Last week, I had the pleasure of being one of the experts in the VeeamON Virtual Expert Lounge for both the APAC and Americas events. I also attended the Europe event.

In this blogpost, I’m sharing some of the questions we received and answered, so we can all benefit.

Licensing

The following questions were asked regarding to Veeam licensing:

How does licensing work for workstation backup? We currently use the free version for workstations, and the enterprise edition for our VMWare virtual machines.

Workstations are protected with Veeam Universal licenses, which are sold in bundles of 10. 1 license will protect 3 workstations, 1 Server, 1 VM, 1 Enterprise app, or 250GB of NAS. Take a look at the editions comparison to determine which edition will work best for you.

We are running per socket perpetual licensing now. We need 10 additional socket licenses. Can we still buy these licenses or are these converted in Universal Licenses?

Perpetual licensing with Veeam is still possible. You can still license sockets. No licenses are automatically converted to the Veeam Universal Licensing (VUL) scheme. License administrator can convert licenses at will in the customer portal.

Tiers and protection

The following questions were asked regarding to scale-out backup repositories, the cloud tier and Cloud Connect:

Is there a Veeam CSP target option for capacity/cloud tier?

If you are running a public S3 Compatible platform that can be a target for the Object Storage Repo. Otherwise you would be looking at offering Cloud Connect Backup as an offsite Cloud Repository.

Can the Cloud Connect Repo act as object storage for the cloud tier?

Cloud Connect is a separate technology outside of the Scale Out Backup Repository (SOBR) functionality.

Regarding avoiding Ransomware issues, what is the recommended way to setup my environment? Should the backup server be added to the domain or not? What other things do you recommend?

Anton Gostev's blogpost here sheds some more light and provides links to the smart choices you can make. Remember that these choices may also negatively impact the backup, management and restore processes.

Does Veeam plan to integrate the Kaspersky solution with Secure Backup?

As far as Kaspersky is manageable with a CLI you can use it with Secure Restore, right now.

It was being talked about that you could now restore a backed up physical server straight to a VM on vSphere. Is that same ability available for Hyper-V?

Yes, when you create agent-based backups you can restore wherever you need.

Cloud

The following questions were asked regarding backing up and restoring cloud services, like Office 365 and Azure Stack:

Are we able to backup the office 365 to on premises disk storage?

Veeam Backup for Microsoft Office 365 (VBO) is Veeam’s standalone product to create backups of data in Office 365 to on-premises storage. It creates backups of data in Exchange Online, SharePoint Online, OneDrive for Business and Teams. Here’s more information.

Are there any performance increases with VBO v4?

Yes, there are significant performance improvements for both SharePoint and OneDrive. It uses multiple accounts to overcome per account throttling.

Will Veeam Backup For Office 365 v4 be able to restore Teams better than Veeam Backup For Office 365 v3

There is no change in the way VBO v4 restores Teams data compared to VBO v3.
Veeam is aware of certain limitations, like restoring a file attachment in a teams chat (restoring the chat including attachments). This functionality is currently missing in the Office 365 APIs.

How about Azure AD backup, are we able to backup to on-premises storage and restore it in the on premises host?

Not at the moment. Take care of different attributes that reside only in Azure AD.

Is Veeam B&R able to communicate with the old Azure Stack or the new Azure Stack HCI?

Yes. Azure Stack HCI leverages Storage Spaces Direct (S2D). This is supported with VBR and not a problem at all – just like any other Hyper-V cluster deployment. The product formerly known as Azure Stack is now called Azure Stack Hub and requires agent-based backups in Veeam. There are now three products from Microsoft with the Azure Stack moniker:

1. Azure Stack Edge, a cloud-managed appliance with use cases like Machine Learning on-premises, IoT solutions and network data transfer
2. Azure Stack HCI, a Hyper-converged Infrastructure (HCI) solution to run virtual machines and use Windows Admin Center to connect to Azure for cloud services
3. Azure Stack Hub, a cloud-native integrative system for disconnected scenarios, data sovereignty and application modernization, leveraging consistent Azure services and APIs.

When will immutable backup repositories be available for Azure like it will be for AWS?

Microsoft recently announced write-once, read-many (WORM) Azure storage. However, the feature in Azure offers container-level lock functionality, whereas the AWS feature offers object level locks. Azure’s current functionality would not be very cost-effective for incremental backups.

Miscellaneous

The following miscellaneous questions were asked and answered:

For a backup repository, what is the maximum size?

There isn't a max disk size for a backup repository as such. It's dictated by your storage and the filesystem type. If you are having disk and storage constraints you can extend Object Storage via Veeam’s Cloud Tier built into the Scale Out Backup Repository (SOBR) functionality.

How do we know that Veeam Backup is backing up valid data, not corrupted data?

Veeam Backup and Replication (VBR) creates backups. In the backup process there is no true check if the right data and sufficient data is backed up. However, VBR offers the SureBackup functionality, that allows you to restore a backup for a test scenario. You can run automated tests to this restore and test if the VM is indeed restorable (sufficient data) and restores as intended (the right data).

Can we backup VMs configured for Near Sync via the Nutanix API?

No. It seems to be a limitation in Nutanix, not Veeam, so it might be better to ask if Nutanix will support it soon. Nutanix version 5.10 still shows as lightweight snapshots which do not support change block tracking which is what Veeam and other backup solutions use to tell what needs to be backed up and what has already been.

I recently added a SAN to the Veeam Server in the Infrastructure Settings. As soon as it was connected and Veeam had finished doing the Inventory it looks like all our existing backup jobs started using the SAN for creating the snapshots. I did not change any of the backup job settings. Is there a way in the backup job to turn off the ability to use the SAN for snapshots and force it to use the usual way and have Veeam create the snapshot in vCenter?

The backup job now uses the Backup from storage snapshot option. If Veeam Backup & Replication (VBR) detects a supported storage array, it turns on the integration automatically. To return to the previous backup method, disable the option.

I’m looking at offsite Veeam Copy\Replication with 2 EMC Dedupe boxes. Is it better to use native replication or Veeam Copy?

We always recommend to use Veeam Backup Copy Jobs. In this case Veeam Backup & Replication is aware that every single block made it offsite successfully. There’s no such ‘insurance’ if you use native deduplicated replication.

Concluding

It is clear that Veeam succeeded to get the possibilities of cloud in the heads of the attendees at VeeamON Virtual this year.

In cloud scenarios things change faster and Veeam is depending on the API possibilities from the cloud vendors.

That latter has always been the case, even when they started out with VMware vSphere. The difference today seems that vendors of hyperscale cloud platforms catch the eyeballs of people faster, entice them faster, but lack in API support. The number of organizations on the platform and demanding improvements dictates the development of secondary goals like API management.

Large cloud vendors get away with it, today. With their reputation of being a cutting-edge and agile data protection vendor, Veeam now sometimes take the hit, while from a secure development point of view, they’re walking the right path, the API path.