ZeroLock® Management Console Guide for Zerto Operations

Zerto is a disaster recovery and data protection platform. It’s mainly used in virtualized and hybrid cloud environments to keep business-critical workloads running during outages, cyberattacks, or system failures.

Here are the key points:

Core Function

• Continuous Data Protection (CDP): Unlike traditional backup, Zerto continuously replicates data at the hypervisor layer (VMware vSphere, Microsoft Hyper-V, etc.) so recovery points are just seconds apart.
• Disaster Recovery (DR): If a primary site goes down, Zerto can fail over to a secondary site or cloud provider with minimal downtime and data loss.
• Cloud Mobility: It supports migrations between on-premises datacenters and public clouds (like Azure, AWS, Google Cloud).

Features

• Journal-based recovery: Keeps a rolling history (from minutes to days) so you can recover to an exact point in time.
• Orchestration & Automation: Automates failover and failback processes across multiple VMs or entire applications.
• Testing without disruption: Lets you run recovery drills anytime without affecting production systems.
• Ransomware recovery: Provides near-instant rollback to a clean state just before an attack.

Where it’s used

• Enterprises that run critical workloads on VMware, Hyper-V, or the cloud.
• Organizations that need strong disaster recovery SLAs (low RTO and RPO).
• Companies modernizing from legacy backup/DR to something more cloud-flexible

Explanation of Zerto Rules

When deploying Zerto in an environment protected by the ZeroLock Management Console (ZMC), specific Policy Rules must be configured to ensure full functionality. Zerto relies on continuous replication, orchestration, and communication across hypervisors, storage, and cloud endpoints. Without proper allowances, the ZMC may block or restrict critical traffic that Zerto uses for replication services, failover orchestration, and management plane operations.

By putting clear Policy Rules in place, administrators can preserve the protection ZeroLock provides while allowing Zerto to run without disruption. This balance ensures disaster recovery, migration, and data protection workflows continue to function as intended.

The ZeroLock protection rules were created specifically to allow the Zerto agent to operate without being blocked.

Below is a breakdown of what each rule does:

ID 62 – FILE: Allow Zerto /tmp File Creation

• Type: File rule
• Purpose: Lets the Zerto agent create temporary files under /tmp.
• Why is it needed: Many applications, including Zerto, create working or staging files in /tmp. Without this rule, ZeroLock would block those writes.

ID 63 – FILE: Allow Modification of Zerto /vmfs Files

• Type: File rule
• Purpose: Permits modification of files that Zerto manages within the /vmfs filesystem.
• Why needed: Zerto replication and recovery operations often interact with VMFS files (for snapshotting, journaling, or recovery). Blocking this would stop Zerto from functioning.

ID 180 – PROGRAM: Allow Zerto Commands

• Type: Program rule
• Purpose: Authorizes execution of Zerto-specific binaries and commands.
• Why needed: ZeroLock would normally block unrecognized binaries or commands from running. This rule ensures Zerto’s agent commands can execute.

ID 181 – PROGRAM: Allow Zerto to Execute Any Command

• Type: Program rule
• Purpose: Grants the Zerto agent broad permission to execute commands.
• Why needed: Some Zerto processes may call multiple system utilities during replication, recovery, or failover. This prevents ZeroLock from blocking those calls.
  
  

ID 188 – ORDERED: Zerto Allowance Rules

• Type: Ordered rule set
• Purpose: Groups all the above Zerto rules into an ordered set so they are applied consistently.
• Why needed: Ordered rules define how ZeroLock processes allow/deny logic. This ensures all Zerto-related exceptions are applied together before stricter rules take effect.

For more information, please visit the Vali Cyber Support page.