Skip to main content

An advantage of software-defined Veeam products is that they can be installed in many different ways and on any hardware your company owns and uses.  They can be installed on-premises, or in any hyper-scale public cloud, you choose.  To help customers architect, size, and secure the various Veeam products and features, the Veeam Solutions Architect team has created Veeam Security Blueprints (SBP) and they are publicly accessible.

 

Veeam Security Blueprints can be found at https://www.veeam.com/security-blueprints.html

 

Veeam Security Blueprints (SBP) are short (3 – 4 pages) scenario-based reference architectures covering common scenarios seen in the field.

 

Types of scenarios include:

  • On-premises environment using multiple different vendor storage targets (HPE, Cisco, Pure, Exagrid, Cloudian, Lenovo, Zadara, Hitachi Vantara).
  • Veeam cloud backup products (Veeam Backup for Azure, GCP, AWS)
  • VMC on AWS and hybrid environments
  • Veeam Plugins for Enterprise Applications (Oracle and Microsoft SQL)
  • Veeam Backup for M365
  • Veeam One
  • Veeam Backup and Replication features (CDP and classic replication, YARA scanning and Secure Restore)

 

The SBPs include:

  • A diagram describing component placement and traffic flow.
  • A description of the scenario
  • Component amounts and sizing
  • Component Security recommendations based on industry standards (NIST, CIS, MiTRE) 

 

The SBP follows the Veeam architecture method and is presented in easy-to-read sections. 

 

Diagram and introduction:

 

The first section of the SBP includes a diagram and environment of what the SBP is describing.

 

The environment description sets the stage for the sizing information.  A basic requirements, constraints, and assumptions (RAC) table has been added to further the scope and requirements of the SBP.  This helps define the environment described in the SBP and helps define the component sizing and placement.

Component sizing:

 

The component sizing table lists the needed Veeam components and how they should be sized.  These calculations are an example of what would be needed for a given size of an environment.  The sizing shown has been “normalized” to match available hardware specs.  

 

Some SBPs show sizing and hardware components (storage) needed from our alliance partners like HPE, Pure, Cisco, Lenovo, Cloudian, Exagrid, and Zadara.  Others will be added as they are created.

 

Security recommendations:

 

This last section provides recommendations on securing the Veeam environment.

These recommendations include:

  • Recommendations from NIST, CIS, and MiTRE as well as Microsoft
  • Links to Veeam security best practices and alliance vendor best practices
  • Recommendations for network switch (ethernet, Fibre channel) security

 

The Security Blueprints are updated to reflect new product releases and sizing guidelines.  New Security Blueprints are created regulary as posted on the website as they are completed.

 

Veeam Security Blueprints can be found at https://www.veeam.com/security-blueprints.html

Nice and I see Object First in there as well. Just thought I would mention 😇.


Awesome! This is a fantastic endeavor! Thanks for sharing Joe. 


Nice to see this is now polished after the Summit.  Thanks for sharing Joe looking at it now.


Nice to see this is now polished after the Summit.  Thanks for sharing Joe looking at it now.

Thanks, Chris.  We got a new template.  The older ones are slowly being moved to the new template - hopeully they will be there soon.


Thanks from Joe to Joe 😂

You have shown some of this to us in Prague. Fine that the blueprints are open for all now.


Nice and I see Object First in there as well. Just thought I would mention 😇.

I forgot that in the list - sorry. But yes, we have one for Object First!


Nice and I see Object First in there as well. Just thought I would mention 😇.

I forgot that in the list - sorry. But yes, we have one for Object First!

No probs. It is a great document something I am sure everyone here will find very useful, thanks again!


Thank you for sharing


Hi @vmJoe this is good thank you for sharing this informative post.


Comment