Link Menu Expand (external link) Document Search Copy Copied
Veeam

Security Zones

From a security perspective all related components can be deployed in a workgroup or a domain.
When talking about security zones then the components should be put as followed:

  • DMZ
    • VCC Gateway(s)
    • VSPC Web UI
  • MGMT
    • VCC Server
    • VSPC Server
  • DATABASE
    • SQL Server

The following diagram represents an example of the different security zones (VCC not shown here):

VSPC security zones

You can put one of the following services in front of the VSPC Web UI:

  • Web Application Firewall (WAF)
  • Reverse Proxy Server
  • Load Balancer (LB)

This can provide additional advantages:

  • Sits between external clients and the VSPC Web UI server, preventing anyone from directly accessing the web server
  • less exposure of the internal infrastructure
  • SSL offloading

Back to top

Copyright © 2025 Solutions Architects, Veeam Software.