Requirements and Limitations

Important

Veeam offers experimental support for the Veeam Hardened Repository ISO. For more information, see this Knowledge Base article.

To be eligible for support, you must use an unmodified version of the Veeam Hardened Repository ISO on a machine that meets all the system requirements.

In addition to the general backup repository and hardened repository system requirements, the Veeam Hardened Repository ISO has specific requirements and limitations.

Requirements

The following requirements must be met:

  • UEFI secure boot must be enabled.
  • Third-party security software must not be installed on the server.
  • Any USB devices you intend to use must be connected before you start the installation. After the installation finishes, any new USB devices will be blocked by USBGuard. For more information about other limitations related to USB devices, see Limitations.
  • Only hardware RAID controllers must be used. Software RAID, Intel VMD VROC, and FakeRAID controllers are not supported.
  • RAID controllers must have write-back cache enabled.
  • The server must have at least two storage volumes:
  • A separate volume for the operating system (minimum 100GB).
  • At least one additional volume for data. All additional data volumes must be larger than the operating system volume.
  • All data volumes must have the same sector size.

Tip

It is strongly recommended that you use at least a dual parity RAID configuration.

  • Internal or direct attached storage volumes must be used.
  • For installations that use a remote console, the network connection must be at least 4Mbit/s.

Note

With a 4Mbit/s connection, the graphical installer will take approximately 10 minutes to load.

  • In addition to the standard set of ports that must be opened for a backup repository, an outgoing direct or HTTP proxy connection to repository.veeam.com on port 443 is also required for security and operating system updates. Without this connection, the GNU Privacy Guard (GPG) keys will eventually expire. Once these keys have expired, no further updates will be possible and a full re-installation of the operating system will be required.
  • To prevent unauthorized access or deletion of the hardened repository, the BMC (base management controller) port on your server hardware must be secured using appropriate measures such as firewalls and strong passwords.

Limitations

The solution has the following limitations: