Overview
Recovery Operations
The recovery workflows for restore, browsing, validation, file recovery, item recovery, and DR failover.
Definition
Recovery operations are the Sendense workflows used to prove, browse, restore, or promote protected workloads after data has been written to EBA or replicated to a recovery target.
They cover everything from recovering a single file to promoting a replicated DR target as production.
Recovery Operation Types
Distinct operations
A restore from EBA, a DR failover, and a rollback are different operations with different safety gates and outcomes.
Component Roles
Protection patterns determine which recovery points exist and how long they remain available. Replication patterns determine which workloads have maintained DR targets and which failover actions are available.
Planning a Recovery
Before starting a recovery operation, answer six questions:
- What needs to come back: a VM, files, application items, or a replicated service?
- Which recovery point or replicated target should be used?
- Where should the recovered workload or data land?
- Which safety choices apply: power on, overwrite, network mapping, MAC address, test network, guest IP handling, commit, or rollback?
- What evidence is needed after the operation?
- What cleanup, retention, or governance constraints still apply?
Common Safety Gates
Recovery operations can be blocked or shaped by the state of the environment. Common gates include:
- The EBA repository is unreachable or unhealthy.
- The recovery point's health or dependencies are not ready.
- Legal hold, immutability, or retention governance restricts the requested action.
- Target credentials or destination inventory are missing.
- The SNA or Sendense Controller involved is unreachable.
- Another job is active on the same VM, repository, or replication target.
- Source metadata needed for boot, firmware, guest OS, network, disk, or placement decisions is incomplete.
- The operator lacks permission, or a destructive action still needs confirmation.
Most blocks have a direct fix
Choose a different recovery point, restore repository access, fix credentials, run discovery, wait for the active operation to finish, or select a different target.
Evidence and Audit
Every recovery operation is auditable. Sendense records:
- Job progress and step history.
- The operator who ran the operation.
- The selected source recovery point or replication target.
- The selected destination.
- Recovery point health and location state.
- Validation results and warnings.
- Cleanup or rollback outcomes.
- Commit status for live failovers.
Important Distinctions
- Recovery operations are not backup scheduling — protection patterns control when backups run.
- Recovery validation is not application acceptance testing.
- File-level recovery is not a full VM restore.
- Rollback is not failback. Rollback reverses an uncommitted failover; failback is a later planned move of production back to a primary site.
- Commit is final. After commit, the promoted workload is production and the failover rollback path is no longer available.
Related Docs