snapshots per virtual machine. Snapshot generation will halt once the cluster’s capacity usage hits 70%.
Protection Group(s)
One of the key features of vSAN Data Protection is the utilization of protection groups, which contributes to its simplicity and flexibility. You have the ability to set specific protection parameters for certain VMs, while simultaneously configuring distinct criteria for others. Moreover, vSAN Data Protection enables the incorporation of dynamic VM name allocations within a protection group, enabling automatic inclusion of a VM that meets specified name-based conditions.
Final Thoughts
I’m convinced that leveraging local snapshots for Data Protection offers significant benefits. The ability to complement it with immutable snapshots enhances security against malicious attacks. The seamless integration of Data Protection into the storage eco-system is a fantastic enhancement, made even more convenient with everything centralized in a user-friendly GUI!
End of this post.
Disclaimer: Please note that the views expressed in this blog are solely my own and should be treated as personal opinions. This content does not hold any legal or authoritative standing.