Hardened Repository

To protect your backup files from loss as a result of malware activity or unplanned actions, you can add a hardened repository based on a Linux server to your backup infrastructure.

A hardened repository supports the following features:

• Immutability: when you add a hardened repository, you specify the time period while backup files must be immutable. During this period, backup files stored in this repository cannot be moved, modified or deleted, but can be copied.
• Secure Authentication: when you add a hardened repository, you specify the method used to authenticate connections.

• Certificate-based: No user name or password is required; authentication is performed using certificates. It is recommended for environments where Kerberos is disabled or unavailable, or for enhanced security. This option is available for hardened repositories deployed from the Veeam Infrastructure Appliance.
• Single-use credentials: Credentials that are used only once to deploy Veeam Data Mover, while adding the Linux server to the backup infrastructure. These credentials are not stored in the backup infrastructure. Even if the Veeam Backup & Replication server is compromised, the attacker cannot get the credentials and connect to the hardened repository.

In This Section

• About Hardened Repository
• Requirements and Limitations
• Preparing Hardened Repository with Veeam Infrastructure Appliance
• Preparing Red Hat Enterprise Linux Server as Hardened Repository
• Using Backup Server as Hardened Repository
• Adding Hardened Repositories
• Managing Hardened Repository