Comprehensive data protection for all workloads
Post Reply
bernd.dausch
Service Provider
Posts: 21
Liked: 1 time
Joined: May 27, 2016 7:17 pm
Full Name: Bernd Dausch
Contact:

Feature Request - Client Certificates with Cloud Connect

Post by bernd.dausch » May 27, 2016 7:25 pm

Hello Veeam Team,

can you integrate the mandatory use of Client Certificates for Cloud Connect Connections?

Then every Cloud Connect Customer needs a "second Factor" to Access his Backup Repository,
and we as Service Provider can ensure that only Customers with a valid Cloud certificate
can make TLS Connections to our Gateway.

Best Regards,

Bernd

veremin
Product Manager
Posts: 17428
Liked: 1552 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Feature Request - Client Certificates with Cloud Connect

Post by veremin » May 30, 2016 2:21 pm

It's not planned for the nearest future, since such functionality is likely to complicate tenant's experience.

But what about using encryption? In this case, as someone having tenant's credentials tries to get a content of backup files, he won't be able to do so without knowing a corresponding password.

Thanks.

Gostev
SVP, Product Management
Posts: 25819
Liked: 3974 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Feature Request - Client Certificates with Cloud Connect

Post by Gostev » May 31, 2016 7:17 am

Encryption does not protect backups from deletion.

dellock6
Veeam Software
Posts: 5882
Liked: 1704 times
Joined: Jul 26, 2009 3:39 pm
Full Name: Luca Dell'Oca
Location: Varese, Italy
Contact:

Re: Feature Request - Client Certificates with Cloud Connect

Post by dellock6 » May 31, 2016 7:54 pm

Hi Bernd,
the idea may be interesting, but I see two concerns:
- creation: who should create these certificates? VBR itself? And what CA would sign them?
- delivery: properly passing the client certificate to each tenant would require an alternative channel to be completed, otherwise the possibilities to compromise the client certificate would be too high. how would you plan to pass these certificates to tenants?

Luca
Luca Dell'Oca
Principal EMEA Cloud Architect @ Veeam Software

@dellock6
https://www.virtualtothecore.com/
vExpert 2011 -> 2020
Veeam VMCE #1

bernd.dausch
Service Provider
Posts: 21
Liked: 1 time
Joined: May 27, 2016 7:17 pm
Full Name: Bernd Dausch
Contact:

Re: Feature Request - Client Certificates with Cloud Connect

Post by bernd.dausch » May 31, 2016 8:44 pm

Hi Luca,

I see this as a security option and a own Certificate Infrastructure is necessary, and not need for VBR to create certificates.

At the Moment we deliver Client Certificates in one of this ways:

- Password Protected PKCS12 - File with a Secure Password
- HardwareToken (Aladdin eToken)

Bernd

Post Reply

Who is online

Users browsing this forum: conrad.stephens, Google [Bot], Majestic-12 [Bot], Tram68 and 46 guests