• EN
Solved

Cohesity Immutable snapshots and DataLock with Veeam Backup

  • 16 February 2023
  • 4 comments
  • 321 views
A
Userlevel 1

Greetings,

Below is a part of Cohesity's multi-layered protection against a ransomware attack as mentioned in the Cohesity datasheet, there is a document for best practices when configuring carving regular repositories and/or SOBR from Cohesity to the Veeam Server and this is can be done over SMB or NFS protocols. my question is if we followed these best practices, can we leverage Immutable snapshots and Datalock from Cohesity with Veeam Backup?

 

 

also I read this on Reddit:
 

 

icon

Best answer by Chris.Childerhose 16 February 2023, 14:16

View original

4 comments

dips
Userlevel 7
Badge +7

Hi @Ahmadgmc 

Welcome to the Community forums. I am not too familiar with the Cohesity platform, however my first question, after reading the information snippet from the Cohesity datasheet is, ‘Can an Admin on the Cohesity platform delete the gold copy backup snapshot irrespective of retention period?’ 

 

It would be better for Veeam alone to handle all backup retention and immutability operations without anything else being able to. 

 

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
A
Userlevel 1

Hi @dips,

Thank you for your message.

your question is regarding the data locked snapshot or the read-only snapshot. I would say for both the admin will not be able to delete the snapshot. in other words, locked snapshot can be deleted only after its retention period expired, additionally, if the backup snapshot is in read-only access then no it cannot be deleted.   

Chris.Childerhose
Userlevel 7
Badge +20

We use Cohesity and have configured it as per their documentation but have never tested the immutable features but based on what you posted I agree that Veeam will not be able to conduct retention removal and it will need to be done on the Cohesity by the Admin.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
dips
Userlevel 7
Badge +7

Hi @dips,

Thank you for your message.

your question is regarding the data locked snapshot or the read-only snapshot. I would say for both the admin will not be able to delete the snapshot. in other words, locked snapshot can be deleted only after its retention period expired, additionally, if the backup snapshot is in read-only access then no it cannot be deleted.   

Just to add, you still have the issue where a malicious actor getting in to the Cohesity device and performing a reset may cause you to lose all your backups. Ideally you would want something that only Veeam manages.

Again, I am not too familiar with Cohesity so my understanding may be incorrect in the way it works. 

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

Comment


Terms & Conditions