Tag Archives: backup

Security Beyond the Firewall

Most companies take it as a given that firewalls, antivirus, and backups are minimum security controls for the standard business.  While it remains true that having a layer-7 aware firewall, solid endpoint protection and recoverable backups are controls every organization should have in place, there’s more to security than firewalls, endpoint protection and backups.

Central to any comprehensive security strategy is visibility of what is going on within the network.  This comes in two forms: network monitoring systems and log aggregation and alerting systems.  Network monitoring systems come in the form of SNMP monitoring systems and Flow monitoring software.  Log aggregation and alerting systems are most typically referred to as security information and event management systems (a.k.a. SIEM).

Systems that provide SNMP and Flow monitoring of the network give visibility into the packets traversing the network on a port-by-port and application basis.  Such information can be useful in identifying rogue PC’s on the network – such as those infected by a virus – or systems that are producing excessive volumes of traffic from one application type or another.   At the end of the day, this visibility gives insight into what constitutes a “normal” day on your network.

SIEM’s are another class of software altogether, designed to collect logs from various systems, to analyze those logs for anomalous events and alert on those events.  These alerts typically come in the form of emails or texts. The analysis that comes with those alerts is highly sophisticated to identify anomalies across all systems – not just the network, but across domain controllers, workstations, network appliances, switches, routers, antivirus solutions, data loss prevention systems, and any other variety of systems you send logs from to the SIEM.  Such systems can be quite powerful and insightful.

So, while state-of-the-art firewalls, antivirus, and backups provide protection against the myriad of threats that the average network may face, they are not sufficient to protect your network from the totality of threats that your network faces on a day-to-day basis.  To protect against the full range of attacks, you need security that extends beyond the firewall.

Why Veeam?

This is the second installment of a series by Systems Team Lead Matt Peabody to begin to answer a question he hears all the time: “Why vendor X?”

One of our account managers had been helping to look for a backup product as our primary offering.  He brought Veeam to us over 4 years ago and was really excited about the product.  I was one of the engineers installing Veeam for customers and was managing it internally for our own data protection once we verified it was a good fit for us. Over the years, our knowledge of the product continues to expand, and we have seen overwhelming success for our customers using the product.

Backup products are plentiful, and the list of companies offering backup continues to grow.  There are a few things, however, that separate Veeam from the competition:

1. Setup
Veeam’s install has always been extremely easy to walk through.  They continue to improve the process, and the latest install is nearly “Click install, next, next, finish.”  From there, it usually takes us a few minutes to configure where to back up, what to back up and when to back up the data.  There is much planning involved to get to this point, but once we have the information we need, the set up process is always a breeze.

2. Performance
Veeam’s scale out architecture allows it to grow into our largest customers.  We can easily add more repositories if we need more space and more proxies if we need more network or CPU throughput.  Since we can eliminate single points of failure and throughput bottlenecks, we have shrunk backup windows for many of our customers from hours to minutes or even multiple days to hours.  Many of our customers utilize iSCSI arrays, and tapping into the SAN fabric with a Veeam server for backups greatly decreases load on the network and production infrastructure, further lessening the impact of backups.

3. Backup Testing
Whenever we talk to customers about their backup solutions we always ask if they have ever tested their restores. The answer is usually that their backup product told them the backup was successful and they didn’t assume otherwise.  After working with many customers through many incidents, High Point Networks has adopted the mentality that a backup is not complete until a restore has been tested.  Veeam’s SureBackup automates the testing process and uses their Instant Restore feature to turn on a live VM from the backup file and test to make sure all the services start. This guarantees the recovery of the files in a backup.

4. Restore
Many backup products back data up easily enough, but Veeam excels at restoring data too.  They have multiple ways to restore data, ranging from an Instant Restore of the entire VM, to a single file, all the way down to item-level (email, calendar appointment) recovery for Exchange.  Their Explorer wizards greatly improve the experience of restoring advanced items in different scenarios, and the user experience is just like browsing the backup using Outlook or the SharePoint management interface.  The restores are quick to get data back into production, and Veeam continues to improve their user experience.

Veeam is an excellent product and is extremely easy to set up to demo for yourself.  We rely on it in our data protection plan internally at High Point Networks, and will continue to recommend it as a primary backup solution to our customers.   Next, I’ll be answering “Why VMware?”