Hello Veeam Team,
can you integrate the mandatory use of Client Certificates for Cloud Connect Connections?
Then every Cloud Connect Customer needs a "second Factor" to Access his Backup Repository,
and we as Service Provider can ensure that only Customers with a valid Cloud certificate
can make TLS Connections to our Gateway.
Best Regards,
Bernd
-
bernd.dausch
- Service Provider
- Posts: 21
- Liked: 1 time
- Joined: May 27, 2016 7:17 pm
- Full Name: Bernd Dausch
- Contact:
-
veremin
- Product Manager
- Posts: 20406
- Liked: 2298 times
- Joined: Oct 26, 2012 3:28 pm
- Full Name: Vladimir Eremin
- Contact:
Re: Feature Request - Client Certificates with Cloud Connect
It's not planned for the nearest future, since such functionality is likely to complicate tenant's experience.
But what about using encryption? In this case, as someone having tenant's credentials tries to get a content of backup files, he won't be able to do so without knowing a corresponding password.
Thanks.
But what about using encryption? In this case, as someone having tenant's credentials tries to get a content of backup files, he won't be able to do so without knowing a corresponding password.
Thanks.
-
Gostev
- Chief Product Officer
- Posts: 31806
- Liked: 7300 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: Feature Request - Client Certificates with Cloud Connect
Encryption does not protect backups from deletion.
-
dellock6
- VeeaMVP
- Posts: 6166
- Liked: 1971 times
- Joined: Jul 26, 2009 3:39 pm
- Full Name: Luca Dell'Oca
- Location: Varese, Italy
- Contact:
Re: Feature Request - Client Certificates with Cloud Connect
Hi Bernd,
the idea may be interesting, but I see two concerns:
- creation: who should create these certificates? VBR itself? And what CA would sign them?
- delivery: properly passing the client certificate to each tenant would require an alternative channel to be completed, otherwise the possibilities to compromise the client certificate would be too high. how would you plan to pass these certificates to tenants?
Luca
the idea may be interesting, but I see two concerns:
- creation: who should create these certificates? VBR itself? And what CA would sign them?
- delivery: properly passing the client certificate to each tenant would require an alternative channel to be completed, otherwise the possibilities to compromise the client certificate would be too high. how would you plan to pass these certificates to tenants?
Luca
Luca Dell'Oca
Principal EMEA Cloud Architect @ Veeam Software
@dellock6
https://www.virtualtothecore.com/
vExpert 2011 -> 2022
Veeam VMCE #1
Principal EMEA Cloud Architect @ Veeam Software
@dellock6
https://www.virtualtothecore.com/
vExpert 2011 -> 2022
Veeam VMCE #1
-
bernd.dausch
- Service Provider
- Posts: 21
- Liked: 1 time
- Joined: May 27, 2016 7:17 pm
- Full Name: Bernd Dausch
- Contact:
Re: Feature Request - Client Certificates with Cloud Connect
Hi Luca,
I see this as a security option and a own Certificate Infrastructure is necessary, and not need for VBR to create certificates.
At the Moment we deliver Client Certificates in one of this ways:
- Password Protected PKCS12 - File with a Secure Password
- HardwareToken (Aladdin eToken)
Bernd
I see this as a security option and a own Certificate Infrastructure is necessary, and not need for VBR to create certificates.
At the Moment we deliver Client Certificates in one of this ways:
- Password Protected PKCS12 - File with a Secure Password
- HardwareToken (Aladdin eToken)
Bernd
Who is online
Users browsing this forum: Baidu [Spider] and 224 guests