Skip to main content

I apologize for my absence from the community over the past few days!

Before the post, I would like to make up for it with the sound of some of the coolest Grandpas in the world 😎

 

One of the aspects that Veeam has been reinforcing is the need for customers to implement and maintain cybersecurity policies using established frameworks in the market, such as the NIST Cybersecurity Framework 2.0. As an example, we have this excellent post by Ray Heffer:

https://www-veeam-com.cdn.ampproject.org/c/s/www.veeam.com/blog/nist-cybersecurity-framework-2-0.html?amp=1

Implementing technology solutions in line with the NIST Cybersecurity Framework 2.0 can be a challenge. However, with Veeam, this process is made easier. Some time ago, I prepared an association between the functionalities present in each of the elements of the Veeam Data Platform with the functions of the NIST Cybersecurity Framework 2.0, demonstrating the ease of implementation.

NIST Cybersecurity Framework 2.0 and how Veeam can help your organization – Cloud and Roll (cloudnroll.com)

 

https://i0.wp.com/cloudnroll.com/wp-content/uploads/2024/03/Veeam-NISTCSF2.png?resize=1024%2C575&ssl=1

 

The Veeam Data Platform can help to attend to the categories of each of the six functions of the NIST Cybersecurity Framework 2.0:

Govern (GV)

Functionality/Solution/Category:

  • Security and Compliance Analyzer: Veeam Backup & Replication - GV.RM, GV.PO
  • Disaster Recovery Planning: Veeam Recovery Orchestrator  - GV.RM, GV.PO, GV.RR
  • Disaster Recovery Testing: Veeam Recovery Orchestrator - GV.PO

Identify (ID)

Functionality/Solution/Category:

  • Infrastructure inventory: Veeam Backup & Replication – ID.AM
  • Infrastructure assessment report: Veeam One – ID.AM
  • Audit reports: Veeam One – ID.AM, ID.RA, ID.I'M
  • Optimization reports: Veeam One – ID.IM
  • Smart diagnostics: Veeam One – ID.RA
  • Business View: Veeam One – ID.AM, ID.RA
  • SLA Reports: Veeam One – ID.RA
  • Failure modeling: Veeam One – ID.IM
  • Capacity Planning: Veeam One – ID.IM

Protect (PR)

Functionality/Solution/Category:

  • Imutability: Veeam Backup & Replication – PR.DS
  • SureBackup: Veeam Backup & Replication – PR.DS
  • Kerberos: Veeam Backup & Replication – PR.PS
  • Off-site backups: Veeam Backup & Replication – PS.DS, PR.IR
  • Off-site replicas: Veeam Backup & Replication – PR.IR
  • Continouos Data Protection (replicação): Veeam Backup & Replication – PR-IR
  • Scale-out Backup Repository (SOBR): Veeam Backup & Replication – PS.DS, PR-IR
  • MFA for backup environment: Veeam Backup & Replication – PR.AA
  • Marking classified data: Veeam Backup & Replication – PR.DS
  • Backup Copy: Veeam Backup & Replication – PR.IR
  • BaaS (cloud/VCSP): Veeam Cloud Connect / Veeam Data Cloud - PS.DS, PR.IR
  • DRaaS(VCSP): Veeam Cloud Connect - PR.IR

Detect (DE)

Functionality/Solution/Category:

  • Inline malware detection: Veeam Backup & Replication – DE.CM, DE.AE
  • Scan backup: Veeam Backup & Replication - DE.AE
  • SIEM integration: Veeam Backup & Replication – DE.CM, DE-AE
  • Veeam Threat Center: Veeam One - DE.CM
  • Real-time monitoring: virtual, backup, and MO365: Veeam One - DE.CM
  • Possible Ransomware Activity: Veeam One - DE.CM
  • Abnormal decrease in VM volume: Veeam One - DE.CM
  • Creation of new services and processes in the VM: Veeam One - DE.CM
  • Suspicious incremental backup size: Veeam One - DE.CM

Respond (RS)

Functionality/Solution/Category:

  • Flags compromised recovery point: Veeam Backup & Replication – RS.AN
  • Automatic alarm remediation: Veeam One – RS.MI
    • o Starts a Backup and a SureBackup job
    • o Isolate the VM in a network (sandbox)
    • o Disconnect the VM from the production network
    • o Power off the VM
    • o Move the VM from the shared datastore
    • o Run a custom script on the VM

Recovery (RC)

Functionality/Solution/Category:

  • Instant Recovery: Veeam Backup & Replication – RC.RP
  • Secure Restore: Veeam Backup & Replication – RC.RP
  • Staged Restore: Veeam Backup & Replication– RC.RP
  • Granular application recovery: Veeam Backup & Replication – RC.RP
  • Database and NAS Recovery: Veeam Backup & Replication – RC.RP
  • Recovery to public cloud: Veeam Backup & Replication – RC.RP
  • BaaS (cloud/VCSP): Veeam Cloud Connect / Veeam Data Cloud RC.RP
  • DRaaS(VCSP): Veeam Cloud Connect – RC.RP
  • Orchestration of recovery based on the DR Plan: Veeam Recovery Orchestrator – RC.RP

In other words, if you already have or intend to acquire the Veeam platform, you will have taken a first step towards adopting the NIST Cybersecurity Framework 2.0 by integrating or implementing it with other cybersecurity solutions.

And, of course, this also applies to cloud environments and strategic enterprise applications.

I created a small list of integration and cross-selling possibilities between Veeam Data Platform, Veeam Data Cloud and Kasten with solutions from some manufacturers on the market.

This is a small sample of the freedom of choice and flexibility that Veeam provides for its customers. There are many other possibilities you can explore!

I hope it is helpful!

 

Veeam and VMware

  • Integration and cross-selling with many solutions, including:
    • VMware vSphere Essentials, Standard e Foundation (VVF)
    • VMware Cloud Foundation (VCF)
    • VMware vSAN
    • VMware Cloud Director
    • VMware Aria Suite
    • VMware Site Recovery
    • VMware Ransomware Recovery
    • VMware Cloud Disaster Recovery
    • VMware Tanzu Kubernetes Grid
    • VMware Tanzu Applications
    • VMware Cloud on AWS
    • Azure VMware Solution
    • VMware Cloud on Dell EMC
    • Google Cloud VMware Engine
    • IBM Cloud for VMware Solutions
    • Oracle Cloud VMware Solution

Veeam and Microsoft

  • Integration and cross-selling with many solutions, including:
    • Microsoft Windows OS e Windows Server
    • Microsoft SQL Database
    • Microsoft Active Directory
    • Microsoft Hyper-V
    • Microsoft 365
    • Microsoft Exchange
    • Microsoft Sharepoint
    • Microsoft One Drive
    • Microsoft Teams

Veeam and AWS

  • Integration and cross-selling with many solutions, including:
    • Amazon AWS EC2
    • Amazon AWS EBS
    • Amazon AWS RDS
    • Amazon AWS Aurora
    • Amazon EKS
    • Amazon AWS Elastic Search
    • Amazon AWS Snowball Edge
    • Amazon AWS EFS
    • Amazon AWS VPC
    • Amazon AWS Outposts
    • Amazon AWS S3
    • Amazon AWS S3 Glacier e Deep Archive

Veeam and Azure

  • Integration and cross-selling with many solutions, including
    • Microsoft Azure VMs
    • Microsoft Azure Stack HCI
    • Microsoft Azure SQL
    • Microsoft Azure Files
    • Microsoft Azure Keys
    • Microsoft Azure Archive
    • Microsoft Azure AKS
    • Microsoft Azure Data Box
    • Microsoft Azure Lighthouse
    • Microsoft Azure Managed Disks
    • Microsoft Azure Stack Hub

Veeam and Google Cloud

  • Integration and cross-selling with many solutions, including:
    • Google Compute Engine
    • Google Persistent Disk
    • Google SQL
    • Google PostgreSQL
    • Google Standard Storage
    • Google Archive Storage
    • Google GKS

Veeam and Oracle

  • Integration and cross-selling with many solutions, including:
    • Oracle Linux KVM - Oracle Linux Virtualization Manager
    • Oracle Database e Recovery Manager
    • Oracle RAC
    • Oracle Linux
    • Oracle Solaris
    • Oracle Cloud Infrastructure (OCI) Virtual Machines
    • Oracle Cloud Infrastructure (OCI) Object Storage

Veeam and IBM

  • Integration and cross-selling with many solutions, including IBM AIX
    • IBM Cloud Virtual Machines
    • IBM Cloud Object Storage
    • IBM Resiliency Services
    • IBM FlashSystem Storage
    • IBM Storwize
    • IBM DB2
    • IBM Security Guardium Key Lifecycle Manager (GKLM)
    • IBM Spectrum Virtualize

Veeam and SAP

  • Integration and cross-selling:
    • Proteção dos dados do SAP HANA Database (HANA BACKINT)
    • SAP on Oracle

Veeam and Salesforce

  • Integration and cross-selling:
    • Sales Cloud
    • Service Cloud
    • Financial Cloud
    • Health Cloud
    • Education Cloud

Veeam and Object First

    • Armazenamento imutável de backups on-premise.
    • Object First Ootbi (Out of the Box Immutability)

Veeam and Exagrid

  • Integration and cross-selling:
    • Exagrid EX 27, 36, 54, 84, 189ExaGrid with Veeam Accelerated Data Mover

Veeam and Lenovo

  • Integration and cross-selling with many solutions, including:
    • Lenovo ThinkSystem Servers
    • Lenovo ThinkSystem DG series
    • Lenovo ThinkSystem DE e DM series
    • Lenovo ThinkAgile séries HX e VX (HCI)

Veeam and Pure Storage

  • Integration and cross-selling with many solutions, including Pure Storage Flash Array E, C, X and XL
    • Pure Storage Flash Blade E eS
    • Pure Storage Flash Array Safe Mode
    • Pure Storage Portworx
    • Pure Protect
    • Pure Storage Evergreen – Storage Subscription
    • Pure Storage Purity - Software-defined storage

Veeam and NetApp

  • Integration and cross-selling with many solutions, including NetApp ONTAP
    • NetApp Fabric Attached Storage (FAS)
    • NetApp E-series E2712
    • NetApp E5700 Hybrid-Flash Array
    • NetApp E2800 Hybrid-Flash Array
    • NetApp StorageGrid SG5712
    • NetApp HCI
    • NetApp ONATP Cloud
    • NetApp SnapVault e SnapMirror
    • NetApp Egde, Element, Solidfire
    • NetApp Spot

Veeam and Quantum

  • Integration and cross-selling:
    • Quantum DXi
    • ActiveScale Object Storage
    • Scalar Tape Libraries

Veeam and Nutanix

  • Integration and cross-selling with many solutions, including Acropolis Hypervisor (AHV)
    • Nutanix Files
    • Nutanix Object
    • Nutanix Volume Block Storage
    • Nutanix Mine
    • Nutanix Data Services for Kubernetes
    • Nutanix Kubernetes Engine
    • Nutanix Cloud Clusters (NC2) on AWS

Veeam and Thales

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Integration with Thales CipherTrust Manager (KMS)
    • Thales Transparent and High-Speed Encyprition

Veeam and Kaspersky

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Integração com o Kaspersky Scan Engine (KES)
    • Kaspersky Managed Detection and Response (MDR);
    • Kaspersky Endpoint Detection and Response (EDR);
    • Kaspersky Extended Detection and Response (XDR)
    • Kaspersky Security for Microsoft 365
    • Kaspersky Hybrid Cloud Security

Veeam and CyberArk

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Proteção do Cyberark Vault
    • CyberArk Identity Compliance
    • CyberArk Identity Lifecycle Management
    • CyberArk  Endpoint Privilege Management (EPM)
    • CyberArk Identity and Access Management Definition
    • CyberArk Customer Identity and Access Management (CIAM)
    • CyberArk Privileged Access Management (PAM)
    • CyberArk Multi-Factor Authentication (MFA)
    • CyberArk Single Sign-On

Veeam and SolarWinds

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Solarwinds SIEM Tools/ Security Event Manager
    • Solarwinds Observability
    • Solarwinds Hybrid Cloud Observability
    • Solarwinds Network Performance Manager (NPM)
    • Solarwinds Network  Traffic Analyzer (NTA)
    • Solarwinds Database Performance Analyzer (DPA)
    • Server & Application Monitor (SAM/VMAN

Veeam and Extreme

  • Integration and cross-selling:
    • Extreme SDWAN. Conectividade segura para proteção distribuída dos dados: sites remotos, sites centrais e nuvem pública.
    • Extreme Switches. Conectividade para rede de backup.

Veeam and Riverbed

  • Integration and cross-selling:
    • Riverbed SteelHead, WAN Optimization e Cloud Accelerator. Aceleração de conectividade para proteção distribuída dos dados: sites remotos, sites centrais e nuvem pública.
    • Riverbed Application Performance Monitoring (APM)
    • Riverbed Cloud, Network, Infrastructure Observability

Veeam and Tenable

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Tenable Security Center, Nessus, Cloud Native Application Protection Platform (CNAPP), Cloud Infrastructure Entitlement Management (CIEM), Cloud Security Posture Management (CSPM), Web Application Scan, Tenable OT
    • Tenable Security Center | Tenable®️
    • Tenable Nessus
    • Tenable Cloud Native Application Protection Platform (CNAPP)
    • Tenable Comprehensive Cloud Security Application (CIEM)
    • Tenable Cloud Security Posture Management (CSPM)
    • Tenable Web App Scanning

Veeam and OneTrust

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • One Trust Privacy & Data Governance Cloud, Data Security Posture Management (DSPM)
    • One Trust Privacy and Data Governance Cloud
    • One Trust Data Discovery & Security
    • One Trust Data Security Posture Management (DSPM)
    • OneTrust Ethics and Compliance Cloud

Veeam and Quest

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Integração como QoreStor
    • Quest Erwin - Data Governance and Modeling
    • Quest KACE – Unified Endpoint Manager (UEM)
    • Quest Identity Manager
    • Quest Secure Password Management
    • Quest Guardian, GPOADmin, Change Auditor – segurança de AD
    • Quest Recovery Manager for Active Directory Disaster Recover

Veeam and Forcepoint

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Forcepoint Data Loss Prevention (DLP)
    • Forcepoint Cloud Access Security Broker (CASB)
    • Forcepoint Zero Trust Network Access (ZTNA)
    • Forcepoint Secure Web Gateway (SWG)
    • Forcepoint Next-Generation Firewall (NGFW)
    • Forcepoint User and Entity Behavior Analytics (UEBA)
    • Forcepoint Advanced Malware Detection and Protection (AMDP)

Veeam and Imperva

  • Integration + Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Imperva WAF, API Security, Runtime Application Self-Protection (RASP), Data Security
    • Imperva Firewall de aplicações WEB (WAF)
    • Imperva API Security
    • Imperva Runtime Application Self-Protection (RASP)
    • Imperva Data Security Solutions
    • Imperva Data Activity Monitoring

Veeam and HPE

  • Integration and cross-selling with many solutions, like:
    • HPE Proliant Servers
    • HPE Integrity Blade Servers
    • HPE Synergy
    • HPE Superdome
    • HPE Alletra Storage, Alettra dHCI
    • HPE SimpliVity Storage
    • HPE MSA Storage
    • HPE Primera Storage
    • HPE StoreOnce Catalyst
    • HPE StoreEver Tape
    • HPE StoreVirtual
    • HPE Greenlake – IaaS
    • HPE Aruba - rede dedicada para backup

Veeam and Cisco

  • Integration and cross-selling with many solutions, like:
    • Cisco Unified Computing Server (UCS)
    • Cisco Compute Hyperconverged with Nutanix
    • Cisco Intersight Kubernetes Service
    • Cisco FlashStack (Pure Storage)
    • Cisco FlexPod (NetApp)
    • Cisco SmartStack (Nimble)
    • Cisco VersaStack (IBM)
    • Cisco ACI e Nexus – rede dedicada para backup

Veeam and Dell

  • Integration and cross-selling with many solutions, like:
    • Dell Power Edge servidores
    • Dell VxRail (HCI)
    • Dell Power Protect Data Domain
    • Dell ECS - S3 compatible Object Storage
    • Dell PowerScale
    • Dell PowerStore
    • Dell PowerVault
    • Dell Unity
    • Dell Apex - IaaS

Veeam and Red Hat

  • Integration and cross-selling with many solutions, like:
    • Red Hat Enterprise Linux
    • Red Hat OpenShift Container Platform (OCP
    • Red Hat OpenShift Virtualization
    • Red Hat Virtualization
    • Red Hat Ansible
    • Red Hat OpenStack/Cinder

Veeam and Fortinet

  • Cross-selling addressing a Cybersecurity Strategy and referencing the NIST Cybersecurity Framework:
    • Fortinet FortiEDR
    • Fortinet FortiGate NGFW
    • Fortinet FortiSIEM e FortiSOAR
    • Fortinet FortiSandbox
    • Fortinet FortiAuthenticator
    • Fortinet FortCASB
    • Fortinet FortiMail
    • Fortinet FortiDDoS
    • Fortinet FortiSASE (Secure Access Service Edge)
    • Fortinet FortiCWP (Fortinet Cloud Native Protection) 

Veeam and Service Now

  • ServiceNow ITSM

Veeam and Sentinel One

  • Integration with com:
    • Sentinel Agent for Windows Server - integration with Sentinel One automatically analyzing the presence of malware in backup files

Veeam and McAfee

  • Integration with:
    • McAfee VirusScan Enterprise - integration with McAfee automatically analyzing the presence of malware in backup files

Veeam and Sophos

  • Integration with:
    • Sophos Managed Detection and Response (MDR) – integration with the exchange of events and logs between platforms

Veeam and SUSE

  • Integration with:
    • SUSE Rancher Kubernetes
    • SUSE Linux Enterprise Server

Veeam and Zadara

  • Integration with
    • Zadara Object Storage
    • Zadara VPSA (Virtual Private Storage Array

Reference: nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf

 

Wow!  That is one lengthy post Luiz but really great information.  Thanks for sharing.  👍🏼


Wow!  That is one lengthy post Luiz but really great information.  Thanks for sharing.  👍🏼

Thanks, Chris … 😊


Great post Luiz and a great visual aid to map the Veeam features to the NIST requirements.


Great post Luiz and a great visual aid to map the Veeam features to the NIST requirements.

Thanks so much, Mark! 🙏🏻👏🏻


Comment