What is a Snapshot?
A snapshot is a capture of the state of a system at a specific moment in time. It is most often used within virtual environments to be able to return quickly to a previous, working configuration.
Snapshots are essential when making changes to VMs, SCADA servers, Historian databases, or Engineering Stations — particularly in industrial environments where continuity and reliability are crucial.
🧠 How does a snapshot work?
- Freezing the system state
- The current state of the VM (memory, configuration, disk state) is captured
- Storing as a reference point
- New data is stored separately; the original snapshot remains unchanged
- Uses little space, unless retained for a long time
- Rollback or restore
- In case of error (e.g. a failed update), the system can be restored quickly
- Reboot or recovery possible within minutes
A snapshot is not a full backup, but a temporary safety measure before risky actions.
🏭 Application in industrial OT environments
- Before software updates on SCADA, PLC tools, or MES
- Prior to configuration changes to Firewall, Historian, or VM
- In test environments for validating new HMI or Batch Control scenarios
- Fallback option during migration to new versions or architectures
- Part of Disaster Recovery and Change Management
Often used in combination with virtualisation platforms such as VMware vSphere, Hyper-V, or Proxmox.
🔍 Snapshot vs. Backup
| Characteristic | Snapshot | Backup |
|---|---|---|
| Purpose | Quick recovery after a change | Long-term retention of data/configuration |
| Recovery time | Very fast (seconds to minutes) | Slower (minutes to hours) |
| Storage usage | Low for short durations | Larger (full copy) |
| Use | Temporary and local | External and secure (e.g. offsite/cloud) |
Best practice: use snapshots for quick rollback, backups for structural protection.
🔐 Security aspects
- Snapshot ≠ immutable: it can be modified or deleted → combine with Immutable Backup
- Only administrators may create/restore snapshots → apply RBAC
- Document snapshot moments in Change Management logs
- Note: long retention can negatively affect performance or storage capacity
- Not a replacement for offsite Backup, particularly given Ransomware risk
📌 In summary
A snapshot is a powerful tool for quickly reverting to a previous system state. It is indispensable for risky changes and system management in OT environments — but no substitute for full backups.