Allow backup storage devices without drive letters

Backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)

Allow backup storage devices without drive letters

Veeam Logoby Daniel N. » Mon Mar 30, 2015 5:45 pm

I think it would be a great improvement, if I could remove the drive letter from my portable backup storage device and still be able to register it in Veeam.
Daniel N.
Enthusiast
 
Posts: 28
Liked: 3 times
Joined: Sun Feb 15, 2015 7:03 am

Re: Allow backup storage devices without drive letters

Veeam Logoby Vitaliy S. » Mon Mar 30, 2015 8:51 pm

That's interesting. Can you please elaborate a bit more on why don't you want to assign the drive letter?
Vitaliy S.
Veeam Software
 
Posts: 19554
Liked: 1100 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: Allow backup storage devices without drive letters

Veeam Logoby Dima P. » Mon Mar 30, 2015 9:53 pm

if I could remove the drive letter from my portable backup storage device and still be able to register it in Veeam

While I am eager to hear the details behind you request too, can say that Endpoint Backup does not rely on the drive letters in terms of drive identification if we are talking about the removable storage.
Dima P.
Veeam Software
 
Posts: 6239
Liked: 440 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: Allow backup storage devices without drive letters

Veeam Logoby Daniel N. » Tue Mar 31, 2015 5:51 pm

Windows Backup from Windows 7 and Windows Server 2008–20012R2 does it exactly that way.

Portable (or removable) storage will be formatted, the drive letter will be removed and the permissions will be altered so users and administrators (users in general) will not be able to accidentally alter the backup files. Thus creating an additional layer of protection. The drive letter is removed because that drive is not supposed to hold other data than backup data and users are supposed to use only Windows Backup to restore files from a backup. So there is no need to even show a drive letter.

So in fact, I do not need to see the drive. It's supposed to hold only my backups. Backups are supposed to be restored by Veeam only. And for that I like to not have to see a drive that is useless in any other sense than for backups.

Personally, I like the idea of how Windows Backup treats storage devices: "This device is for backup, keep your fingers out of it and I won't have to say: 'I told you so', later."

While I am eager to hear the details behind you request too, can say that Endpoint Backup does not rely on the drive letters in terms of drive identification if we are talking about the removable storage.

I am not sure if you are talking about technicalities that happen under the hood. So let me say that, when I remove the drive letter, I cannot choose it as a backup location. When I have the portable storage registered as a backup storage device, and I remove the drive letter afterwards, VEP asks me to connect the backup storage device. So for me as a user, Veeam needs a drive letter to work with.
Daniel N.
Enthusiast
 
Posts: 28
Liked: 3 times
Joined: Sun Feb 15, 2015 7:03 am

Re: Allow backup storage devices without drive letters

Veeam Logoby Vitaliy S. » Wed Apr 01, 2015 12:54 pm

Thanks for sharing the use case, makes sense if there is a need to have additional layer of protection for created backups. On a side note, what if you want to copy these files somewhere? You will need to assign drive letter and this should not change the behavior of configured backup task, correct?

BTW, are you planning to use portable device for all Endpoint backups or there is one device for each Endpoint?
Vitaliy S.
Veeam Software
 
Posts: 19554
Liked: 1100 times
Joined: Mon Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov

Re: Allow backup storage devices without drive letters

Veeam Logoby Daniel N. » Wed Apr 01, 2015 4:21 pm 1 person likes this post

makes sense if there is a need to have additional layer of protection for created backups


Don't forget, that it's annoying to have that drive in the explorer ;)

On a side note, what if you want to copy these files somewhere? You will need to assign drive letter and this should not change the behavior of configured backup task, correct?


I would say so, too. If you would address the drive with the volume ID, that would be no problem. Run mountvol.exe in CMD to see what I am talking about.

BTW, are you planning to use portable device for all Endpoint backups or there is one device for each Endpoint?

I am using the software on my personal computer.
I don't know what your target audience with Endpoint Backup is. As a sysadmin myself, I would never backup client computers on a usb drive and use a network drive instead. Before backing up client cmoputers at all, I would evaluate all other options ;)

Edit: If I had several personal computers, I would probably use one drive for all my computers. In that case I could imagine that the drive letter is removed, the drive "locked" for veeam backups, but enabled to be used for multiple computers.

Thanks for listening. I thoroughly enjoy that my suggestions are heard and making you curious :)
Daniel N.
Enthusiast
 
Posts: 28
Liked: 3 times
Joined: Sun Feb 15, 2015 7:03 am

Re: Allow backup storage devices without drive letters

Veeam Logoby Dima P. » Wed Apr 01, 2015 5:07 pm

Personally, I like the idea of how Windows Backup treats storage devices: "This device is for backup, keep your fingers out of it and I won't have to say: 'I told you so', later."

Agree, this is a good idea - so we will definitely look into your feedback!
I am not sure if you are talking about technicalities that happen under the hood.

Let me paraphrase my previous post. We do not rely on the drive letter in terms of disk recognition (drive letter can be changed for removable devices, if it has been already taken by another removable device), but it should have a drive letter to be properly presented to the OS.
Don't forget, that it's annoying to have that drive in the explorer… Run mountvol.exe in CMD to see what I am talking about.

Have to disagree on this one. For most non-IT guys the situation may look scary: you plugged in the device, but it does not appear in my computer, so something is broken – call IT… Though, thinking of a temporary workaround in existing version, you should be able to mount the volume as a folder (somewhere in non root premises) and configure local backup to this folder.
Dima P.
Veeam Software
 
Posts: 6239
Liked: 440 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: Allow backup storage devices without drive letters

Veeam Logoby Daniel N. » Tue Apr 07, 2015 7:48 am

Have to disagree on this one. For most non-IT guys the situation may look scary: you plugged in the device, but it does not appear in my computer, so something is broken – call IT… Though, thinking of a temporary workaround in existing version, you should be able to mount the volume as a folder (somewhere in non root premises) and configure local backup to this folder.


I can see your point. One last suggestion, if I may. I could imagine having this as an option. Something like "Configure this storage device without drive letter (hidden)".

Your suggestion to mout the volume as a folder was also a good idea and I did it that way. Works really good and something I can live with. Thank you! :)
Daniel N.
Enthusiast
 
Posts: 28
Liked: 3 times
Joined: Sun Feb 15, 2015 7:03 am

Re: Allow backup storage devices without drive letters

Veeam Logoby Dima P. » Tue Apr 07, 2015 10:58 am

Agree we or not, this feature makes sense – so we will discuss it any way. :wink: Thanks
Dima P.
Veeam Software
 
Posts: 6239
Liked: 440 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: Allow backup storage devices without drive letters

Veeam Logoby consolerepair08 » Sat Aug 08, 2015 10:47 am

I think we're all missing the biggest reason why Veeam really needs to implement a device ID solution for backup targets. The virus known as cryptowall v3.0 works by scanning the computer for mounted drive letters before encrypting the files within any mounted drives. THIS IS A BIG SECURITY RISK! whats the point of having a backup if that backup could also get infected?

More Information:
http://www.bleepingcomputer.com/virus-r ... nformation

CryptoWall will encrypt data files on network shares only if that network share is mapped as a drive letter on the infected computer. If it is not mapped as a drive letter, then CryptoWall will not encrypt any files on a network share.
consolerepair08
Lurker
 
Posts: 1
Liked: never
Joined: Sat Aug 08, 2015 10:39 am
Full Name: Jack Leeds

Re: Allow backup storage devices without drive letters

Veeam Logoby Dima P. » Mon Aug 10, 2015 12:15 pm

Hello Jack,

I agree with the use case you shared, but I think backing up to the internal drive as well as leaving the USB backup target always connected (mounted or not) is beyond the backup best practices. The following article refers to the flagship product - Veeam Backup and Replication, nevertheless main principles could be applied for Veeam Endpoint Backup: How to follow the 3-2-1 backup rule
Dima P.
Veeam Software
 
Posts: 6239
Liked: 440 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov

Re: Allow backup storage devices without drive letters

Veeam Logoby JGGS » Wed Aug 19, 2015 2:24 pm

I'm with Jack on this, say you've been infected with Cryptolocker/wall, it sits there until the computer is idle, Veeam completes its backup, the virus is triggered because the machine is idle and encrypts your data. If you've got a lot of changed data and need to leave it running for sometime that gives Crypto* a chance to encrypt the backup files, destroying the backup.

There are *other* products out there that do this, but Veeam is superior in most other ways, I just wish this one feature were in it.
JGGS
Lurker
 
Posts: 1
Liked: never
Joined: Wed Aug 19, 2015 2:16 pm
Full Name: Jayton Garnett

Re: Allow backup storage devices without drive letters

Veeam Logoby Dima P. » Wed Aug 19, 2015 3:09 pm

Hi JGGS,
I agree, but there is an existing way of protecting against crypto locker threats (as well as against the complete hardware corruption) – use external storages like NAS, Veeam backup and replication repository or simple USB device :wink:
Dima P.
Veeam Software
 
Posts: 6239
Liked: 440 times
Joined: Mon Feb 04, 2013 2:07 pm
Location: SPb
Full Name: Dmitry Popov


Return to Veeam Agent for Windows



Who is online

Users browsing this forum: Google [Bot] and 15 guests