Select Page

How to add air-gapping and immutability to Veeam backup appliance

If you’re like most business owners, security is a top priority. You likely have a firewall and anti-virus software in place to protect your systems, but what about your backups? Are they secure?

In this blog post, we’ll show you how to add air-gapping and immutability to your Veeam backup appliance, which will help keep your data safe and secure.

Why add air-gapping and immutability to your backup and DR infrastructure

Hackers program ransomware to infect your production, all network-connected shared storage devices, and backup and disaster recovery (DR) infrastructure. This implies that no only do you need backup and DR to protect your storage systems, but you also need to make sure that your backup and DR is ransomware-proof as well.

Typically, through infiltration methods such as phishing emails, exploiting known vulnerabilities, etc. ransomware infects a system/server and spreads through the network. If your backup and DR solution is accessible via the production network, then it’s not as safe as you’d expect it to be.

While backup and DR is critical, backups alone are not enough – you need to add air-gapping and immutability to your data protection solution to make sure your business can recover from ransomware attacks.

For more on this, read Backups aren’t Enough – Here’s Why Air-Gapping and Immutability are Necessary

Why do you need air-gapping and immutability for Veeam

Veeam provides a complete portfolio to automate backup, replication, and restore. A reliable Veeam backup appliance orchestrates all of Veeam’s capabilities without consuming any of your production resources. However, while Veeam provides a comprehensive set of features, the way you store Veeam’s backups, snapshots, and replicas determines how effective a Veeam backup appliance is.

If your Veeam backup appliance is accessible via the production network, then even with Veeam’s enterprise software, your environment is vulnerable to ransomware attacks.

How to add air-gapping and immutability to your Veeam Backup and DR Environment(s)

Depending on your preference and the vendor, you can integrate air-gapping and immutability with your existing environment(s) in a number of ways.

StoneFly provides physical, virtual, and cloud-based solutions compatible with most popular servers, hypervisors, and clouds, and customizable for any scale including SMBs, SMEs, and large enterprises.

Physical Air-Gapped and Immutable Storage Nodes for Veeam

How to add air-gapping and immutability to Veeam backup appliance

The DR365VIVA are purpose-built automated air-gapped and immutable storage nodes for Veeam backup appliances. The air-gapped nodes connect seamlessly to your Veeam backup hardware and automate ransomware protection for your sensitive information, backups, snapshots, and replicas.

The preinstalled StoneFly storage virtualization engine (SCVM) enables storage administrators to set policies which automate data transfers and define retention periods for the target storage. Retain critical backups for a month or months, and even years.

In addition to the immutable and secure target storage for your Veeam backup appliance, the DR365VIVA also facilitate shorter Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) with features such as direct Virtual Machine (VM) spin up, granular file-level recovery, and more.

The complete set of ransomware protection features of DR365VIVA make it suitable for organizations, big and small, looking to meet cyber-insurance requirements.

Virtual Air-gapped and Immutable Storage for Veeam Backup Hardware

Limited on budget, rack space, or not interested in physical air-gapped nodes? Then look no further than StoneFly’s patented storage virtualization engine that is compatible with most mainstream hypervisors and provides the complete air-gapped and immutable storage experience as the hardware.

How to add air-gapping and immutability to Veeam backup appliance

Similar to the physical air-gapped nodes, the virtual air-gapped nodes are isolated by default and support immutable storage features such as S3 object storage, and file lockdown, with policy-based data transfers and retention.

Cloud-Based Air-Gapped and Immutable Storage for Veeam

As an Azure marketplace partner, StoneFly’s patented storage virtualization engine can also be bought directly from Azure marketplace and deployed as an Azure VM which provides the premium air-gapped, immutable storage, and encryption capabilities of a fully provisioned physical or virtual appliance.

How to add air-gapping and immutability to Veeam backup appliance

To integrate the cloud-based air-gapped and immutable storage volumes with your Veeam backup appliance, you can choose to set up physical or virtual cloud gateway appliances which deliver seamless integration, secure tunnels for data transfer, and support automated policy-based transfers from on-prem to cloud.

Physical, Virtual or Cloud: Which air-gapped and immutable storage is best for your Veeam backup appliance

Regardless of which type of deployment option you choose for your air-gapped and immutable storage, it’s important to note that the intent remains the same: ensure ransomware protection for your Veeam backups.

Each deployment option has its own pros and cons. Here’s a brief overview to help you decide the best one for your Veeam backup hardware:

Physical Virtual Cloud
Higher upfront costs: hardware + license but better ROIs in the long run License cost + cost depending on available storage resources Little to no upfront costs but higher TCO and lower ROIs in the long run
Ability to scale, and the time it takes to scale dependent on hardware availability, and shipping times respectively. Ability to scale dependent on available storage resources. Time to scale is non-disruptive and takes only a few clicks. Scale quickly, without limits, and with a few clicks.
High performance with no bottlenecks – recommended for zero-tier mission-critical workloads. Great performance as source and target are hosted on the same storage stack. Performance dependent on available bandwidth, network speed, data volume, and latency.
Support 3-2-1 backup strategy Support 3-2-1 backup strategy Support 3-2-1 backup strategy
Easy-of-management with policy-based automation Easy-of-management with policy-based automation Easy-of-management with policy-based automation

Conclusion

Veeam provides a comprehensive set of backup, replication, and restore features. However, if you store Veeam backup data in readily accessed network-connected volumes, then your infrastructure is vulnerable to ransomware attacks. Which is why it’s necessary for Veeam backup appliance owners to integrate air-gapped and immutable storage volumes with their existing environments.

Need help integrating air-gapped and immutability with your Veeam backup hardware? Talk to our pre-sales engineers today.

Recent Posts

Downtime Cost: How to Calculate and Minimize it

Downtime Cost: How to Calculate and Minimize it

Downtime is bad for business. When applications, data and services are unavailable, business is disrupted, customers and stakeholders are unhappy, and regulatory authorities fine you. The true cost of unplanned downtime goes beyond lost revenue. How does one calculate...

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery-as-a-Service (DRaaS) delivers serverless recovery capabilities while disaster recovery (DR) appliances provide the on-prem secondary site that facilitates quick recovery. Which of the two is the best fit for you? Both deployment options have their...

FC SAN vs iSCSI SAN: What’s the Difference?

FC SAN vs iSCSI SAN: What’s the Difference?

Storage area networks (SANs) are a permanent fixture in corporate data centers used to host high-performance block-level structured workloads such as databases, applications, etc. If you’re familiar with SAN systems, then you’ve heard of Fibre Channel (FC) and iSCSI...

NAS Security: What to Expect and How to Secure your NAS

NAS Security: What to Expect and How to Secure your NAS

Network attached storage (NAS) systems are a permanent fixture in a corporate data center. Whether it’s setting up a file storage and sharing environment for your remote workforce, storing surveillance videos, financial records, and patient information, or running 4K...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email