Hi
We are looking for security best practice recommendations with VBR. As of now using Windows Repositories (FC NetApp SAN), in Hyper V 2012 R2 environment. At present VBR is member of the same Domain, planning to create a separate dedicated AD Domain for VBR and make the VBR server member of this domain. What are the general practices on security perspective?
Thanks in advance
-
LMS
- Influencer
- Posts: 24
- Liked: never
- Joined: May 29, 2017 5:13 am
- Full Name: MS Sunil
- Contact:
-
Mike Resseler
- Product Manager
- Posts: 8045
- Liked: 1263 times
- Joined: Feb 08, 2013 3:08 pm
- Full Name: Mike Resseler
- Location: Belgium
- Contact:
Re: VBR in security perspective
Hi LMS,
I would not dare to say that there are general practices since many organizations will organize their security differently and based on those practice, you can work with VBR server also. A few things to think about:
1) Putting VBR server in a different domain is perfectly possible.
2) Try to use a specific username/ password (as lengthy as possible
) for your repository. Write it somewhere, put it in an envelope and move it to the companies safety vault
3) Depending on how many backup admins you have, try to keep them as low as possible and use roles in enterprise manager to keep the restore operators from seeing everything
These are just a few to start with. Obviously I would advise firewall (even windows firewall to start with) and blocking network traffic between servers and VBR if that is not necessary. But it would obviously take some time to map all that out
Just a start
Mike
I would not dare to say that there are general practices since many organizations will organize their security differently and based on those practice, you can work with VBR server also. A few things to think about:
1) Putting VBR server in a different domain is perfectly possible.
2) Try to use a specific username/ password (as lengthy as possible
) for your repository. Write it somewhere, put it in an envelope and move it to the companies safety vault 3) Depending on how many backup admins you have, try to keep them as low as possible and use roles in enterprise manager to keep the restore operators from seeing everything
These are just a few to start with. Obviously I would advise firewall (even windows firewall to start with) and blocking network traffic between servers and VBR if that is not necessary. But it would obviously take some time to map all that out
Just a start
Mike
-
jmmarton
- Veeam Software
- Posts: 2092
- Liked: 309 times
- Joined: Nov 17, 2015 2:38 am
- Full Name: Joe Marton
- Location: Chicago, IL
- Contact:
Re: VBR in security perspective
Another thing to consider is to not join the repository to the domain and use a local user for it. Then continue on with step 2 that Mike outlined.
Joe
Joe
Who is online
Users browsing this forum: Bing [Bot] and 15 guests