VMware Site Recovery Shared Responsibility Model

Introduction

This guide covers the details of security considerations and implementations for VMware Site Recovery. 

VMware Site Recovery is VMware’s disaster recovery service offering for the Amazon Web Services cloud. Customers can protect their workloads by configuring automated workflows and then orchestrate the recovery of protected workloads in both test and disaster scenarios between private data centers and VMware Cloud instances on AWS as well as instances between VMware Cloud on AWS. VMware has been offering disaster recovery as a service and protecting production workloads since 2018 for customers 24x7. Maintenance, patching, and upgrades of the appliances and the SDDC are performed by VMware.

VMware Site Recovery has the following components:

  • SRM Server appliance(s)
  • vSphere Replication appliance(s)

Shared Responsibility Model

Shared Responsibility Model

VMware Site Recovery implements a shared responsibility model that defines distinct roles and responsibilities of the three parties involved in the offering: customer, VMware, and Amazon Web Services.

image-20220128135930-1

Customer Responsibility

On-premises Security - The customer is responsible for installation, configuration, and continuous operations of all the on-premises software components and hardware in compliance with PCI-DSS requirements. This includes the network connection over which communication between on-premises and cloud components occurs. This could include but is not limited to using encryption where applicable, having processes for regular software security patching, credential rotations, auditing, and user access controls.

 

Security in the Cloud – Customers are responsible for the configuration of the DR protection of their sites, via the Service UI and API interfaces. This includes but is not limited to the configuration of network firewall rules, VPNs, Site pairing, replications, protection groups, inventory mappings, and recovery plans.

VMware Responsibility

Security of the Cloud – VMware is responsible for protecting the software and systems that make up the VMware Site Recovery and VMware Cloud on AWS

AWS Responsibility

Security of the Infrastructure – AWS is responsible for the physical facilities, physical security, infrastructure, and hardware underlying the entire service.

Shared Responsibility Matrix

Details on the shared responsibility model employed by VMware Site Recovery can be found in the table below.

Much of the low-level operational infrastructure is handled by the VMware Site Recovery and VMware Cloud on AWS Engineering and Operations teams, allowing the customer to focus on managing their workloads.

 

Entity

Responsibility / Activity

Customer

  • Deploying Software-Defined Data Centers (SDDCs) – Recovery Site
    • Host Type & Count / Cluster Config
    • Connected AWS Account (Cloud)
    • Management Network Range
  • Configuring SDDC Network & Security
    • Network Segments
    • Public IP addresses
    • NAT
    • Firewalls
    • Access Control
  • Protected Site(s)
    • Firewalls
    • Network Segments
    • Role-Based Access Control
  • VMware Site Recovery
    • Protection Groups
    • Protected Site vCenter Configuration
    • Recovery Plans
    • Role-based access control / Authentication
  • SRM & VR Lifecycle (On-premises)
    • Software deployment, updates, and upgrades
  • Physical Infrastructure (On-premises)
    • Compute / Network / Storage
    • Network Connection to AWS Cloud

VMware

  • SRM & VR Lifecycle (Cloud)
    • Software updates and upgrades
  • VMC on AWS SDDC Lifecycle
    • vSphere
    • vSAN
    • NSX
  • Monitoring & Operations of SRM & VR (Cloud)

AWS – Amazon Web Services

  • Physical Infrastructure
    • AWS Regions
    • AWS Availability Zones
    • Physical security of AWS facilities
  • Compute / Network / Storage
    • Rack and Power Bare Metal Hosts (i.e. i3.metal and i3en.metal)
    • Rack and Power Network Equipment

Filter Tags

BC/DR Site Recovery Document Fundamental Overview