Design

In most cases the SP data protection scenario is implemented based on one or multiple Veeam Backup and Replication deployments.

In this section we will focus on the best practices for multi-tenant environments. General best practices for individual VBR installations are already covered in detail in the VBR Best Practices Guide.
Since VMware Cloud Director merely serves as a management layer over the VMware Infrastructure, there are no distinct best practices for individual VBR backend architecture in this context. It’s recommended to use the standard VBR best practices we mentioned before.

The core differentiators of SP Data Protection deployments versus general deployments are:

1. Network segmentation (often referred to as network isolation)
   As per security requirements - most tenant networks are completely isolated from the service provider’s environment. That brings solid limitations in a backup and restore approach.

2. Data protection responsibilities
   Data protection management can be either fully controlled by the service provider, provided via a self-service portal or a combination of both. In the contrary to a fully managed service (when the backup administrator controls backup job creation) - self-service tenants are 100% responsible for creating backup jobs. This leads to an uncontrollable growth and unpredictable configuration of backup jobs. In turn it results in challenges for load balancing, scheduling and the selection of recommended options.

3. Billing
   An initial design should always keep in mind the possibilities and ways of charging for the services.

All the design decisions should be made considering the above.

---

Table of contents

• Backend Scalability
• Frontend Scalability
• Veeam Backup Enterprise Manager
• Veeam Service Provider Console
• Proxy Modes
• Repository Types
• Application-Consistent Backup and Restore
• Agent Management

---