We have been experimenting with various backup methods in our environment. We have a Hyper-V host that has our Veeam server as a VM on it. We have a Synology device directly plugged into the host and we want to setup a backup repository using iSCSI.
I believe we have 2 options:
1. Add iSCSI as a drive on the host and add that drive as a shared drive in Hyper-V manager to the VM.
2. Add additional NIC to Hyper-V VM and configure with 10.10.10.x address to talk to Synology and add via iSCSI initiator directly to the VM.
What is the best practice for setting this up?
-
IronNels
- Novice
- Posts: 3
- Liked: never
- Joined: Oct 17, 2024 2:55 pm
- Full Name: Chris Nelson
- Contact:
-
Mildur
- Product Manager
- Posts: 11755
- Liked: 3319 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Best Practice iSCSI as backup repository with Hyper-V
Hi Chris,
Never connect your iSCSI LUN to the Hyper-V host and use virtual VM disks as backup storage. If you lose the host along with the VMs, you’d first have to deploy a new Hyper-V server and rebuild a new VM before you could access your backup disks again. So this should only be option 2 if you have no other choice than Synology iSCSI LUNs as backup storage.
Consider using a Linux VM (or, starting with v13.1, our Infrastructure Appliance) as a Hardened Repository to add another protection layer (immutable backups). Also make sure the Synology admin UI is properly protected (strong passwords, MFA), and the same applies to the Hyper-V management console—an attacker with admin access to the Hyper-V server can easily take over the virtual machines.
Another option for environments where budget is a problem, you could connect iSCSI to the Hyper-V host and use the Hyper-V host as a backup repository. I don't like this design, but sometimes small customers are doing it. Keep in mind, backups are not immutable and protected. An Attacker on the Hyper-V host will be able to delete them.
Best regards,
Fabian
Never connect your iSCSI LUN to the Hyper-V host and use virtual VM disks as backup storage. If you lose the host along with the VMs, you’d first have to deploy a new Hyper-V server and rebuild a new VM before you could access your backup disks again. So this should only be option 2 if you have no other choice than Synology iSCSI LUNs as backup storage.
Consider using a Linux VM (or, starting with v13.1, our Infrastructure Appliance) as a Hardened Repository to add another protection layer (immutable backups). Also make sure the Synology admin UI is properly protected (strong passwords, MFA), and the same applies to the Hyper-V management console—an attacker with admin access to the Hyper-V server can easily take over the virtual machines.
Another option for environments where budget is a problem, you could connect iSCSI to the Hyper-V host and use the Hyper-V host as a backup repository. I don't like this design, but sometimes small customers are doing it. Keep in mind, backups are not immutable and protected. An Attacker on the Hyper-V host will be able to delete them.
Best regards,
Fabian
Product Management Analyst @ Veeam Software
Who is online
Users browsing this forum: Semrush [Bot] and 73 guests