3.3 Veeam Cloud Connect Backup deployment

Once VLANs and subnets are created, and the firewalls are in place to protect communications between the different security zones, it’s time to deploy the different servers needed and suggested to build the complete Veeam Cloud Connect Backup environment.

This is the schema of the servers:

Cloud Connect Backup servers details

3.3: Cloud Connect Backup servers details

Active Directory

The internal domain is named cloudconnect.local and is managed by two domain controllers:

server name dc1.cloudconnect.local
IP Address
Operating System Windows Server 2019
Installed roles AD, DNS, Global Catalog, FMSO roles
vCPU 2
RAM 4 Gb
Disk 40 Gb
server name dc2.cloudconnect.local
IP Address
Operating System Windows Server 2019
Installed roles AD, DNS, Global Catalog
vCPU 2
RAM 4 Gb
Disk 40 Gb

Active Directory should use the latest Windows Server level and be configured with no backward compatibility with older domain controllers. As the domain controllers for Cloud Connect are not designed to be used by other services, but deployed specifically for this service, there should be no problem in doing so. This allows you to reach an additional level of security. and are also the DNS servers to be configured in all other servers of the Veeam Cloud Connect infrastructure. For those servers that will use local authentication, DNS records should be configured manually.

Veeam management servers

In previous versions of this book, I used to suggest the installation of Veeam Enterprise Manager. This has two goals:

  • expose the RESTful API for automation
  • install the Cloud Connect Portal for accessing and executing Failover Plans

Since the release of Veeam Service Provider Console (VSPC), both these two capabilities are available in the console, together with many more amazing features. So, we now suggest to install directly VSPC and manage Veeam Cloud Connect through it.

server name vbr.cloudconnect.local
IP Address
Operating System Windows Server 2019
Installed components Veeam Backup & Replication
vCPU 4
RAM 8 Gb
Disk 80 Gb

This server holds the installation of Veeam Backup & Replication. In a Veeam Cloud Connect infrastructure, this server is the central location for daily activities, unless VSPC is used.

The installation has no specific requirements, and you can follow the default wizard from start to finish. A dedicated Microsoft SQL Server 2012 Express is installed locally as part of the installation wizard, and the Veeam Backup & Replication server itself will use it. In production environment, we suggest to upgrade the installation to at least a Standard edition of SQL.

During the component selection, a service provider should also choose to install the optional PowerShell SDK: Cloud Connect can be heavily automated via RESTful API or PowerShell, so having both available is a good choice.

Once the setup is completed and the license to enable Veeam Cloud Connect is installed, the initial management interface can be reached by opening the Veeam console and selecting the node Cloud Connect:

Veeam Cloud Connect start screen

3.5: Veeam Cloud Connect start screen

From here, the required steps to have a fully functional Veeam Cloud Connect Backup infrastructure are:

  1. Create and install a proper certificate (see Appendix A)
  2. Deploy and configure the required cloud gateways
  3. Deploy and configure the optional WAN accelerators
  4. Deploy and configure at least one backup repository

Once all the configurations steps are completed, a service provider will be able to create and manage users/tenants.