Link Search Menu Expand Document

Design: MSP service administration

Even though it is technically possible to create Single-Server installations (also called All-in-one installations) for each of the service administration solutions, it is against all the best practices for a production deployment and therefore should only be used during a Proof of Concept (POC).

In a production environment, the recommended deployment is to spread out the different roles/services onto different servers. This way we can balance the load and add more resources to specific components when needed.

Order of deployment and dependencies

VSPC uses the tunneling technology of Veeam Cloud Connect (VCC) to create secure connections over public networks to the remote components such as Veeam Agents and Veeam Backup & Replication servers. Even if VSPC is only used for remote monitoring or licensing, VCC needs to be deployed. As both solutions require a SQL database to store its configuration, we need to either install MSSQL Server first or re-use and existing MSSQL Server installation.

The different components should be installed in the following order:

  • MSSQL Server (Database Server)
  • VCC
    • Veeam Backup & Replication Server (VCC Server)
    • Veeam Cloud Connect Gateways (VCC Gateway)
  • VSPC
    • VSPC Server
    • VSPC Web UI

VCC design

A complete Veeam Cloud Connect design is available at therefore this design guide continues directly with VSPC below.

VSPC design

In the diagram below the following services are spread out:

  • VSPC Server
  • VSPC Web UI
  • Microsoft SQL Server

Modular architecture

System requirements

The different VSPC components run on Microsoft Windows. Therefore we need to provide (virtual) machines with the following system requirements:

  • Minimum: Up to 1000 managed backup agents and 10 000 VMs managed by VBR

      VSPC Server VSPC Web UI MSSQL Server
    OS Windows Server 2019 Windows Server 2019 Windows Server 2019
    CPU 4 Cores 4 Cores 4 Cores
    RAM 8 GB 8 GB 8 GB
    Disk 50 GB 50 GB 50 GB*
  • Recommended: Up to 10 000 managed backup agents and 80 000 VMs managed by VBR

      VSPC Server VSPC Web UI MSSQL Server
    OS Windows Server 2019 Windows Server 2019 Windows Server 2019
    CPU 8 Cores 4 Cores 8 Cores
    RAM 16 GB 8 GB 16 GB
    Disk 100 GB 50 GB 100 GB*

*With the default setting of 3 months retention.


By default, log files will be written to a location under C:\ProgramData\Veeam. To avoid the system volume from running full, it is recommended to change the location to a drive or volume with enough free space. It is important to keep this in mind when designing the server specs. For more info on default log locations and how to change them, check our chapter on Log files.


From a security perspective all related compoments can be deployed in a workgroup or a domain.
When talking about security zones then the components should be put as followed:

  • DMZ
    • VCC Gateway(s)
    • VSPC Web UI
  • MGMT
    • VCC Server
    • VSPC Server
    • SQL Server

You can also put a Reverse Proxy Server in front of the VSPC Web UI. This provides other advantages:

  • it sits between external clients and the VSPC Web UI server, preventing anyone from directly accessing the web server
  • less exposure of the internal infrastructure
  • SSL offloading

Back to top

Copyright © 2019-2021 Solutions Architects, Veeam Software.