proofread guide.en-gb.md

Jessica41 · web-flow · commit e8af9610578f · 2025-08-14T15:28:39.000-04:00
diff --git a/pages/account_and_service_management/reversibility/05-snc-vmware-reversibility-policy/guide.en-gb.md b/pages/account_and_service_management/reversibility/05-snc-vmware-reversibility-policy/guide.en-gb.md
@@ -5,7 +5,7 @@ updated: 2025-08-14
 
 ## Objective
 
-This document is the reversibility policy of the Product Managed Dedicated Cloud - SecNumCloud covering the OVHcloud offer [VMware on OVHcloud under SecNumCloud qualification ](https://www.ovhcloud.com/en-gb/enterprise/products/secnumcloud/).
+This document is the reversibility policy of the Product Managed Dedicated Cloud - SecNumCloud covering the OVHcloud offer [VMware on OVHcloud under SecNumCloud qualification](https://www.ovhcloud.com/en-gb/enterprise/products/secnumcloud/).
 
 This policy aims to implement the general reversibility principles and our compliance with the SWIPO IAAS Code of Conduct for cloud providers.
 
@@ -18,27 +18,26 @@ Features of the product line fall into three categories:
 3. **Specific features** that cannot be guaranteed for migration as they are related to the OVHcloud environment or involve custom developments.
 
 
-## 1. Core features
+### 1. Core features
 
 | **Function** | **Description** | **Available formats** | **Migration model** | **Available documentation** |
 | --- | --- | --- | --- | --- |
-| Virtualisation| VM management via vSphere, vCenter, vMotion, and support for VMware standard formats | OVA, OVF | **Inbound**:<br>- Subscription to a Private Cloud SecNumCloud project.<br>- Order the appropriate number of hosts and datastores on the project to get a capacity comparable to that of the original infrastructure.<br>-Migration of VMs, disks, snapshots using a specialized tool (Veeam, API, ...) or manually.<br>-Use of the SecNumCloud zone's VPN Gateway or a custom VPN solution (e.g. NSX or virtual machine third party solution) to ensure data encryption when migrating from an external network.<br>-Then enable VM encryption and vSAN Cluster datastores using the vNKP software brick or your own KMS (compatible with the KMIP protocol). <br> -Use of the SPN (Secure Private Network) to connect SecNumCloud services inside a hosting site. <br>-Use of the inter DC SPN solution to connect your qualified infrastructure hosted in other hosting sites covered by the SecNumCloud qualification at OVHcloud <br><br>**Outbound**: <br> - Planning the target environment capabilities compared to the original environment. Export VMs, disks manually or with specialized tools and reuse any VMware or compatible environment following standard formats. <br>**- Encrypted data migration scenario with vNKP :** Set up an encrypted link between the OVHcloud hosting site and destination site. Export the vNKP key of the OVHcloud hosting environment. Import the vNKP key into the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers. <br>**-Customer-specific KMS encrypted data scenario:** Setting up an encrypted link between the OVHcloud hosting site and destination site. Configuration of your KMS on the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers.  | The documentation [vSphere SecNumCloud](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc_getting_started) applies as soon as the service is delivered, to secure the connection and an end-to-end data encryption. Following this, the [documentation vSphere standard](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-CEFF6D89-8C19-4143-8C26-4B6D6734D2CB.html) applies.<br><br>[Deploy an OVF Linux, Windows Server et Windows SQL Server](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/ovf_template)<br><br>[Deploy a virtual machine with vSphere](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/deploiement_d_une_machine_virtuelle)<br><br>[Create a cluster and activate EVC](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/create_cluster_enable_evc)<br><br>[Virtual machine encryption interoperability](https://docs.vmware.com/fr/VMware-vSphere/8.0/vsphere-security/GUID-C0AF1F3A-67B4-41A6-A933-7E52A3603D9D.html)<br><br>[Back up a vSphere Native Key Provider](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/6-7/vsphere-security-6-7/configuring-and-managing-vsphere-native-key-provider/back-up-a-vsphere-native-key-provider.html).{external}<br><br>[vNKP - Enabling virtual machine encryption](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vm_encrypt-vnkp) |
+| Virtualisation | VM management via vSphere, vCenter, vMotion, and support for VMware standard formats | OVA, OVF | **Inbound**:<br>- Subscription to a Private Cloud SecNumCloud project.<br>- Order the appropriate number of hosts and datastores on the project to get a capacity comparable to that of the original infrastructure.<br>-Migration of VMs, disks, snapshots using a specialized tool (Veeam, API, ...) or manually.<br>- Use of the SecNumCloud zone's VPN Gateway or a custom VPN solution (e.g. NSX or virtual machine third party solution) to ensure data encryption when migrating from an external network.<br>- Then enable VM encryption and vSAN Cluster datastores using the vNKP software brick or your own KMS (compatible with the KMIP protocol). <br> - Use of the SPN (Secure Private Network) to connect SecNumCloud services inside a hosting site. <br>- Use of the inter DC SPN solution to connect your qualified infrastructure hosted in other hosting sites covered by the SecNumCloud qualification at OVHcloud <br><br>**Outbound**: <br> - Planning the target environment capabilities compared to the original environment. Export VMs, disks manually or with specialized tools and reuse any VMware or compatible environment following standard formats. <br>**- Encrypted data migration scenario with vNKP:** Set up an encrypted link between the OVHcloud hosting site and destination site. Export the vNKP key of the OVHcloud hosting environment. Import the vNKP key into the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers. <br>**- Customer-specific KMS encrypted data scenario:** Setting up an encrypted link between the OVHcloud hosting site and destination site. Configuration of your KMS on the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers. | The documentation [vSphere SecNumCloud](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc_getting_started) applies as soon as the service is delivered, to secure the connection and an end-to-end data encryption. Following this, the [documentation vSphere standard](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-CEFF6D89-8C19-4143-8C26-4B6D6734D2CB.html) applies.<br><br>[Deploy an OVF Linux, Windows Server et Windows SQL Server](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/ovf_template)<br><br>[Deploy a virtual machine with vSphere](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/deploiement_d_une_machine_virtuelle)<br><br>[Create a cluster and activate EVC](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/create_cluster_enable_evc)<br><br>[Virtual machine encryption interoperability](https://docs.vmware.com/fr/VMware-vSphere/8.0/vsphere-security/GUID-C0AF1F3A-67B4-41A6-A933-7E52A3603D9D.html)<br><br>[Back up a vSphere Native Key Provider](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/6-7/vsphere-security-6-7/configuring-and-managing-vsphere-native-key-provider/back-up-a-vsphere-native-key-provider.html)<br><br>[vNKP - Enabling virtual machine encryption](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vm_encrypt-vnkp) |
 | Virtual network management | Network configuration via NSX, VLAN management, routing, firewall, network security via API or UI | YAML, JSON, scripts | **Inbound**: definition of networks, VLAN, firewall rules <br>**Outbound**: export of network configurations through the available VMWare APIs | [Getting started with NSX](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/nsx-01-first-steps) |
 | Dedicated storage (vSAN and/or NFS) | Use of dedicated vSAN and/or NFS datastores, snapshot and clone management. | NA | **Inbound**: add datastores, restore VMs and snapshots <br>**Outbound**: export VMs and snapshots to compatible target storage. | [Using VMware Hyperconvergence with vSAN](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vmware_vsan)|
 
-## 2. OVHcloud Implementations
+### 2. OVHcloud Implementations
 
 | **Function** | **Description** | **Available formats** | **Migration model** | **Available documentation** |
 | --- | --- | --- | --- | --- |
-|VPN Gateway|An IPsec VPN gateway that connects external networks to the SecNumCloud infrastructure through an encrypted funnel |N/A|**Inbound**: subscription and use of the VPN Gateway service included in the qualified scope. <br><br>**Outbound**: use of the vRack service included with other OVHcloud services, or take note of the network architecture, replicate it with VLANs and another encrypted tunnel.|[Introduction to SecNumCloud Connectivity](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-overview)<br><br>[VPN-SPN concept overview](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-vpn-spn)<br><br>[Personalized VPN via NSX](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/nsx_configurer_un_vpn_via_une_gateway_edge)|
+| VPN Gateway | An IPsec VPN gateway that connects external networks to the SecNumCloud infrastructure through an encrypted funnel |N/A|**Inbound**: subscription and use of the VPN Gateway service included in the qualified scope. <br><br>**Outbound**: use of the vRack service included with other OVHcloud services, or take note of the network architecture, replicate it with VLANs and another encrypted tunnel.| [Introduction to SecNumCloud Connectivity](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-overview)<br><br>[VPN-SPN concept overview](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-vpn-spn)<br><br>[Personalized VPN via NSX](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/nsx_configurer_un_vpn_via_une_gateway_edge) |
 |SPN|A private network that connects the resources and services available in the SecNumCloud infrastructure to one or more sites in the SecNumCloud zone. It can also be used to connect other OVHcloud services, or services hosted with a third party via the VPN Gateway.|N/A|**Inbound**: subscription to and use of the SPN service included in the qualified scope.<br><br>**Outbound**: take note of the network architecture and replicate it with the concepts of subnets and routing.|[SPN introduction and concepts](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-spn)<br><br>[SPN connector](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-spn-connector)|
 |SPN Inter-DC|An encrypted link between two sites hosting the SecNumcloud infrastructure, enabling SPNs to be connected.|N/A|**Incoming**: subscription to and use of the Inter-DC SPN service included in the qualified scope.<br><br>**Outbound**: configuration of IP routing between two sites hosting the SecNumcloud infrastructure outside of OVHcloud.|[SPN InterDC option](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc-connectivity-concepts-spn)|
 |Monitoring and supervision|VMware standard monitoring solution via vROps|Many formats supported by the platform(e.g JSON, Syslog, etc) |**Inbound**: vROps is included by default with every VMware Private cloud. Adaptation of Cloud dashboards and monitoring agents.<br><br>**Outbound**: installation and configuration of vROps in a vSphere environment.Export metrics/logs and reconfigure the new environment|[First connection on vROps](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vrops_introduction)|
 |Managed Veeam backup|Backup as a service solution for VMs|VBK, VIB, VBM|**Inbound**: enable a Veeam backup option in the [OVHcloud Control Panel](/links/manager). The import of external backups isn't possible <br><br>**Outbound**: export primary data (excluding backed-ups data). Customers can export their primary data (excluding backed-up data) and configure a backup solution of their choice at the destination site.|[Enable and use Veeam Managed Backup](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/veeam_backup_as_a_service)<br><br>[Move2Cloud - Migrating VMware Workloads to OVHcloud SecNumCloud with Veeam Replicationn](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vmware_migration_veeam_secnumcloud)|
 |Zerto|Business continuity and disaster recovery platform.|N/A|**Inbound**: activation of the option in the [OVHcloud Control Panel](/links/manager) or directly in the provided Zerto Replication Interface.<br><br>**Outbound**: export zerto VPG settings and import those settings in the new environment.|[Setting up Zerto Virtual Replication for your DRP](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/zerto_virtual_replication_as_a_service)<br><br>[Migrate VMware workloads to OVHcloud SecNumCloud Hosted Private Cloud with Zerto](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vmware_migration_zerto_secnumcloud)<br><br>[Exporting Zerto VPG settings](https://www.zerto.com/myzerto/knowledge-base/exporting-and-importing-vpg-settings-with-zerto-diagnostic-tool/)|
 
-
-## 3. Specific features
+### 3. Specific features
 
 | **Function** | **Description** | **Available formats** | **Migration model** | **Available documentation** |
 |---|---|---|---|---|
@@ -63,4 +62,3 @@ No specific cancelation fees apply: deleting the service will stop the billing i
 ### Data retention after contract termination
 
 After termination or deletion of the service, OVHcloud permanently deletes all data, VMs, snapshots and configurations by securely deleting the storage media. This deletion will be subject to 21 calendar days’ notice. It is imperative to export all necessary data before permanent deletion, as no post-removal recovery will be possible.
-
