Skip to main content
  • EN

We been instructed to change our environment from a tape library system to a ejectable tape.  We can fit a set of our most critical data on a single LTO-8 tape, and have it changed daily by our Colo. The tape library will be maintained for the “nice to have” data.

The basic goal is to be able to restore critical data with nothing remaining of the VEEAM install but a tape and a printed copy of the encryption password. 

To table top this:  We would like to have a single daily tape that has all of our incremental and synthetic fulls written to it.  There is plenty of room for this as the existing repo has only 6.4TB used in it.  The whole repo directory simple needs moved to tape daily when the job is complete. 

 

Q1:  Is the basic goal here achievable?

Q2: What type of tape job can ensure that both the increments and the synthetic fulls make it onto every days tapes?

 

TIA

Yes, the goal is definitely achievable.

I would test 2 types of jobs - Backup Job to Tape and then File Copy to Tape.  I believe that the first one which is the preference I would use should work to send all files to tape - you need to set up the tape media pool and job to process the Incremental files.

Also using the Backup to Tape ensures Veeam copies all the required files to tape for restore as well.

Thank you, Chris.

I will plan a functional test next week.  Before we do this work, if the tape contains a full backup chain - the only thing we need to restore this data in a foreign VEEAM install is the physical tape and the encryption password? I will need to temporarily destroy a tape proxy to test a restore for this, and I don't want to waste a day of work.  

Thank you, Chris.

I will plan a functional test next week.  Before we do this work, if the tape contains a full backup chain - the only thing we need to restore this data in a foreign VEEAM install is the physical tape and the encryption password? I will need to temporarily destroy a tape proxy to test a restore for this, and I don't want to waste a day of work.  

Yes, you need the tape and encryption key.  You will import the tape on the new Veeam server to catalog it and then be able to restore.

Hi @tvurt -

Were any of the comments Chris provided able to help with your tape backup/restore question? If so, could you mark the comment which best helped you as ‘Best Answer’ so others with a similar question may benefit?

Thank you.

Also keep in mind this solution is not officially according to NIST Air Gapped per se. The main problem is that according to the official definition there can be no automatic transfer of data only manual human transfer, see below. It is important to understand this as compliance people could bring this up. Not saying it is not a great solution just have to watch the wording:

 

https://csrc.nist.gov/glossary/term/air_gap

Comment


Terms & Conditions