-
- Novice
- Posts: 4
- Liked: never
- Joined: Nov 11, 2021 10:23 pm
- Full Name: Andy Miller
- Contact:
Hardened Repo VM v Phy
I am looking into implementing a hardened repo for immutable backups, but I am not sold on whether it must be a physical server or can I use a VM that is encrypted.
-
- Service Provider
- Posts: 100
- Liked: 25 times
- Joined: Sep 24, 2020 2:14 pm
- Contact:
Re: Hardened Repo VM v Phy
vCenter and ESXi are a easy target..... dont store your VM Backups within a VM on that plattform. We have VBR "management" as a VM but our data is stored outside and the linux based VMware hardenet Repository is always a phys. Server in our infrastructure.
Regards,
Joerg
Regards,
Joerg
-
- Enthusiast
- Posts: 86
- Liked: 37 times
- Joined: Jan 14, 2022 9:16 am
- Full Name: Daniel Artzen
- Location: Germany
- Contact:
Re: Hardened Repo VM v Phy
The problem with having the repo on a VM is, anyone with access to the hypervisor or the storage where the VM resides (either viable admins or successful attackers) could just delete the files from the datastore or the whole datastore itself and that would leave you without backups. Encrypting the VM can not prevent that. So if you really want those backups to be immutable, a physical server with either internal disks or DAS is the way to go.
Best regards
Daniel
Best regards
Daniel
Who is online
Users browsing this forum: Baidu [Spider], Bing [Bot] and 105 guests