Skip to main content

Cyber Recovery Plan Dashboard

Updated today

πŸ“NOTE: The availability of this feature may be limited based on the license type, region, and other criteria. To access this feature, contact support.

The following article provides information about the Cyber Recovery Plan dashboard.

Overview

This guide explains how to view, manage, and understand the results of recovery plans within the Cyber Resiliency platform.

Access path

From the DCP Console, go to the Global Navigation menu -> Ransomware Recovery. Select the Cyber Recovery tab from the left navigation panel. The Cyber Recovery Dashboard appears.

Overview of Cyber Recovery Plans

The Cyber Recovery dashboard is the central hub for managing data restoration after a security incident or for routine testing. It provides a summary of all existing recovery strategies.

  • Recovery Plan: a new tool that transforms recovery from a slow, manual process into an automated, threat-aware operation. While traditional disaster recovery is built for power outages or hardware failures, this feature is specifically engineered to defeat modern cyber threats.

  • Plan Cards: Each box represents a specific plan.

    • Scheduled Recovery: Runs automatically at set intervals (e.g., Quarterly).

    • Live Incident Recovery: Triggered manually in response to an active threat.

Key Actions

You can perform the following actions on the Cyber Recovery Plan dashboard:

  • Create Recovery Plan

  • Search for a specific recovery plan using the Recovery Plan Name criteria

  • Use the Filters to sort and list Cyber Recovery Plans based on specific criteria.

Filters

Description

Recovery Type

Scheduled or Live Recovery

Recovery Status

  • Never Run: The created Recovery Plan that was never executed.

  • Running Threat Hunt: Recovery Plan with Threat Hunt in progress.

  • Ready To Run: Recovery Plan ready for execution.

  • Running: Recovery Plan in progress.

  • Completed: Recovery Plan completed successfully.

  • Failed: Recovery Plan that failed.

  • Cancelled: Recovery Plan that was cancelled from execution after it was started.

Plan Status

Active

Paused

Archived

Managing Plan Details

When you click on a specific plan, you enter the Details view.

Plan Details tab

The details view varies based on the type of Recovery Plan.

  • Details: Provides basic plan details such as the name, description, plan type, who created the plan, Plan Status, Testing frequency and start time (For Scheduled Recovery Plan), Run date and time (For Live Recovery Plan)

  • Execution Details (For Scheduled Recovery Plan): Provides details about the latest date and time of plan execution, next scheduled execution time, and count of execution for the plan.

  • Snapshot Selection: This defines the "point in time" the system looks at.

    • Snapshot Recovery Window: The date range from which a backup was chosen.

    • Recovery option: The criteria chosen for recovery.

    • Scan Criteria: Shows if the system is looking for specific malicious files (Hashes) or file types (Extensions) before restoring the data.

  • Post Restore Actions (Recovery Settings section): Actions taken automatically after recovery, such as detaching network cards to prevent the spread of malware or running a post-boot script.

  • Target Environment: Shows where the data will be restored, including the Destination Hypervisor and Data Source.

Resources tab

Shows exactly what is being protected.

  • Resource Name: Typically the name of the Virtual Machine (VM).

  • vCenters/ESXi Hosts: The technical location where the data lives.

  • Guest OS Credentials: A green key icon indicates that the system has the necessary permissions to access and recover that specific machine.

  • Size: The backed up data size for the resource.

Recovery Report tab

Once a recovery plan finishes, the system generates a Recovery Report. This report confirms whether your data is safe and accessible. The key metrics include:

  • Recovery Status: Shows if the overall job was Completed, Cancelled, or Failed.

  • Total Recovery Time: The actual time taken to complete the entire restoration.

  • Average RTO: Recovery Time Objective - how fast the system recovered on average.

  • Impacted Resources: The number of items that failed to recover correctly.

  • Resource List: A detailed table at the bottom lists every individual machine, its specific start/end time, and the size of the snapshot data recovered.

Checking Individual Plan Details

If you click on a Job ID (a blue number like 248 or 253), a pop-up window appears with technical specifics for that one event.

  • Restore Scan Details: If a restore scan was performed during recovery, the status will be listed here.

  • Post-Restore Actions: This shows the security measures taken after recovery, such as:

    • Network Card: Whether the machine was reconnected to the internet (Detached means it is isolated for safety).

    • Delete Malicious Files: Confirms if the system automatically cleaned up any threats found.

Key Actions

You can perform the following actions on these tabs:

  • Download Report for offline investigation and audit purposes.

  • More options (Three blue dots) to Pause or Archive a Scheduled Recovery Plan.

  • Use the Filters to sort and view details based on specific criteria such as Recovery Status.

Recovery Plan editing restrictions based on the Recovery Plan Status

Plan Status

Editable Fields

Non-Editable Fields

Running Threat Hunt

All fields except the following:

* Plan Name

* Plan Schedule

* Snapshot Selection Criteria / Threat Hunt Configuration

* Resources

Running

None

All fields

Related Articles
Restore EC2 and EBS resources using Cyber Recovery (Recovery Intelligence)
Restore of Azure VM resources using Cyber Recovery (Recovery Intelligence)
Get Started with Cyber Recovery Plans
Scheduled Cyber Recovery Testing plan
Live Incident Recovery Plan
Did this answer your question?