In the first two parts of this series, we walked through the deployment of Veeam Software Appliance—from downloading the ISO and creating bootable media to automated installation, followed by initial TUI setup and basic management. Many of you have successfully gotten this “backup powerhouse” up and running.

But once the system is actually running, new questions arise:

• What new features does Veeam Software Appliance actually offer?
• How does this Linux-based Appliance differ from the previous Windows version?
• Should I use the WebUI or TUI console?
• How do I handle user management?
• What about upgrades and updates?

In this installment, we’ll tackle these most pressing questions, guiding you through Veeam Software Appliance’s new features and Appliance-specific management methods, while walking you through the use cases for both host console UIs. This will ensure you can use and manage your Appliance confidently after installation.

In our previous article, we introduced Veeam’s latest product releases, particularly the brand-new Veeam Software Appliance. Many of you might have grasped the concept but are still unsure about how to actually use, install, and configure it after downloading. Don’t worry - starting from this article, we’ll dive into hands-on implementation, guiding you step by step through the deployment and usage of Veeam Software Appliance.

Veeam officially provides two deployment methods for this Appliance: ISO image and OVA template. To avoid overwhelming you with too many options, this article will focus specifically on the ISO image method. Unlike our usual practice of “mounting an ISO file” within an operating system, this ISO is a complete system boot disk. You need to use it to boot your server or virtual machine, just like installing a new operating system on a fresh computer.

Introduction: The Background of Veeam Software Appliance

Yesterday, Veeam quietly launched a new product on their official website: Veeam Software Appliance. For many of us, Veeam has traditionally followed the Windows installer + manual configuration approach. This Software Appliance clearly takes a different path: both installation and security are pre-configured, significantly simplifying the onboarding process. For instance, it’s built on a pre-hardened Rocky Linux platform, comes with immutable storage, zero-trust access control, and automatic patching - eliminating the need to purchase Windows licenses or perform your own security hardening. You can deploy it directly using ISO or OVA formats, and it runs on virtual machines, physical servers, or in the cloud.

In the world of Kubernetes backup and recovery, security isn’t just a feature—it’s a foundation. Kasten K10 provides comprehensive security management capabilities, and one of its most powerful features is flexible user access management through OIDC (OpenID Connect) protocol integration. This means you can leverage your existing enterprise identity infrastructure rather than managing separate credentials.

Today, I want to walk you through integrating Kasten with Azure EntraID to enable multi-factor authentication (MFA) for the Kasten console. This isn’t just about adding another security layer; it’s about providing a seamless, enterprise-grade authentication experience that your Azure AD users are already familiar with.

Series Index

Data protection is more than just backup—it’s about securing your organization’s final line of defense. Veeam integrates security into every product detail through a zero-trust design philosophy. From the beginning of backup to the final step of recovery, Veeam continuously refines every feature to meet modern security requirements. This series covers new security features introduced in VDP v12, simple yet powerful capabilities that safeguard your data security.

• Part 1: Account-less and SSH service management for Linux backup agents
• Part 2: Using gMSA technology to manage Windows accounts
• Part 3: Four-Eyes Authorization: Dual control for backup system operations
• Part 4: Enabling Multi-Factor Authentication (MFA): Strengthening backup system account protection
• Part 5: Reducing network ports involved in backup operations
• Part 6: Using Syslog to manage logs in SIEM systems

Four-Eyes Authorization: Securing Veeam Backup Operations

In the digital age, data is the lifeblood of enterprises, making the security of backup and recovery operations particularly critical. A single misoperation or malicious act could lead to business interruption or data breaches. For this reason, Four-Eyes Authorization has gradually become an important strategy for organizations to protect their backup processes, building a solid security barrier for critical tasks through a dual-review mechanism.

Series Overview

Data protection isn’t just about backup—it’s about the last line of defense for enterprise security. Veeam integrates security into every detail of its products through a zero-trust design philosophy. From the start of backup to the final step of recovery, Veeam continuously refines every feature to meet modern security requirements. This series brings together new security tips introduced in VDP v12 and later versions—simple to implement yet powerful enough to safeguard your data security.