Security hardening and/or best practice guide

[LukeAd]

First I must say thank you and great job on VEB...a fantastic product (at a great price!)

For some time we have used VBR for our servers, and now with VEB for our user endpoints I feel our backup strategy is complete.

However after narrowly escaping disaster last year when one of our users got infected with Crypto-ransomware, I have been looking for ways to sleep peacefully at night with the assurance that our backups are as safe as possible.

I have read many threads on here where others are obviously also afraid of ransomware getting into their backups, but I have had a difficult time piecing together a comprehensive and authoritative set of steps from all these threads that I can follow to feel like I'm doing the best I can to protect my backups against ransomware.

In this thread it looks like a potentially great Veeam hardening document is being worked on, but as that thread is in the VBR forum, I don't know if this will also include VEB.

Is there (or will there be) a definitive "all in one place" guide on best practices for security and for shielding backups from ransomware-type threats in VEB? Something like this would be a HUGE benefit for the IT jack-of-all-trades but master-of-none types like me that do their best to cover so many bases but benefit most when somebody just puts all the best advice in one central place.

Thanks again for great stuff...I can truly say I love using anything from Veeam!

[Dima P.]

Hi Luke,

Thank you for kind words! Several recommendation were discussed in this thread – take a look and let us know if it helps.

[LukeAd]

Thanks, I had already read that thread twice (among a number of others).

So then I guess the answer to my question is, "no, there will not be a security hardening or best practice guide for VEB" like the one that is being worked on for VBR?

[Dima P.]

Honestly, we did not plan a dedicated guide for VEB, but I’ll share your request with the team. Thanks!

[caballo2000]

Currently there is any ransomware malware atacking Veeam Endpoint backup extensions?

[BLWL]

A general security guide would be really nice!

Currently there is any ransomware malware atacking Veeam Endpoint backup extensions?

Can't speak for if some malware is specifically targeting Veeam, I haven't heard about it. However, there are several ransomware that, if access, might encrypt your backup files.

Some suggestions for securing Veeam in a bigger environment:

[*] Network segmentation Veeam server, proxies and repositories (tight fw access rules, especially no client access to repositories)
[*] Account segmentation specifically for Veeam servers (deny login from other accounts)
[*] Encrypt backups (probably won't help against ransomware, but offers protection in other scenarios)

Edit: Here are some more suggestions: https://www.veeam.com/blog/how-to-avoid ... ocker.html

/BLWL