Select Page

How to add air-gapping and immutability to Veeam backup appliance

If you’re like most business owners, security is a top priority. You likely have a firewall and anti-virus software in place to protect your systems, but what about your backups? Are they secure?

In this blog post, we’ll show you how to add air-gapping and immutability to your Veeam backup appliance, which will help keep your data safe and secure.

Why add air-gapping and immutability to your backup and DR infrastructure

Hackers program ransomware to infect your production, all network-connected shared storage devices, and backup and disaster recovery (DR) infrastructure. This implies that no only do you need backup and DR to protect your storage systems, but you also need to make sure that your backup and DR is ransomware-proof as well.

Typically, through infiltration methods such as phishing emails, exploiting known vulnerabilities, etc. ransomware infects a system/server and spreads through the network. If your backup and DR solution is accessible via the production network, then it’s not as safe as you’d expect it to be.

While backup and DR is critical, backups alone are not enough – you need to add air-gapping and immutability to your data protection solution to make sure your business can recover from ransomware attacks.

For more on this, read Backups aren’t Enough – Here’s Why Air-Gapping and Immutability are Necessary

Why do you need air-gapping and immutability for Veeam

Veeam provides a complete portfolio to automate backup, replication, and restore. A reliable Veeam backup appliance orchestrates all of Veeam’s capabilities without consuming any of your production resources. However, while Veeam provides a comprehensive set of features, the way you store Veeam’s backups, snapshots, and replicas determines how effective a Veeam backup appliance is.

If your Veeam backup appliance is accessible via the production network, then even with Veeam’s enterprise software, your environment is vulnerable to ransomware attacks.

How to add air-gapping and immutability to your Veeam Backup and DR Environment(s)

Depending on your preference and the vendor, you can integrate air-gapping and immutability with your existing environment(s) in a number of ways.

StoneFly provides physical, virtual, and cloud-based solutions compatible with most popular servers, hypervisors, and clouds, and customizable for any scale including SMBs, SMEs, and large enterprises.

Physical Air-Gapped and Immutable Storage Nodes for Veeam

How to add air-gapping and immutability to Veeam backup appliance

The DR365VIVA are purpose-built automated air-gapped and immutable storage nodes for Veeam backup appliances. The air-gapped nodes connect seamlessly to your Veeam backup hardware and automate ransomware protection for your sensitive information, backups, snapshots, and replicas.

The preinstalled StoneFly storage virtualization engine (SCVM) enables storage administrators to set policies which automate data transfers and define retention periods for the target storage. Retain critical backups for a month or months, and even years.

In addition to the immutable and secure target storage for your Veeam backup appliance, the DR365VIVA also facilitate shorter Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) with features such as direct Virtual Machine (VM) spin up, granular file-level recovery, and more.

The complete set of ransomware protection features of DR365VIVA make it suitable for organizations, big and small, looking to meet cyber-insurance requirements.

Virtual Air-gapped and Immutable Storage for Veeam Backup Hardware

Limited on budget, rack space, or not interested in physical air-gapped nodes? Then look no further than StoneFly’s patented storage virtualization engine that is compatible with most mainstream hypervisors and provides the complete air-gapped and immutable storage experience as the hardware.

How to add air-gapping and immutability to Veeam backup appliance

Similar to the physical air-gapped nodes, the virtual air-gapped nodes are isolated by default and support immutable storage features such as S3 object storage, and file lockdown, with policy-based data transfers and retention.

Cloud-Based Air-Gapped and Immutable Storage for Veeam

As an Azure marketplace partner, StoneFly’s patented storage virtualization engine can also be bought directly from Azure marketplace and deployed as an Azure VM which provides the premium air-gapped, immutable storage, and encryption capabilities of a fully provisioned physical or virtual appliance.

How to add air-gapping and immutability to Veeam backup appliance
To integrate the cloud-based air-gapped and immutable storage volumes with your Veeam backup appliance, you can choose to set up physical or virtual cloud gateway appliances which deliver seamless integration, secure tunnels for data transfer, and support automated policy-based transfers from on-prem to cloud.

Physical, Virtual or Cloud: Which air-gapped and immutable storage is best for your Veeam backup appliance

Regardless of which type of deployment option you choose for your air-gapped and immutable storage, it’s important to note that the intent remains the same: ensure ransomware protection for your Veeam backups.

Each deployment option has its own pros and cons. Here’s a brief overview to help you decide the best one for your Veeam backup hardware:

Physical Virtual Cloud
Higher upfront costs: hardware + license but better ROIs in the long run License cost + cost depending on available storage resources Little to no upfront costs but higher TCO and lower ROIs in the long run
Ability to scale, and the time it takes to scale dependent on hardware availability, and shipping times respectively. Ability to scale dependent on available storage resources. Time to scale is non-disruptive and takes only a few clicks. Scale quickly, without limits, and with a few clicks.
High performance with no bottlenecks – recommended for zero-tier mission-critical workloads. Great performance as source and target are hosted on the same storage stack. Performance dependent on available bandwidth, network speed, data volume, and latency.
Support 3-2-1 backup strategy Support 3-2-1 backup strategy Support 3-2-1 backup strategy
Easy-of-management with policy-based automation Easy-of-management with policy-based automation Easy-of-management with policy-based automation

Conclusion

Veeam provides a comprehensive set of backup, replication, and restore features. However, if you store Veeam backup data in readily accessed network-connected volumes, then your infrastructure is vulnerable to ransomware attacks. Which is why it’s necessary for Veeam backup appliance owners to integrate air-gapped and immutable storage volumes with their existing environments.

Need help integrating air-gapped and immutability with your Veeam backup hardware? Talk to our pre-sales engineers today.

Malvertising: The Dark Side of Online Advertising

Malvertising: The Dark Side of Online Advertising

Malvertising—once a shadowy threat lurking on the fringes of cybersecurity discourse—has emerged as a formidable adversary, directly targeting enterprises in the digital arena. As businesses increasingly rely on online advertising to connect with their audience,...

Conti Ransomware: In-Depth Technical Breakdown

Conti Ransomware: In-Depth Technical Breakdown

Conti ransomware has earned notoriety, notably for its involvement in the Costa Rican government hack. Operating as a ransomware-as-a-service (RaaS) group, Conti specializes in infiltrating networks, encrypting crucial data, and extorting exorbitant sums of money. In...

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply chain attacks have emerged as a formidable threat vector in the landscape of cybercrime, posing significant risks to enterprises of all sizes and industries. Among the various tactics employed by threat actors, ransomware attacks leveraging supply chain...

How to Set Up S3 Object Storage for Veeam Data Platform

How to Set Up S3 Object Storage for Veeam Data Platform

Veeam v12 introduced Direct-to-Object storage, enabling S3 object storage as the primary backup repository. Prior to this, S3 object storage integration relied on Veeam's Scale-Out Backup Repository (SOBR), using a performance tier and a capacity tier, which extended...

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering hole attacks, akin to their namesake in the natural world where predators strategically position themselves near watering holes to intercept prey, have become a significant peril in the digital realm. In the vast landscape of cybersecurity, understanding the...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email