- Posts: 38
- Liked: 2 times
- Joined: Nov 29, 2016 10:09 pm
a) air gapped backups (tape / secondary linux machine ingesting backups etc)
b) backups to Veeam cloud connect backups (Insider protection works for ransomware scenarios)
The solution simplier in case b), but it is also more expensive, as we need to pay the storage of provider.
If we can get nearly similar protection onpremise, on our own servers, it will work against malware (but not insiders). This would be sufficient for us.
Also it would be better alternative to Remote copy jobs in VBR - as the source Veeam server needs write access to remote repositories, by compromiting the source the target is lost completely too. It will be better if target would pull the backups from source (readonly), hence their security layers will be separated.
Can we install and use Veeam cloud connect onpremise and does that make sense from your standpoint?
- SVP, Product Management
- Posts: 24297
- Liked: 3331 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
Insider protection is designed for the scenario when Cloud Connect infrastructure is installed in a completely different data center, which is controlled by another company who you pay money to take care of your data - which completely prevents an inside attack.
So, even something as simple as making periodic backup copies to a shared folder on a hardened Linux server (no remote logons), with the shared folder backed by ZFS with periodic ZFS snapshots enabled, will give you a better protection without all the extra overhead over managing your own Cloud Connect infrastructure.
Users browsing this forum: No registered users and 23 guests