Veeam Branded Appliance | Veeam Community Resource Hub

I have been working at Veeam going on 9 years now and most of this time has been working with the VCSP/MSP team. Over the years there is always the question for a Veeam appliance to simplify deployment for the MSPs wanting to backup and protect their customers. Obviously as a software-based product you can always create a Veeam branded appliance, basically you pick the hardware vendor of your choice and install Veeam on it and you have an appliance .

At VeeamOn this year, a Veeam software appliance was announced along with an appliance partner mentioning an appliance as well. So, I thought it was a good idea to put up a post to break down options that I see coming from these offerings as well as just what is an option based on just the install.

I would say there are basically 4 types of deployments that can be done, and they each have pros and cons. My goal is to cover these here at a high level and hopefully help guide you if you decide to venture into building one. This is not a comprehensive list or steps but just a guide to start you considering what method might work for your situation, and there may be other options that I have not thought of.

Number 1 – Direct install on the physical server of the operating system, considered an All-In-One deployment. This can be done with Windows Server OS today and coming soon the Veeam Software Appliance based on Linux. Let’s start with Windows. You can choose any Intel based server platform that supports Windows Server to start with and verify that it can handle enough hard drives to support the amount of local storage for the local retention policy you are looking to support. For resource requirements, here is a link to the help center guide:

https://helpcenter.veeam.com/docs/backup/vsphere/system_requirements.html?ver=120

Remember this is an All-In-One when considering the amount of CPU and Ram. Once you have the server, install Windows Server and update. Remember to divide the hard drives into at least 2 partitions, 1 for the OS install and the other should be formatted as ReFS to take advantage of block clone savings and used to store the local backups, then install Veeam. You can setup a silent install to make it easier to repeat settings using this part of the guide: https://helpcenter.veeam.com/docs/backup/vsphere/silent_mode_vbr.html?ver=120

Pros: It is Windows Server, which has been Veeam’s install since version 1 and most IT staff know how to install and use Windows Server. Can be setup to be managed by Veeam Service Provider Console (VSPC) to patch and update Veeam software and monitor all things Veeam in the customer environment.

Cons: Well, it is Windows Server. Need a license from Microsoft, need to have remote access to update and patch the OS. There are no additional resources for testing with Sure Backup or other local testing if the customer does not have extra resources in their virtualization hosts. No local backup immutability, therefore, it is key to have a backup copy job to an offsite immutable backup repository, also setup the backup configuration backup to an offsite location.

Veeam Software Appliance option. Like the Windows Server option, start with getting a physical server to install onto that has enough resources and hard drive space for local backups. In this option, the Linux OS and Veeam software are all included in the ISO which simplifies the install. At minimum, 2 drives/partitions are needed with 256GB of space each. Obviously, you will want a bigger second drive to store backups locally depending on local retention needs.

Pros: Simplified deployment and management. Updates for both the OS and Veeam components can be done via the Web UI of the appliance and eventually as an option in Veeam Data Cloud. Local repository can have the Hardened Linux Option although this is not considered a fully hardened repository as there is a bigger attack surface with all the Veeam components and ports having to be open, but it is better.

Cons: Not fully hardened/immutable. Still a single point of failure and would highly recommend immediate offsite copy to immutable repository and Configuration backup setup to offsite repository.

Number 2 – Physical server setup as a virtualization host. Again, use the Intel server of choice along with Hypervisor of choice. Can be Hyper-V, VMware, AHV, Proxmox, or any Veeam supported hypervisor (preferred one that supports Instant Recovery). Suggestion would be to include enough resources to run at least 2 VMs, 1 the Veeam server (either Windows Server or Veeam Software Appliance) and 1 a Linux Hardened Repository, and then have ability to setup SureBackup and backup file mounting for security scans to verify clean recoverability.

Pros: Hardened Linux Repository for local backup storage and with additional resources, the ability to mount and scan backups to verify they are clean and recoverable. Although the repository is a VM and thus could be deleted at the host level and breaking the immutability, host access should be limited to MSP staff which would be closed off from the customer.

Cons: As just mentioned, semi hardened repository as could be manipulated at the host level. Additional complexity as now need to patch the hypervisor host and possible licensing cost as well.

Number 3 – Repository only via MSP with a Veeam Server as VM on customer environment. This repository can either be MSP built or third-party option. Could be Intel server of choice with Veeam Hardened Linux Repository ISO as a great option, MSP built Linux block or object (like Minio), or from a Veeam Alliance partner.

Pros: Easier management of the repository and possibly less resources needed to run just a repository. True hardened/immutable local backups.

Cons: Veeam Server on customer production can be compromised or fail along with production. Less separation in a Zero trust security model. Customer admin level of environment can cause issues with Veeam Server. Still need to patch OS and Veeam components, so same considerations of Windows Server or Veeam Software Appliance apply here. Service offering consuming customer resources may cause conflict of cost of service with customer.

Number 4 – New announcement at VeeamOn, third-party appliance option. Currently one was announced with Scality Artesca. This is a container type deployment on either MSP provided Intel Server or hardware purchased from Scality. True separation of components, Veeam Server or Software Appliance in one container and Scality Object storage in another container.

Pros: true local immutability via Object lock and with separate components having limited access to the containers. Third-party support for the offering.

Cons: Additional cost

Page 1 / 1

It is interesting now the choice we have and nice to see the pros/cons of each. An appliance is something we do so looking at the newer options now should benefit us.

Good overview discussing all the install options with Veeam Marty

Comment

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded