https://www.sikich.com

Veeam 12 and Azure Blob Immutable Storage for Backups

Joe Gehrke

Sep 21 2023

2 min read

Veeam 12 now has Immutable Storage using Microsoft Azure Blob. This feature ensures data integrity with immutability options for on-premises backups that are tiered or written directly to Azure Blob Storage. Immutability can be used only with new storage account containers and cannot be used with existing backup data where immutability was not applied previously.

The path to properly create the Azure Storage Account and Container to utilize immutability was somewhat obscure. Here’s what we discovered and how we’re deploying it today.

How to Deploy Immutable Backups in Veeam 12

Create an Azure subscription if you don’t already have one.

Create a Storage Account. You’ll need to select a resource group, name the storage account, and select a region. Set performance to “Standard” and redundancy to “Locally redundant.” Under Advanced, set the access tier to “Hot.” For Networking, set network connectivity to “Enable public access from all networks” and for routing preference, choose “Microsoft network routing.”

Under data protection, uncheck all Soft Delete boxes (blobs, containers, and file shares). Check “Enable versioning for blobs” and ensure “Enabled version-level immutability support” is NOT checked. Keep the Encryption defaults and the Tag defaults and click Create.

Once the Storage Account is created, set “Blob public access” to Disabled and create a container. Give the container a name and set the “Public Access Level” to “Private.” Under Advanced, check “Enable version-level immutability support” and complete the creation of the container.

After the Container is created, go to Security + Netwoking, Access Keys and copy the key1 key. You’ll need this key to add the backup repository in the Veeam console.

By following the instructions above, you can create and configure an Azure Storage Account and Container to support immutable Azure backups using Veeam. For more information or assistance, please reach out to Sikich LLP’s IT Solutions team.

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. In addition, this publication may contain certain content generated by an artificial intelligence (AI) language model. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

About the Author

Joe Gehrke

Joe has over 13 years of experience working in the IT industry. He started my career in a small computer repair shop and continued to evolve his skills to take on new responsibilities as a Help Desk Administrator, Systems Administrator, and at his current role as a Senior Network Consultant in Sikich’s Network Operation’s Center. He has certifications from VMware, Microsoft, and SonicWall.