Veeam Backup & Replication performs protection of tenant backup files against accidental or intentional deletion in the following way:
- The SP enables the Keep deleted backup files for <N> days option in the properties of the tenant account.
- The tenant creates a backup in the cloud repository in one of the following ways:
- Runs a Veeam Backup & Replication backup or backup copy job targeted at the cloud repository.
- Runs a Veeam Agent backup job targeted at the cloud repository.
- When a backup or restore point is deleted from the cloud repository, Veeam Backup & Replication moves the backup file(s) to the _RecycleBin folder on the SP backup repository whose storage resources are exposed to tenants as cloud repositories. Veeam Backup & Replication performs this operation in the following cases:
- When the tenant performs the Delete from disk operation with a backup on a cloud repository.
In this case, Veeam Backup & Replication performs the following operations:
- On the tenant side, Veeam Backup & Replication removes the backup from the tenant Veeam Backup & Replication console and database.
- On the SP side, Veeam Backup & Replication moves backup files pertaining to the deleted backup to the "recycle bin".
- When the tenant performs the Delete operation with a backup file on the cloud repository in the Files node of the Veeam Backup & Replication console.
- When a backup file pertaining to a backup in a cloud repository is automatically deleted from the backup chain according to the retention policy defined in the job settings.
Veeam Backup & Replication moves to the "recycle bin" only backup files of the VBK and VIB types. VBM backup files are deleted from disk immediately.
If the tenant plans to create off-site backups with a backup copy job, they should enable GFS retention settings in the job properties. This way, Veeam Backup & Replication will be able to protect backups created with the job against an attack when a hacker reduces the job's retention policy and creates a few incremental backups to remove backed-up data from the backup chain.
With GFS retention settings enabled, the backup chain will contain a sequence of full backups that will not merge according to a retention policy. After such a backup is moved to the "recycle bin", the tenant will be able to use it for data restore.
If the tenant does not enable GFS retention settings for the backup copy job, the job will complete with a warning. In the job statistics window, Veeam Backup & Replication will display a notification advising to use the GFS retention scheme for the job. Note that the warning is displayed only if the tenant backup server runs Veeam Backup & Replication 9.5 Update 3 or later. In earlier versions of Veeam Backup & Replication, the warning will not be displayed, and the backup copy job will complete with the Success status.
- Veeam Cloud Connect Service running on the SP backup server checks the configuration database to get the date when the backup file was moved to the "recycle bin" and compares it to the current date. This operation is performed regularly with an interval of 20 minutes.
- When the time interval between the date when the backup file was moved to the "recycle bin" and the current date exceeds the number of days specified in the Keep deleted backup files for <N> days setting, Veeam Backup & Replication deletes the backup file from the _RecycleBin folder.