Rapid Recovery

How would I set up a new replication only site with existing data (Recovery points)?

We have 2 Rapid Recovery servers. They both act as a target and a core. Cross replication.

1 is local and 1 is in an off-site data center. We are trying to move out of the off-site data center, to another off site location. We can't just shut everything down and move it. We want to create a third core server (target only) in the new location which will only be used for replication only. Then, in time we will consolidate both current locations to a single location locally.

We want to set up the new Replication (Target) server, create a replication seed drive from the 2 existing servers (on an external drive) then ship to to the location where the third site will exist, then load all the recovery points to it.

If something happens, in transit to that external drive, we want to make sure the data is unuseable.

What would be the best way to do this?

  • Greetings. What you are explaining is possible. You can replicate the source to more than 1 location, and/or daisy chain them from one to another depending upon your need. The part that I am not sure of however is this line:

    If something happens, in transit to that external drive, we want to make sure the data is unuseable.

    The seed drive is just a copy, so the source original is still on your source cores (or your target) so as long as you don't seed and then promptly delete data from the core you created the seed from, the data will still be on that core. Therefore if the seed drive itself is lost and/or corrupted you still have the original, just don't do an RP removal until you import the data and validate that it is secure. Does that makes sense? Is that what you're looking for?

    If I missed the point and/or a variable by all means let me know.
  • I was asking about the status of the data on the seed drive. I want to make sure it is unusable to anyone but us, in case it falls into the wrong hands. We deal with ePHI and HIPAA data. The way I understand it is, The seed drive can only be consumed on the target it was matched to. Is that correct? (Not sure if I asked that question correctly). After I replicate to the seed drive, I will need to ship that drive to an offsite location where that target core will exist.
  • With a simple change to the XML file in the seed drive you can convert it to an archive so it can be imported on any core. The only way to ensure the data in that seed drive is secure and not able to be used is to encrypt the recovery points related to your agents. To do that you have to enable encryption on each agent. When you do that you'll get a new base image for each machine. If you already have encryption enabled, then you don't have anything to worry about. The data is encrypted and the person importing the seed would have to have your encryption key pass phrase in order to access the data.

    If you don't have encryption enabled and you want that level of security, you could look at using a full disk encryption software to manage the seed drive and encrypt all data being written to it. However, we have not tested this in any way and can't speak to what the performance of that process would be nor whether there may be any hiccups with the import if the performance of the decryption process is slow.

    Your best bet by far is to have your recovery points encrypted in the repository so they are secure.
  • Understood. For the seed/consume purpose yes that seed is only good for that single target core. However the data is not secured so to speak and only usable by the second core, the seed can be converted into an archive and then it can be utilized by another core. The only way to 'secure' your recovery points would be through encryption, the replication process of seeding does not protect your data in the manner which you are referring to.
  • Thanks. This makes it much clearer. This encryption is built-in to RR? But I would have to turn it on, the re-base everything, correct?