Link Search Menu Expand Document
Veeam

Off-Site Backup

Service description

The general best practice and recommendation for data protection is to follow the 3-2-1 rule: three copies of your data, on two different media, one being off-site.

For most companies the biggest challenge is achieving the off-site copy. A Service Provider can build a Veeam-powered service to provide Off-Site Backup to their customers allowing them to support the 3-2-1 rule, without the need to invest on expensive infrastructure themselves, rather renting it as a service from a Service Provider.

The service exposes a storage space where customers can safely store their data. The storage exposed by the service provider can be one of the following options:

  • Cloud repository. (option 1 in the diagram below)

    By leveraging Veeam Cloud Connect, the service provider can assign a storage quota on their backup repository for the client. The client can then simply point backup (or backup copy) jobs to it as a secure backup target destination. At the back-end the Backup Storage can be further on protected:

    • First, the Backup Storage can be located on a Veeam Hardened Repository providing immutability and ransomware protection.

    • Second, the Backup Storage can be tiered to an Object Storage to provide an additional (and also immutable) copy of all backups or only to off-load GFS backups. With AWS S3 or Azure Blob object storage, these GFS backups can be tiered further on into the Archive Tier for long-term retention and cost-optimization.

    • Third, it can be also written to Tape for legal requirements, ransomware protection, offline copy, “sneakernet” restores and several other use cases.

  • Object storage. (option 2 in diagram)

    By leveraging Object Storage either from in-house (S3-compatible) or a public cloud vendor (such as AWS, Azure, Google, others), the service provider can provide off-site backup storage for the client. The client can then simply create a mirror of current backups and/or off-load long-term backups to the secure object storage target.
    Notes:

    • With AWS S3, Azure Blob or S3-compatible object storage, immutability can be used to provide ransomware protection. Please check the Veeam Ready database to verify which S3-compatible object storage vendors support immutability.
    • With AWS S3 or Azure Blob object storage, these GFS backups can be tiered further on into the Archive Tier for cost-optimization.

The solution is a service offering from the Service Provider and can be offered in both scenarios:

  • Unmanaged The customer’s entire on-premises backup environment is not managed by the service provider. The service provider only provides secure, remote backup storage to the clients.
  • Managed When offered as managed it can turn into a MSP Backup service. See MSP Backup for more info.

High-level diagram

Off-site Backup Use Case

Value proposition

Service Provider main benefits:

  • No VPN tunnels. Every customer connects directly over the internet using the same single TCP/UDP port protected by TLS in-flight encryption.
  • Multi-tenancy. Securily share backup resources among customers.
  • Tape-as-a-service. Meet compliance requirements for archival and retention, by offering an additional offload of the received backups into tapes. This option is only avalabile if Veeam Cloud Connect is used.
  • Automation. Full support for PowerShell and RESTful API.

Customer main benefits:

  • No upfront costs. Pay-as-you go.
  • Integration. Fully integrated into the existing Veeam solutions to guarantee a consistent user experience and ease of use.
  • Secure. Backups are encrypted at source, in-transit and at-rest.
  • Ransomware protection. Protect backups from deletion via Insider Protection or Immutability.

Veeam Solutions

The service is built with the help of the following Veeam solutions:

Service Provider side Customer side
Veeam Service Provider Console (VSPC) Veeam Backup & Replication (VBR)
Veeam Cloud Connect (VCC) Veeam Agents

Licensing and pricing

Veeam offers the following:

  • Pay-as-you-grow pricing plans that offer consumption-based licensing
  • Portable licenses for any customer, any workload, across any cloud
  • Automatic license update capabilities to maintain license distribution
  • Purpose-built products and partner portals to facilitate monthly usage reporting

Please check our Veeam Rental Licensing and Usage Reporting Reference Guide for more details.

Service Providers can charge for the Veeam-powered service in different manners. Options generally seen in the market are:

  • Managed offering:
    • Per machine protected (a Veeam license is consumed)
    • Total storage consumed (e.g. per GB/TB)
    • Total storage reserved (e.g. fixed price for the entire storage quota)
  • Unmanaged offering:
    • Per machine protected (When rental licenses from the same service provider are used, the off-site backup copy will not consume a license)
    • Total storage consumed (e.g. per GB/TB)
    • Total storage reserved (e.g. fixed price for the entire storage quota)

NOTE: Veeam licensing is based on number of protected workloads, every other metric can be tracked (via Veeam Service Provider Console) and charged to the end user as the provider prefers.

Want to know more?

Enroll in our free online VMSP / VMTSP Cloud Service Provider training course to learn more about the Off-Site Backup use case.

Table of contents

Back to top

Copyright © 2019-2022 Solutions Architects, Veeam Software.