It depends on multiple things.
Your budget, the amount of storage you have, and your current infrastructure.
AirGap has transformed in the last few years to “Immutable”. There are storage companies like object first, ExaGrid, that will give you immutable backups that can not be deleted or modified. Companies like Wasabi and BackBlaze do this in the cloud.
You can also install a Linux repo on a host, and use almost any object storage to do the same efffect. These companies just make it super simple with the VeeaMover integrated. Plus they usually scale nicely and provide redundancy etc.
StoneFly has an “Air-gapped Node” that will Disconnect itself from power and network automatically. It sounds like it sets a timer on the storage to bring itself up.
“Air-gapped nodes are physical backup and disaster recovery appliances purpose-built to provide air-gapping and immutability for your critical backups, snapshots, and replicas.
The air-gapped nodes leverage Veeam-integration and enable storage administrators to set policies which automatically isolates the nodes using the built-in network and power controller.
As the backup data stored in air-gapped nodes is isolated from your production and backup environments, it is protected from threats such as ransomware attacks, accidental/malicious deletion, virus, etc.”
I use Tape. With large amounts of data it’s the cheapest, and nothing says AIRGAP like removing it from the library. I can take backups offsite as well. If it’s plugged in, it can be compromised. If a bad actor was in your network and had access to your Veeam infrastructure, it wouldn’t be hard to see the time for the backup window. They could then plan an attack on the “Air-Gapped Node” during that window.
That being said, if it is ALSO immutable and your Veeam environment is secure, any added security measures are a good thing. It at least makes the attack window smaller. The attack window for my exported tape jobs is 0 seconds though. Hard to beat.