Introduction To The Zerto Solution : Zerto Analytics - Overview : Zerto Analytics Secure Architecture
  
Zerto Analytics Secure Architecture
Transmitted Zerto Analytics data is securely stored and can be securely viewed and exported by the user. The data is also used by the analytics engine to provide advanced guidance and analysis. The following section describes the secure architecture that provides the path to transmit, the datastore where the data is housed, and access of that data.
ZVM sends all the data over HTTPS TLS 1.2 only to https://zerto-mobile-data.zerto.com. The data is stored in the Samples Storage in the SaaS backend, located in the public cloud. All communication to and from the cloud are encrypted (HTTPS) using TLS 1.2. Furthermore, the data is isolated in the SaaS backend and accessible only within the backend itself an via VPN from Zerto. End users are authenticated using their myZerto credentials.
Transmission and Storage of Site Status
ZVM transmits current site status over secured HTTPS to the SaaS backend in short (~1 minute) intervals. The SaaS backend collects site status data from all transmitting sites and stores it in the “Samples Storage”. The “Samples Storage” is secured inside an internal protected network and is accessible only within the backend itself and via VPN from Zerto. The samples are kept in the “Samples Storage” of the Zerto Analytics cloud for 30 days to support 30 days of report history.
User Authentication and Authorization
Before sending any request to the backend, a client (browser/mobile/RESTful client) must obtain a security token which securely identifies the user. The security token is achieved by authenticating the user against the Identity Provider (IDP). Each client request contains the security token. For each request, the backend validates the security token and authorizes execution of the request according to the user’s identity which is part of the security token’s payload.
Reporting Historical Data
For each client request, the backend gets the latest data from the relevant samples as stored in the “Samples Storage”. The relevant data is sent to the client.
Zerto Analytics Collected Data
The Zerto Analytics dashboard utilizes several metrics to deliver detailed monitoring and reporting of your multi-site Multi-Cloud environment. The following table was created to address privacy and security issues surrounding data collection.
This table outlines each piece of information that is collected and sent from the ZVM for Zerto Analytics.
 
Components
Parameter
Description
Alerts
 
affectedZorgs
List of ZORGs affected by the alert.
affectedZorgIds
List of ZORG IDs affected by the alert.
alertIdentifier
Internal alert identifier.
affectedVpgIds
List of VPG IDs affected by the alert.
alertType
Help identifier associated with the alert.
createdDateinUTC
The time the alerts was created.
description
Alert description.
entityType
The entity for which the alert applies.
severity
Alert severity (Warning or Error).
site
The site which is affected by the alert.
Tasks
 
taskName
The task type.
taskIdentifier
Unique identifier of the task.
status
The status of the task,
startedDateInUtc
The time the task started.
completedDateInUtc
The time the task was completed.
progress
Progress of the task in percentage of completion.
sitename
Name of the site.
protectedDataInMB
Total data protected in the ZVM site.
siteIdentifier
Internal site identifier.
transmitterCycleInSec
Number of seconds between two (2) data transmissions.
type
Site environment.
initiatedBy
Name of user who initiated task.
information
Task details.
relatedVpgsList
List of VPGs related to the task.
relatedSitesList
List of sites related to the task.
Site
 
collectionTimeInUtc
Time the ZVM data was collected.
documentVersion
Version of the document.
hashedLicenseKey
ZVM license hashed.
isTransmissionEnabled
Whether transmission of data was enabled by the user.
sitename
Name of the site.
protectedDataInMB
Total data protected in the ZVM site.
siteIdentifier
Internal site identifier.
transmitterCycleInSec
Number of seconds between two (2) data transmissions.
type
Site environment.
utcOffsetInMinutes
Offset of the site time from UTC, in minutes.
version
Zerto Virtual Manager version.
vpgsAlertsCount
Number of active alerts in ZVM.
zorgsCount
Number of ZORGs in the ZVM site.
zvmIp
IP of the ZVM
VPGs
 
actualJournalHistoryInSeconds
The actual journal history, in seconds.
actualRpoSeconds
Time since the last checkpoint was written to the journal in seconds.
configuredJournalHistoryInMinutes
Configured journal history, in minutes.
configuredRpoSeconds
Configured RPO, in seconds.
earliestRecoveryPointLocalDateInUtc
Time of the earliest checkpoint in the journal.
priority
Priority specified for the VPG.
protectedSite
Protected site details (Site ID, Site Name, Site Type and ZVM version).
recoverySite
Recovery site details (Site ID, Site Name, SiteType and ZVM version).
status
Status of the VPG.
subStatus
Substatus of the VPG.
vpgIdentifier
Identifier of the VPG.
vpgName
Name of the VPG.
zorgName
Name of the Zerto organization set up in the Zerto Cloud Manager, which uses this VPG.
VMS
 
IOPS
IO per second between all the applications running on the virtual machine in the VPG and the VRA, that sends a copy to the remote site for replication.
journalHardLimit
Maximum journal size in MBs, or in a percentage of the virtual machine volume size.
journalWarningThreshold
Journal size in MBs, or in a percentage of the virtual machine volume size, that generates a warning when the journal is nearing its hard limit.
outgoingBandWidthInMbps
Bandwidth throttling defined for the virtual machines.
provisionedStorageMb
The storage provisioned for the virtual machine in the recovery site.
throughputInMB
MBs of all the applications running on the virtual machine being protected.
usedJournalStorageMb
Storage used by the virtual machine at the recovery site for Journals.
usedStorageMb
Storage used by the virtual machine at the recovery site.
vpgName
The name of the VPG, of which the VM is associated.
vmIdentifier
ID of the VM.
vmName
Name of the VM.
VRAs
 
vraName
Name of the VRA.
vraVersion
Version of the VRA.
Events
 
eventIdentifier
The identifier of the event.
eventCategory
Category of the event. (Possible values: VPG, VRA, Site).
eventType
The type of event.
siteIdentifier
The internal site identifier related to the event.
zorgIdentifier
The identifier of the Zerto organization (ZORG), defined in the Zerto Cloud Manager.
zorgName
The name of the Zerto organization (ZORG) set up in the Zerto Cloud Manager.
description
The event description.
occurredOnInUTC
The date the event occurred.
eventCode
The event code.
eventCompletedSuccessfully
Whether the event completed successfully or not.
ZORGs
 
zorgIdentifier
The identifier of the Zerto organization (ZORG), defined in the Zerto Cloud Manager.
zorgName
The name of the Zerto organization (ZORG) set up in the Zerto Cloud Manager.
Datastores
 
datastoreIdentifier
The datastore identifier.
datastoreName
The datastore name.
devices
The datastore device.
type
The datastore type.
capacityInBytes
The datastore capacity.
usedInBytes
The datastore usage. (Possible values: journal usage; scratch usage; protected usage; recovery usage; appliance usage; other non-Zerto usage)
Volumes
 
 
datastore
The owning datastore.
isThisProvisioned
Provision type.
owningVm
The virtual machine on which the volume is attached.
path
The volume path.
protectedVm
The protected virtual machine to which the volume is related.
size
The volumes used storage.
volumeType
The volume type.
vpg
The VPG to which the volume is related.
Planning
Metrics are collected for all VMs from the source site.
 
 
WriteKBps - Hourly Avg.
The hourly average data write rate.
WriteIOPS - Hourly Avg.
The hourly average IO count per second.
VM ID
The virtual machine identifier.
Datacenter Name
The datacenter name.
Datacenter ID
The datacenter identifier.
Host Name
The host name.
Host ID
The host identifier.
Cluster ID
The cluster identifier.
Cluster Name
The cluster name.
Folder
The VM folder.
Configured CPU
The configured CPU.
Configured RAM
The configured RAM.
Provisioned Size (GB)
The provisioned storage .
Used Size (GB)
The used storage.
Disk Count
Number of virtual disks.