Veeam · Software · YoctoIT tech page

Backup cloud

Cloud-native protection of the IaaS workloads: orchestrated snapshots, out-of-account copies and single policies for the multicloud.

FOCUS · THE CLOUD DOESN'T SAVE ITSELFSnapshot ≠ backup: the copies out of the account, with retention and costs governed
YoctoIT material for clients and partners · Veeam, Kasten, Coveware and the other products mentioned are trademarks of Veeam Software.
01 · What it is

Backup per AWS, Azure e Google, made clear.

In the cloud too the shared responsibility applies: the deleted VM, the compromised account, the region in crisis — the native snapshots aren't enough (they live in the same account the attacker controls). Veeam orchestrates snapshots AND backups out of the account/region, with uniform policies on AWS, Azure and Google and the costs under control.

Fuori account
the copy in a separate account/tenant: the attacker can't reach it
3 cloud
AWS, Azure, GCP with the same policies: the multicloud without three methods
Cost-aware
snapshots vs backups by age: the protection at the right cost
Backup per AWS, Azure e Google
OFFICIAL VEEAM BRANDING · CLOUD BACKUP
CONSOLE REALE · VEEAM BACKUP FOR AWS · FONTE: VEEAM
REAL CONSOLE · VEEAM BACKUP FOR AWS · SOURCE: VEEAM
02 · How to use it well

The things that make the difference.

The model

VMs, disks, managed DBs in the cloudEC2, Azure VMs, RDS, SQL
Fast snapshots
Backup onto object
Cross-account copy
short RPO · retention · isolation
Centralized policies (VBR)one console, three clouds
Restores cross-region toorestart elsewhere, if needed
The shared responsibility, honored

A protection account

The landing dedicated to the copies, with separate accesses: the architecture before the policies.

Tiers by age

Snapshots for the first days, object storage after: the fast RPO without a bitter bill.

The managed database included

RDS and Azure SQL in the plan: the PaaS needs out-of-account copies too.

Unified with the rest

Cloud + on-prem in the same B&R console: a single protection model everywhere.

03 · In depth

AWS, Azure, Google: the native backup

Veeam Backup for AWS/Azure/Google uses the native snapshots and turns them into real backups: the policies orchestrate snapshots (fast, but in the same account: fragile) and backups onto object storage (out of the blast radius, compressed and deduplicated), the cross-account/cross-region separates the copy from the damage, the restores are file-level or whole instance, even toward on-prem VBR (and vice versa): the data's mobility between cloud and home.

  • Snapshot + backup — the fast one for the everyday, the real backup for the disaster
  • Cross-account — the copy in a separate account: the credential leak doesn't touch it
  • Object storage — compression and dedup on the blob/S3: the cost that goes down
  • Policy engine — tag-based: the new VM with the right tag is already protected
  • Portabilità — the restore toward on-prem or another cloud: the anti lock-in
  • IAM minimo — roles with least privilege: the backup isn't a backdoor
04 · Numbers and lifecycle

The numbers that matter.

3
the clouds covered natively
min
the RPO with orchestrated snapshots
-60%
the cost vs pure snapshots kept long
1
one VBR console for home and cloud
The cloud too must be protected for real: policies, separate accounts and object lock — the native backup, orchestrated by us.
05 · Use cases

Where it really pays off.

IaaS workloads

The cloud VMs protected like the ones at home.

Account compromise

The copy the attacker doesn't find within his reach.

Multicloud

Three clouds, one discipline.

The snapshot in the same account is an illusion of a backup: the real copy lives outside — we put it there.