A day in the life of a Data Protection Auditor
STEP 1: List VM hardware details!
- vCenter (CPU/MEM/vDISK/vNIC)
- including vNIC & SCSI Controller type!!!
STEP 2: List in-Guest Backup Agent details (case-sensitive)
- http://backup.local
- Remark: Operating Systems description are not (always) up to date, which could lead to wrong choice of template.
- Remark: Everyone using the same (personalised) admin accounts is not a best-practise for logging purposes > use admin groups!
STEP 3: list IP Configuration details
- http://cmdb.local
- Issue: NO DNS information available
- Remark: everyone using the same (personalised) admin accounts is not a best-practise for logging purposes > use admin groups!
STEP 3: deploying a VM template + change VM hardware
- remark: no OS optimization enabled in vCenter
- Issue: different HAL is impossible to know (i.e. single-processor/multiprocessor)
- remark: due to lack of VAAI plugin for Storage Array, this process takes over 15-20 minutes.
STEP 4: perform guest OS & IP changes
- if DMZ > change host file
- x.x.x.x backupserver backupserver.local (server VLAN)
- x.x.x.x backupserverb backupserverb.local (backup VLAN)
- Remark: using local host-file changes makes restore unnecessary complicated. Make these changes in DNS.
STEP 5: initialize new disk(s)
- Issue: drive letters unknown in CMDB
STEP 6: set <old school software> client details
STEP 7: reboot
STEP 8: take VM snapshot in case restore fails
THESE 8 steps take about 1 hour to complete
STEP 9: restore C:\
- Issue: restore procedure cannot be killed by admin > no way to know real progress without involving global team.
This process takes about 30 minutes to complete
STEP 10: restore SystemState
This process takes about 30 minutes to complete
STEP 11: reboot
STEP 12: restore Data disks
The time this process takes depends on the size of the machine.
===========================================
Somehow I have a feeling this not really the most efficient way to protect your infrastructure.