proxy windows account

[matteu]

Hello,

1) On the proxy, do you create Veeam dedicated account or do you use local administrator ? Do you use different password on each proxy ?
2) Then, if you use veeamone, do you create dedicated veeamone account ? Do you use the same password on all the VM or do you use a different on each one ?

I would like to know it because until now, I always use 1 account with different password on each VM. On all my VM I use svc_veeam + svc_veeamone account and svc_veeamem on the veeam server for Veeam enterprise manager account connection.

I'm not sure it's necessary and I would like to know if this is "too much" or it's good for security reason.

3) For encryption, do you use different encryption password (1/job) or do you use the same for all ?

Thanks for your answer.

[Mildur]

Hi Matteu

1+2
I always used a dedicated account on my system.
If you use the local default administrator account for veeam, you won‘t be able to differ in the windows and application logs if an admin or veeam has used the account.
You can use different passwords, because you have to add non domain accounts for each machine separately in veeam. Using the same password doesn‘t give you much benefits.

3
Good question.
An attacker who has access to all of your passwords will be able to encrypt all backups. So multiple passwords wouldn‘t protect you against data theft.
I would probably use the same password, but with 30-40 numbers and chars. It‘s easier to manage the jobs. I don‘t want to create and manage an encryption key for every new job.

Best,
Fabian

[matteu]

Thanks for tour answer.
I will only use 1 password for encryption from know
For the rest, I will continue to create different account with different password for each one.