It’s no secret that Veeam Software has a reputation for being easy to setup, manage and support. One of Veeam’s tag lines was “it just works”, it was true then and is true now. So, why would Nexstor, a Veeam Platinum partner, feel the need to talk about how to optimise your Veeam setup? Well, although Veeam is indeed easy to setup and it does indeed “just work”, because it works so well some of the features and enhancements are just not utilised as installations are simply upgraded and updated as time goes by. That “don’t try and fix what isn’t broken” mind set.
Over time this means that new features are not implemented but also that potentially as new industry best practices are developed, they are not implemented, and that’s the purpose of this series of blog posts – to put a spotlight on some of the Veeam tools and features and how their use can help with data protection and security.
Four-Eyes
Our first area of the Veeam software backup and replication functionality that we will put a spotlight on is “Four-Eyes Authorisation”. Four-eyes as its name suggests forces 2 users to authorise certain destructive or risky configuration changes. So rather than 1 user being able to independently decide to delete a backup or disable MFA for example, when implemented Four-eyes ensures the system waits for a second user to authorise such an action, thereby reducing the risk of accidents affecting data management.
When four-eyes authorisation is enabled, tasks such as delete backups, removal of backup repositories, disabling MFA (to name a few) require a second user to authorise the change. Four-Eyes Authorisation kicks in when a user attempts one of these “risky” actions, an approval is displayed in the “Home” view and optionally an email notification is sent to the users privileged to approve the change. The second user can then approve or reject change. It should be noted that Four-eyes is a defence against accidental deletion rather than backup server compromise.
Data Encryption
Data encryption in Veeam Software is not new; it’s been around for a few versions of VBR, so this isn’t breaking news by any stretch but, it’s not usual to see solutions configured with encryption enabled. Data Encryption provides protection against data theft by ensuring that even if the network is compromised by hackers’ data cannot be read unless they have the encryption key. Veeam Data Encryption is set at the job level and is used to encrypt data blocks in the backup files.
Data is encrypted at the source side and transfers them to the target side in an encrypted format. Veeam uses a standard 256-bit AES encryption. It’s nice and easy to set up and doesn’t add much overhead to compute resources, or at least most data protection infrastructures can cover the additional load without any performance issues.
Malware Detection
Veeam Backup & Recovery provides malware detection in a number of ways, and at a number of points along the data flow, for a variety of use cases all complimenting each other to provide some thorough coverage. Pre data transfer on the Source side Veeam can carry out an activity analysis of the filesystem during the guest indexing data scan, prior to any data being transferred. Veeam scans for suspicious file types, names or activity during the backup job. The process looks for suspicious file types and extensions as well as renamed and deleted files. Marking objects as being suspicious if a match is found.
During the backup job data transfer Veeam utilises a technique called “Inline entropy analysis” whereby Veeam scans the data for encrypted files and text artifacts potentially created by Malware. Post backup completion YARA Rules base detection, YARA rules can be constructed to scan backup files for Malware post backup job completion. YARA rules is a structure of strings, regular expressions and conditions used to identify and classify malware. Prior to restore an Antivirus scan can be used to scan recovery points prior to restoring the data to ensure that the data being restored is clean from infection.
So, as you can see Veeam is capable of detecting Malware at 4 points along the Data protection life cycle which is impressive and that before we even talk about 3rd party. Veeam Software Backup and Replication is a feature-rich data protection solution, and the items highlighted in this post are just a few that can aid with data security.
Partner With Nexstor For Expert Veeam Optimisation
Ready to unlock the full potential of your Veeam setup? Nexstor, a trusted Veeam Platinum Partner, specialises in helping businesses like yours optimise their data protection strategies. From enabling advanced features like Four-Eyes Authorisation to configuring robust encryption and malware detection, we ensure your Veeam solution works smarter for your business.
Contact our experts today to learn how we can enhance your data security and resilience.
Image Source: Canva 
