I was genuinely excited from this year’s VeeamON, and I think their customers should be excited too – and their competitors worried. Teaser: Veeam on Linux without needing to know Linux. Let me explain.
A Little Background
First let me say I don’t generally get excited at vendor tech conferences. In fact, I can remember only a few times in history when I walked away from a vendor’s tech conference excited at the prospect of what the company was releasing. I’ve been around a while, so I remember new innovations like WORM tape, encrypted tape, VMware VADP, CDP, and (of course) deduplication. I can also remember the first time I saw what “the cloud” brought to the table.
I will also say I’ve been hard on Veeam over the years. I wasn’t a fan of their early “VMware-only” approach, VMware support in more generalized products was good enough – and I was definitely NOT a fan of having multiple backup products if you could avoid it. Fast forward a number of years and now Veeam is the generalized backup product that handles just about everything, so good for them.
I also became concerned about their reliance on Windows, an around 10 years ago I said it was their Achilles heel. Ransomware was beginning to take over every conversation, and the bad actors that knew what they were doing were going straight at the Veeam server. If you followed Veeam’s (and my) advice on how to properly configure things, your risk was much lower – but many customers did not do that. This is why I said they needed a Linux option.
Two years ago they added the Linux Hardened Repository, and I interviewed Dave Russell and Rick Vanover on the podcast about it. At the time I said it was better than using a Windows server to store your backups, but it could be better. I didn’t like how someone with root could defeat the immutability feature by simply turning it off.
Finally, last year they announced they were going to support a Linux version of Veeam Backup & Recovery, but the customer response for both this and the hardened repository was mixed. Windows-centric shops were worried about the complexity of learning and managing Linux. Speaking as a long-time UNIX and Linux person, they’re not wrong.
VeeamOn 2025 Announcements
Imagine my surprise and excitement when Anton Gostev announced the Veeam Linux “Appliance.” (In true Veeam fashion, this “appliance” is simply software that you can install on hardware of your choice – so the name is Veeam Software Appliance.) It can be installed as a VM or on bare metal, and it can be anything you need it to be in the Veeam world, including the main Veeam Backup & Replication server, a repository, a proxy, etc. This will make it so much easier for Veeam customers to configure and deploy a fully secure Veeam environment. (Something they didn’t mention is that it also lowers your Windows Server licensing costs.) Veeam also demonstrated an HA feature that automatically synchronizes a second Veeam server and allows you to switch over to it when your main server is down – this feature requires Veeam on Linux.
They checked all the security boxes. It will use the Just Enough Operating System paradigm, and everything not necessary to do its job will be removed. It will come preconfigured in a secure manner, such as MFA enabled by default, and automated updates. Anton says you will not need to know Linux to administer it, any more than you need to know Linux to manage an Android phone – which are all running Linux. No one will have root, but there will be a four-eyes type setup where a backup admin can request root access for a period of time, which will then need to be approved by a security officer. Techzine did a very long writeup on it that you can read if you’re interested – and you should be interested.
It’s in Beta right now, but my opinion is that every Veeam customer should convert to this appliance when it comes out. You get improved, automatically managed security, and you get access to the new HA feature. If you want to stay on Windows, please at least use the appliance for the hardened repository, or install Blocky for Veeam, which is the only Ransomware protection that runs on the Veeam Windows backup server. (It allows only Veeam to write to your storage.)
Veeam demo’d V13, which comes with important security features like SAML integration and much more granular role based access control (RBAC). I especially liked how I could limit someone to only restoring back to the original location, or other preconfigured locations. There’s also a web-based console, which a lot of people were asking for, which includes dark mode.
Veaam also demo’d instant recovery in Azure of any image-based backup. If you’re using Veeam Vault, you can restore any windows or linux machine in roughly five minutes, without paying any egress costs. (You can do this without the Veeam Vault, but you’ll be paying egress and performance might not be the same.) I also learned that Veeam Vault is the fastest-growing project in the history of the company, now eclipsing the formerly fastest-growing product, which was Veeam Data Cloud.
The other thing that was very interesting was the Data Resiliency Maturity Model, or DRMM. Veeam worked with McKinsey and an MIT professor to create it, and they interviewed 500+ decision makers and worked on this for quite a while. The model allows you to answer a few questions about yourself, and see where you are on that maturity scale.
Final Thoughts
I’ll say it again: every Veeam customer needs this appliance when it comes out. Every single one. I can think of no downsides. Any concerns about Linux complexity are gone, and all concerns about backup server vulnerabilities are also gone with those automatic updates.
I remember telling Dave Russel and Rick Vanover that I know I’ve been hard on Veeam for a while now, but that they have finally addressed all my security concerns. This show left me genuinely excited for the future for Veeam, its customers, and its resellers and MSPs.
Written by W. Curtis Preston (@wcpreston), four-time O'Reilly author, and host of The Backup Wrap-up podcast. I am now the Technology Evangelist at S2|DATA, which helps companies manage their legacy data
