If my servers On-premises was infected by ransomware, ASR server in the cloud, infected

Luis G Mieles B 20 Reputation points
2023-09-29T13:06:09.65+00:00

Hi everyone,

I have a solution with ASR (Azure Site Recovery) I have 75 servers On-Premises.

If my servers On-premises were infected by ransomware, what will happen with the servers in the cloud, that are protected with Azure Site Recovery, is possible that the servers in the cloud protected with Azure Site Recovery got this infection?

Thanks for your help.

Azure Site Recovery
Azure Site Recovery
An Azure native disaster recovery service. Previously known as Microsoft Azure Hyper-V Recovery Manager.
828 questions
0 comments No comments
{count} votes

Accepted answer
  1. SadiqhAhmed-MSFT 49,331 Reputation points Microsoft Employee Moderator
    2023-10-03T19:56:19+00:00

    Hello @Luis G Mieles B Thank you for reaching out to us on Microsoft Q&A platform. Happy to answer any question you may have!

    Azure Site Recovery (ASR) replicates at the disk level, not at the file level. Meaning, any changes (write operation) made to the disk are replicated to Azure. There is no native protection from ransomware or viruses because ASR is simply copying those disk level changes to the managed disks in Azure.  So, yes, your infected on-premises VM would be replicated to Azure. The best way to work around this would be to use a longer retention in the replication policy. You can set it to hold up to 15 days' worth of recovery points. That could give you the ability to go back to before the infection.

    Set up replication policies for VMware disaster recovery with Azure Site Recovery - Azure Site Recovery | Microsoft Learn

    Also, let me clarify something. The only thing that would be “infected” would be the replication points. You would have to perform a failover to bring up the infected server in Azure.

    Hope this helps. Please let me know if you have any questions!


    If the response helped, do "Accept Answer" and up-vote it

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.