Infrastructure overview

3-2-1-1-0

Once we have defined all the numbers required for the sizing calculations, we need to have a look on the infrastructure estate. It is the best practice to follow the the 3-2-1-1-0 rule:

• Have at least three copies of your data.
• Store the copies on two different media.
• Keep one backup copy off-site.
• Make One Copy Offline, Air-gapped, or Immutable.
• Have Zero Errors

Veeam Backup & Replication can help you to fulfill all 3-2-1-1-0 backup rule requirements:

• Have at least three copies of data:
  Set up several backup jobs to create several backups for each of your virtual and physical machines.
• Store the copies on two different media:
  Veeam is storage-agnostic, meaning it supports disks, tapes, the cloud and more. You can store your backups to any of the listed media.
• Keep one backup copy off-site:
  Set up backup copy jobs to transfer your backups off-site to another location or a to a Veeam Cloud Connect repository, or use a Scale-out Backup Repository to automatically offload all backups to an Object Storage in the Public Cloud, at another location or at a Veeam Cloud & Service Provider.
• Make one copy offline, air-gapped, or immutable:
  Acknowledge the importance of having one copy that is either offline, air-gapped, or immutable. This aspect is critical, especially in the context of ransomware protection, where an offline, air-gapped, or immutable copy can be a lifesaver.
• Have zero errors with SureBackup Recovery verification:
  Finally, ensure that your data is error-free by employing SureBackup recovery verification, which can proactively identify and address potential issues with your backups.

Air-gapped backups with immutability

Veeam Backup & Replication allows you to prohibit deletion of data from certain backup repositories by making that data temporarily immutable. It is done for increased security: immutability protects your data from loss as a result of attacks, malware activity or any other injurious actions.

The following solutions offer exactly this for the duration of the retention period:

• Veeam Hardened Repository
• Veeam Data Cloud Vault
• Amazon S3 Object Lock in compliance mode
• S3-Compatible Object Lock in compliance mode
• Azure Blob with version-level immutability
• IBM Cloud Object Storage with Object Lock in compliance mode
• Wasabi Cloud Object Storage with Object Lock in compliance mode
• Dell Data Domain with compliance mode
• HPE StoreOnce with immutability enabled

In order to use immutability, for most object or deduplication storage systems you need to enable the Object Lock and Versioning features on your storage system at the time you create the storage target like buckets or mtrees. Please see the Helpcenter Repository pages for details.

Planning

Before you start planning the locations to store the backup data, you need to get a proper overview of the network topology of your infrastructure. You need to know the type of connectivity and the amount of bandwidth available between locations.

Where you need to store a copy of the data can also be a business decision. Some organisations like to store a copy of all data within a specific region or location. Sometimes it’s even needed by law or segment regulations.

In the end, you need to gain insight into the planned data-flow within you infrastructure and the locations where storage capacity is required. With this planning in mind, the inventoried amount of data, the change-rates and the backup window you can determine the bandwidth needs between locations.

References

• 3-2-1-1-0 rule explained
• Scale-out Backup Repository
• Blog - Object Storage Immutability
• Helpcenter - Object Storage Immutability

---