What’s New in Zerto: Q4 2024 Edition
Across all of 2024, Zerto focused on security, performance, and efficiency improvements. Q4 brought several powerful security enhancements to Zerto both on premises and in the cloud. Let’s look at these and other new Zerto updates for Q4 2024.
Support for vSphere UEFI Secure Boot
Zerto was created before VMware implemented UEFI secure boot and the vSphere APIs for IO Filtering (VAIO) framework with a revolutionary way to capture IO and provide near-synchronous replication. This approach allowed Zerto to deliver some of the lowest RPOs and RTOs at scale on VMware with our recovery journal for continuous data protection. Unfortunately, our unique IO filter was not supported in the VAIO framework and by UEFI secure boot.
Enabling support for UEFI secure boot was a growing need as security requirements are increasing across industries. To provide this support, Zerto implemented support for the VAIO framework, allowing Zerto to be installed in VMware using a cryptographically signed vSphere Installation Bundle (VIB). This signed VIB and secure boot support make Zerto fully certified in highly secure VMware environments.
Support for the VAIO framework will still allow Zerto to provide our continuous data protection with near-synchronous replication, the recovery journal, and RPOs of seconds and RTOs of minutes. Zerto will continue to provide the non-VAIO filter driver and the new VAIO IO filter as options for you to choose from. There are differences between the two drivers in some of the configurations supported, such as cross-platform configurations, so be sure to check the updated documentation before choosing to switch the new VAIO-supported filter driver.
VMware Virtual Trusted Platform Module (vTPM) Support
Zerto now supports vTPMs on VMs on vSphere. Where a vTPM is configured for a VM, Zerto will recreate that vTPM in the recovery site for that VM. This added protection enhances security for VMs in recovery with encryption and integrity verification features provided by the vTPM.
Azure Encrypted Volumes and Key Vault Support
Encrypted volumes in Azure may now be protected by Zerto alongside non-encrypted volumes. Zerto supports protection of encrypted volumes by either using a platform managed key (PMK) or customer managed keys (CMKs). CMKs can be assigned to the Zerto Virtual Replication Appliance (VRA) from the Azure Key Vault to access and protect the encrypted volumes. This support adds protection to secure data environments within Azure.
Azure Secure Offline Updates
Within Azure, virtual networks can be isolated from the internet for security. These offline sites are often referred to as dark sites and have requirements for offline updates. To support those environments, you can now update the Zerto Cloud Appliance in Azure without a connection to the internet.
Zerto for AWS Now Available on AWS Marketplace
You may now purchase Zerto for AWS directly from the AWS Marketplace for Disaster Recovery and Migrations. This purchase option simplifies procurement and the spending for the Zerto for AWS purchase decrements AWS Enterprise Discount Program (EDP) spend commitment. With the purchase, Zerto for AWS can be deployed directly into AWS from the AWS Marketplace.
For specific questions about these updates, get in touch or request a demo.
David Paquette 
