Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »


Knowledge Base


Feedback

Have a suggestion for the Armor Knowledge Base?

Send a message to
kb@armor.com.









Error rendering macro 'excerpt-include'

No link could be created for 'KBSS:Armor Complete users (snippet)'.

This document only applies to upgraded users.

Overview

Armor, along with Zerto, provides a fully managed continuous data replication (disaster recovery) service.

At a high-level, this service replicates your resources in a failover site to help you:

  • Troubleshoot during an outage in your primary data center
  • Meet compliance requirements

This service replicates the following resources from your production environment into the failover site: 

Resource typeSpecific components
Infrastructure
  • Workloads
  • Virtual machines
Networking
  • IP addresses
  • L2L VPN
  • SSL/VPN
Security 
  • Malware protection
  • File Integrity Monitoring
  • Patching
  • Log Management

If there is an outage in your primary data center, and you continue to work with your infrastructure in the failover site, then any modifications you make will be not replicated in the primary data center once the outage has been resolved.

Typically, the failover site is the closest data center to your primary data center. Currently, Armor offers this service in the following locations: 

Primary data centerDefault failover site
Dallas (DFW01)Phoenix (PHX01)
Phoenix (PHX01)Dallas (DFW01)

Prerequisites

Before your order this add-on product, consider the following scenarios: 

  • In Gen 3 (my.armor.com), you were able to access your virtual machine via the Cisco AnyConnect Secure Mobility Client. In Gen 4 (amp.armor.com), you can only access virtual machines via the VMwareTRAY SSL VPN-Plus Client. Even after you upgrade to Gen 4, you can still use the Cisco to access your transferred virtual; machines; however, for a virtual machine that is replicated to the failover site, you can only access that virtual machine via the VMware client. In short, Armor recommends that you use the VMware client to access your virtual machines.
  • Even during a data center outage, you must submit a support ticket to Armor to request a live failover.
  • Any changes you make in your virtual machine while in the replication site will not be transferred over to the primary site at the end of the failover.  
  • Based on the size of your environment, first-time provisioning for this add-on product can take up to two days to complete. 
  • Based on the size of your environment, a failover may take

Order Continuous Server Replication (Disaster Recovery)

As part of the upgrade processIf you had Continuous Server Replication (Disaster Recovery) in Gen3, then as part of the upgrade process, then Armor has automatically subscribed your corresponding virtual machines to Continuous Server Replication (Disaster Recovery).

You can order Continuous Server Replication (Disaster Recovery) from the Virtual Machine Details screen in the Armor Management Portal (AMP).

  1. In the Armor Management Portal (AMP), on the left-side navigation, click Infrastructure
  2. Click Virtual Machines
  3. Locate and select the desired virtual machine.
  4. Next to the virtual machine name, click the gear icon. 
  5. Select Add Continuous Replication.
  6. In the drop-down menu, confirm the desired virtual machine. 
  7. Review the information, including pricing information, and then select Submit
    • For first-time users, it may take up to two business days for this add-on product to be fully provisioned in your account. After this first-time provisioning process, additional provisioning will only take 30 minutes to complete. 
  8. To confirm that this service was activated:
    1. Return to the Virtual Machine Details screen for the desired virtual machine. 
    2. Click the Continuous Server Replication tab.
    3. Review the status for Server Replication
  9. (Optional) Armor recommends that after your add-on product has been fully provisioned, you should request a test failover, simply to verify the service. 

Request and view a test failover 

You can request a test failover to meet compliance requirements or to verify that the add-on product was successfully provisioned. 

After a successful test failover, you can view and confirm the test failover in the Armor Management Portal (AMP). 

During a test failover, Armor recommends that you do not make any changes to your virtual machine in the failover site. Any change you make will not replicated in the primary site.

  1. In the Armor Management Portal (AMP), on the left-side navigation, click Support.
  2. Click Tickets + Notifications
  3. Click New Ticket
  4. In Ticket Subject, enter Request for a Test Failover
  5. (Optional) In Add Recipient, enter the name or username of additional recipients to add to the ticket, and then select the name.
  6. In Ticket Explanation, enter the name of the corresponding virtual machine. 
  7. Click Create Ticket
  8. To view the status of your ticket, in the left-side navigation, click Support, and then click Tickets + Notifications
    • Armor Support will update the ticket when the test failover is complete. 
  9. On the left-side navigation, click Infrastructure
  10. Click Virtual Machines
    • The failover will be listed in the table. The name of this virtual machine will include the name of the original virtual machine, along with Test added to the title. 
      • For example, if the name of the virtual machine is My Company, then the failover virtual machine will appear as My Company - Test
  11. Click the Test virtual machine. 
    • Next to Region, the data center will list the secondary data center (the location for the disaster recovery for your virtual machine). 
    • Under Storage, the disk is tagged with Disaster Recovery.
    • The Continuous Server Replication tab will not appear in the failover virtual machine. 
  12. (Optional) To access the virtual machine in the failover site, you must download and install the Gen 4 SSL/VPN client for the failover site. 
    • You cannot use the Gen 3 (Cisco AnyConnect) client to connect to the virtual machine in the failover site; you must use the Gen 4 (VMware) client. 
      • To learn how to download and install the SSL/VPN client, see SSL/VPN.
  13. To terminate the test failover, create a support ticket and indicate your interest to end the test failover. 
    • Armor Support will remove the test virtual machines from your AMP account. 
  14. (Optional) You can request Armor to send you a certificate that you can use for compliance reasons. 
    1. Create a support ticket and and indicate your interest to receive a certificate. 
ColumnDescription
Server Replication
Protected Site
Recovery Site
Status
Current RPO (Recovery point objective)



Request and view a live failover

You can request failover to troubleshoot during an outage in your primary data center. 

During an outage, Armor will send you a notification regarding the outage in your primary data center; however, you must submit a support ticket to request the live failover. 

During a live failover, Armor recommends that you do not make any changes to your failover virtual machine. Any change you make will not replicated in the primary virtual machine.

After a successful failover, you can view and confirm the failover in the Armor Management Portal (AMP). 

  1. In the Armor Management Portal (AMP), on the left-side navigation, click Support.
  2. Click Tickets + Notifications
  3. Click New Ticket
  4. In Ticket Subject, enter Request for a Live Failover or Request for a Test Failover
    • Armor will notify you of a data center outage. In this case, you must still submit a support ticket to request a live failover. 
  5. (Optional) In Add Recipient, enter the name or username of additional recipients to add to the ticket, and then select the name.
  6. In Ticket Explanation, enter the name of the corresponding virtual machine. 
  7. Click Create Ticket
  8. To view the status of your ticket, in the left-side navigation, click Support, and then click Tickets + Notifications
    • Armor Support will update the ticket when the test failover is complete. 
  9. On the left-side navigation, click Infrastructure
  10. Click Virtual Machines
    • The failover will be listed in the table. The name of this virtual machine will include the name of the original virtual machine, along with Test added to the title. 
    • For example, if the name of the virtual machine is My Company, then the failover virtual machine will appear as My Company - Test
  11. Click the Test virtual machine. 
    • Next to Region, the data center will list the secondary data center (the location for the disaster recovery for your virtual machine). 
    • Under Storage, the disk is tagged with Disaster Recovery.
    • The Continuous Server Replication tab will not appear in the failover virtual machine. 

Troubleshoot Continuous Server Replication tab

If you cannot access the Continuous Server Replication tab in the Virtual Machine Details screen, consider that: 

  • You have not ordered Continuous Server Replication service. 
  • Armor Support has not completely provisioned the service.
    • This service may take a few minutes to appear in your AMP account. 
  • You do not have permission to order and view this service. 
    • You must have the Read Server Replication and Write Server Replication permissions enabled. Contact your account administrator to enable this permission. To learn how to update you permissions, see Roles and Permissions (Armor Complete)

Frequently asked questions

I had Continuous Server Replication (Disaster Recovery) in Gen 3 (my.armor.com). Do I need to re-order this add-on product? 

In short, no. As part of the upgrade process, Armor has automatically subscribed your corresponding virtual machines to Continuous Server Replication (Disaster Recovery).


How do I order Continuous Server Replication (Disaster Recovery) and request a failover? 

In short, you can order the Continuous Server Replication (Disaster Recovery) add-on product in the Armor Management Portal (AMP). Once this add-on product has been fully provisioned, you can simply submit a support ticket to request a failover. Armor Support will coordinate with you to establish timelines. 

To learn more about how to order this add-on product, as well as request a failover, see Disaster Recovery (upgraded users) (external draft).


During a data center outage, how do I request a failover? 

Armor will notify you about a data center outage; however, you are responsible for notifying Armor about your request to perform a failover.

Once the data center outage is resolved, Armor will notify you again . Again, you must contact Armor support to terminate your


If I make any changes while working in the failover site, will those changes be reflected in the primary data site? 

In short, no. After a failover is complete, Armor removes the failover virtual machine from the Armor Management Portal (AMP). As a result, any change you make in AMP will not be reflected in the primary virtual machine. 


If my primary data center is down, does Armor automatically revert my environment into the failover site, or do I need to submit a request? 

Although Armor will notify you about a data center outage, you are still responsible for communicating to Armor a failover request. 


How do I terminate a failover?  

You must submit a request to Armor Support that you want to end your failover. Simply submit a support ticket. 



How does Continuous Server Replication (Disaster Recovery) affect log management? 

When you create a virtual machine, the virtual machine contains a unique code instance ID. In a failover environment, the failover virtual machine will contain a different code instance ID. After the failover has been termitnated, and you return to your primary environment, the primary virtual machine will contain a different code instance ID. As a result of these different instance IDs, the log management service will contain disruptions. 

If I am simply performing a test failover for compliance reasons, how do I return to my primary data center? 


While working in my failover site, can I manage my firewall rules? 


How do I access a failover virtual machine? 

Similar for accessing a primary virtual machine, you must download and install an SSL/VPN client that corresponds to the failover site.

To access a failover virtual machine, you cannot use the Gen 3 (my.armor.com) SSL/VPN client. You can only use the Gen 4 (amp.armor.com) SSL/VPN client.

To learn how to download and install an SSL/VPN client in Gen 4, see SSL/VPN.


What aspects of my environment are replicated into the failover site? 


How does Armor handle Continuous 


What are the requirements for requesting a disaster recovery? 


How long does it take my for environment to be replicated in the failover site?