Comprehensive data protection for all workloads
Post Reply
LegacyCode
Lurker
Posts: 2
Liked: never
Joined: Dec 11, 2019 9:24 pm
Full Name: Matthew Peters
Contact:

Feedback on Backup Strategy

Post by LegacyCode »

Hello all,

I am trying to form a strategy for our backups. We are a small shop with a limited budget...of course. We are also very sensitive right now to protecting our VMs against ransomware attacks. We have security solutions in place for that, but I also want to make sure we have an "air-gapped" backup solution. Here is what I am thinking and I would like to get your feedback.

PRODUCTION ENVIORNMENT
2 Node Hyper-V Server setup as hyper-converged using Starwind vSAN
Approx 15 TB of data to be backed up. Will grow as time goes on.
Veeam B&R running as a VM in the Hyper-V cluster
2 Synology NAS serving as repos for Veeam.
  • Each has an SMB shared folder presented to Veeam
  • Separate backup jobs (backing up all VMs) in Veeam for each NAS
  • Backup jobs are scheduled at opposite times of day for each NAS, because...
  • Each NAS is connected to its own network switch that is connected to power via a smart outlet that we can set on/off schedules
  • The outlets are scheduled in such a way that only one network switch is ever on at a given time (which is also when the Veeam job is scheduled for that given NAS). This helps ensure that an air-gapped NAS is always off the network with a good backup. The main hitch I can see here is that if the schedule goes long enough before we discover the ransomware, the other NAS could come online and also get encrypted, but I think that possibility is low. We would discover the issue in time to pull the good backup out of the timer schedule.
OFFSITE BACKUP
One Synology NAS at a remote location connected to the internet via 50mb up connection
  • I'm not sure what the best approach here is for getting the data on the Synology. We don't have the budget or the location to setup an actual server at the remote location so I am hoping I can solve this with the NAS. My first thought is using the replication features built into the Synology and replicate one of the local NAS to the remote. But, I do not have experience with their software to know how stable it is.
Can you please provide suggestions for how to setup the remote location and also comments on my overall strategy. Thanks everyone!
PetrM
Veeam Software
Posts: 3626
Liked: 608 times
Joined: Aug 28, 2013 8:23 am
Full Name: Petr Makarov
Location: Prague, Czech Republic
Contact:

Re: Feedback on Backup Strategy

Post by PetrM »

Hi Matthew!

Regarding your production environment, I'd say that it seems to be reliable enough.
The only possible alternative for offsite backup which comes to my mind is a backup copy job but it would be better to setup a gateway sever for the NAS on remote site.
I think you could get more information about Synology software stability on similar Synology forums.

Thanks!
LegacyCode
Lurker
Posts: 2
Liked: never
Joined: Dec 11, 2019 9:24 pm
Full Name: Matthew Peters
Contact:

Re: Feedback on Backup Strategy

Post by LegacyCode »

Thanks! Great feedback. Do you know if Synology's snapshot feature would interfere with the Veeam backups/restores in any way?
foggy
Veeam Software
Posts: 21139
Liked: 2141 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: Feedback on Backup Strategy

Post by foggy »

No, it should be transparent to Veeam B&R.
Post Reply

Who is online

Users browsing this forum: Google [Bot] and 52 guests