How does Cloud Rewind handle cross regions with multiple availability zones during recovery?
Cloud Rewind maps the Availability Zones of the primary region to the recovery region’s two Availability Zones during the recovery process.
Protected resources in the cloud assembly that are spread across multiple zones in the primary region are mapped to the two zones in the recovery region. Cloud Rewind uses around-robin algorithm for the recovery zone mapping.
For example, Say, us-east-1 is the primary region and has resources spread across six availability zones. Resources in the primary region’s six availability zones are mapped to the two availability zones in the recovery region us-west-1 by Cloud Rewind. The available zone selection is based on the round-robin method, as described in the table below
| Primary Region | Recovery Region |
|---|---|
| us-east-1a | us-west-1a |
| us-east-1b | us-west-1b |
| us-east-1c | us-west-1a |
| us-east-1d | us-west-1b |
| us-east-1e | us-west-1a |
| us-east-1f | us-west-1b |
Note
In the case of the Application Load Balancer and the RDS subnet group, the subnet has to be associated with at least two different zones. If the above round-robin implementation does not meet the requisite during recovery, Cloud Rewind will auto-correct the configuration to address the issue case by case.
How does Cloud Rewind integrate with appliances running in the cloud environment
If, pre- and post-recovery, any existing appliance inside the cloud environment requires further optimisations, Cloud Rewind provides webhooks to customise before and after recovery. All communication with the cloud environment happens through cloud provider APIs.
How to get the cloud formation template used for recovery?
Cloud Rewind automatically writes the Infrastructure as a code for the recovery process and make available the template that can be downloaded and used for various use cases including for audit for compliance purposes.
The Cloud Formation Template can be downloaded only during the recovery process once it is initiated. Download Template option is available in the right corner menu icon on the recovery timeline as shown below.
Why are the RDS Instances renamed by Cloud Rewind during recovery?
The RDS instance names are globally unique in AWS and that is a limit introduced by AWS. Cloud Rewind, encourages Customers to run multiple Test Recoveries and as the RDS instance names are unique, Cloud Rewind appends the source name with a unique identifier so that , multiple instances of the Application environment can be launched for Testing when required.
Example: app-db01 in the protected region is re-named app-db01-8563203399558043 in the recovery region.
Note
In order to identify the source name of the instance, Cloud Rewind has introduced a TAG that is attached to the recovered instance and that retains the source instance name, so that helps as an identifier when required. The below is the details of the Tag name that is available on the recovered instance that helps in identifying the source instance name.
How to disable a scheduled reset?
Once recovery is completed, the recovered resources can be deleted by doing a “RESET”.
Option to reset is provided on the recovery details page. A reset can be triggered immediately or it can be scheduled.
A scheduled reset can be disabled before a reset begins by following these steps,
-
Click on the dots near the reset timer for more options on recovery reset.
-
Select the “EDIT SCHEDULED RESET” option to disable the reset that is scheduled.
-
Toggle on the button to disable the schedule for reset and click "UPDATE RESET SCHEDULE".
How to restore multiple cloud assemblies into one VPC?
Cloud Rewind restores multiple assemblies or different application instances from same timeline or different timeline into a pre-created VPC.
Please refer to the guidelines attached.
Will Cloud Rewind automatically associate Application Loadbalancer to the right Targets in a pre-created VPC recovery?
AWS Application Loadbalancer Supports the following Target Types
- Instance ID
- IP Address
- Lambda
On a pre-created VPC recovery,
-
Instance ID: Yes, Cloud Rewind automatically maps the target type to the recovered instance ID in the pre-created VPC.
-
IP Address: Yes, Cloud Rewind automatically maps the target type to the equivalent recovered Instance's IP address in the pre-created VPC.
-
Lambda: Cloud Rewind is yet to provide support for target type as Lambda in the pre-created VPC, Cloud Rewind currently skips creating the target type Lambda.
How to cleanup after restore?
Cloud Rewind allows deletion of recovered resources using the RESET option. The Reset of the recovered instances can be either scheduled or it can be performed on demand.
Reset helps in deleting the recovered resources that was recovered by Cloud Rewind in the DR environment. This helps to reduce the cloud billing that can incur due to recovery testing.
Please check the link below for step wise process
https://docs.appranix.net/resilience-service/recovery/aws-recovery/#:~:text=Delete%20recovered%20resources,to%20recovery%20testing
Is there a way to exclude a cloud resource from Cloud Rewind protection?
Yes, Cloud Rewind allows you to exclude the resource from being protected by applying a specific tag to your cloud resource.
In AWS, add the following Tag to your Cloud Resource
KEY: ax-aps-protection
VALUE: ignore
In GCP, add the following Label to your Cloud Resource:
LABEL: ax-aps-protection
VALUE: ignore
In AZURE, add the following Tag to your Cloud Resource:
LABEL: ax-resource
VALUE: true
How Cloud Rewind restored Azure cloud applications in 36 mins after a ransomware attack
To highlight a case study of an eDiscovery global leader that recovered an entire set of application environments after a ransomware attack with Cloud Rewind. At 4:46 AM EST in the morning we received a frantic call from the CIO that they were unable to login to any of their Azure environments and all their applications had disappeared. They had a simple message in their email about the attack and asking for payments.
Our customer success team was on the call in the next few minutes to assess the situation to start the recovery process. Their day 0 copy was obviously encrypted in the product, so we went back two days ago to be able to recover cleanly and resumed their business operations.
Their entire set of 8 environments with 443 resources were recovered in under 36 minutes. We could have recovered these environments in under 15 minutes if they ran the recoveries in parallel, but they wanted to recover and test for any malware at every step. All in all, their business was back online and did all the forensics to see how they can prevent further attacks.
How to prepare for the recovery of environments from ransomware or other encryption attacks?
Gartner has come up with a few recommendations on how to be prepared for the recovery of environments from ransomware or other encryption attacks. One of the key things that caught my attention is the large-scale recovery of systems. Complex dynamic systems continuously change and present unique challenges, especially cloud application environments, so instead of restoring from backups, a complete rebuild might be a better option. I thought it might be worthwhile to go through the attached document for your organization.