Protect your backups from Ransomware

Immutable primary backup storage with a hardware-agnostic touch

Ransomware and malicious acts within our IT environments are rampant across the world, and the last line of defence is going to be your backups.

In Veeam Backup & Replication v10 we introduced the ability to store your Veeam backups in AWS and S3 Compatible Object storage using the Object Lock API. This would mean that you would have a secondary copy of your backup data most likely offsite and in an immutable state, which means it can’t be modified and is protected against insider malicious activity.

Fast forward to the release of Veeam Backup & Replication v11, and we have enabled a way of storing data, agnostic to hardware in your primary location leveraging Linux with the NEW Hardened Linux Repository.

Benefits of immutable storage backup

By definition, immutability is a solution that prevents data deletion or modification from the storage.

Knowing that data is critical to all businesses—leveraging an immutable copy of your backup data ensures that there is an untouched version of that source data that is always recoverable and safe from any failure scenario.

Veeam Backup & Replication v11 enables you to store your short-term retention backups locally onsite for fast recovery with the protection of immutability. In addition, you can now tier those backups into an immutable object storage offering offsite, giving you additional protection against unforeseen malicious activity or accidental deletion.

Immutable backup storage can help in the following cases:

• Production data is corrupted or compromised

• Accidental deletion of production data

• Insider malicious activity, administrators modifying backup job retention or deleting restore points.

What is the Hardened Linux Repository?

The Hardened Linux Repository enables primary backups to be immutable, not by packaging a storage appliance together, but by offering the ability to achieve local immutable backup storage by using generic compute and storage with a supported Linux x64 distribution that provides this functionality.

Immutability protects your data from loss because of malware activity or other failure scenarios mentioned above by temporarily prohibiting the deletion and modification of data.

Let’s take a quick look at an overview video and walk through the value of the Hardened Linux Repository capability in Veeam Backup & Replication v11:

What to look for in a backup provider that supports immutability

Everything we do here at Veeam is designed to promote and support simplicity, regardless of the complexity under the hood. The Veeam Hardened Repository is no different.

You will need:

• A physical server with direct attached storage or SAN attached storage. It will run as a virtual machine but consider the implications on where this is running and where the storage is presented from.

• A Linux distribution (64-bit edition of Linux must be able to run 32-bit programs)

• The Linux distribution is advised to support the XFS file system (block clone technology)

• The Linux distribution must support the chattr command

• Veeam Backup & Replication v11 or higher/newer

• Veeam backup types used must be forward incremental with periodic synthetic or active full.

• Veeam backup copy jobs must have GFS points configured.

You will notice from the above that there is no requirement for specific hardware or appliances! The hardened repository will be added to your Veeam Backup & Replication management server in the same way you add all other repository types. A super simple wizard driven approach requires only one checkbox mark to enable this feature.