CC Certificate 

Security Target 

Validation Report 

Assurance Activity 

Administrative Guide: Veeam Backup and Replication v12 Common Criteria Evaluated Configuration Guide (CCECG) 

Administrative Guide: User Guide for VMware vSphere 

Administrative Guide: Quick Start Guide for VMware vSphere 

The Target of Evaluation (TOE) is Veeam Backup & Replication v12. The TOE provides cloud, virtual and physical backup and recovery options as well as image-based virtual machine (VM) replication from a VM or backup for a wide range of systems and clouds including:

•                     Physical: Windows, Linux, MacOS, and NAS.

•                     Virtual: VMware vSphere, Microsoft Hyper-V, and Nutanix AHV.

•                     Cloud: AWS EC2 instance, Microsoft Azure, Office 365, IBM Cloud, and Google Cloud.

VBR backup is performed by VBR by retrieving VM data from the source storage, compressing it, and deduplicating it. VBR then writes data to the Backup Repository in Veeam proprietary format. Administrators have the option to perform the following:

•                     Full back up file (.VBK) that contains a copy of the entire VM.

•                     Incremental backup file (.VIB or .VRB) that contains only those data blocks that have changed since the last backup job.

•                     Metadata file (.VBM) that contains information on the backup job, VMs in the backup, number of structures of backup files, and restore points.

VBR supports a Backup Copy function that enables an Administrator to create several instances of the same backup data in different locations.

Restore performs restore from backup files to the original or a new location. Veeam VBR offers recovery options for various disaster recovery scenarios including Instant Recovery, image-level restore, file-level restore, and restore of application items.

Replication is when VBR creates the exact copy of the VM in the native VMware vSphere format on a spare ESXi host and keeps this copy synchronized with the original VM. Replication provides the best recovery time objective (RTO) values and is recommended for VMs running critical applications. VBR supports both onsite replication and offsite replication.

VBR includes Continuous Data Protection (CDP), a replication technology that helps protect mission critical VMs and reach recovery point objective (RPO) up to seconds. CDP also provides minimum recovery time objective (RTO) in case a disaster strikes because VM replicas are in a ready-to-start state.

Veeam Backup & Replication v12 is a software application. In its evaluated configuration, it is installed on an instance of Microsoft Windows Server 2019 executing on an x86-64 processor with the following additional software components: PostgreSQL database; Microsoft .NET Framework 4.7.2; Windows Installer 4.5; and Microsoft Windows PowerShell 5.1.

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme for the Protection Profile for Application Software, Version 1.4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 release 5. The product, when delivered and configured as identified in the guidance documentation, satisfies all of the security functional requirements stated in the Veeam Backup & Replication v12 Security Target, Version 1.6, 9 July 2023. The evaluation was completed in August 2023. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11307-2023) prepared by CCEVS.

Cryptographic Support

The TOE invokes platform-provided cryptography to protect data at rest. The TOE invokes the Data Protection API (DPAPI) to store configuration data, job data, and session data and relies on BitLocker to protect backup files and metadata stored in non-volatile memory.

User Data Protection

The TOE accesses the minimum amount of Windows Server hardware and data in order to perform its function. The TOE stores database connectivity information in the Windows Registry and stores other TOE configuration information in the PostgreSQL database.

Security Management

Both the TOE binary components themselves and the configuration settings they use are stored in locations recommended for Microsoft Windows Server.

The TOE includes a console user interface (UI). Users must login to Windows and have permissions to access the UI in order to access the TOE.

Administrators use the console UI to configure the backup tasks to be performed by the TOE.

Privacy

The TOE does not process any personally identifiable information (PII).

Protection of the TSF

The TOE enforces various mechanisms to prevent itself from being used as an attack vector to its Windows platform. The TOE implements address space layout randomization (ASLR), does not allocate any memory with both write and execute permissions, does not write user-modifiable files to directories that contain executable files, is compiled using stack overflow protection, and is compatible with the Windows Defender security features of its host platform.

The TOE contains libraries and invokes system APIs that are well known and explicitly identified.

The TOE has a mechanism to display its current software version.  The TOE can be used to determine if software updates for it are available.  If so, an administrator uses out of band mechanisms to acquire, validate, and install the update securely.

The TOE developer provides a secure mechanism for receiving reports of security flaws.   Product vulnerabilities are tracked and addressed, and software updates are securely distributed to customers in a timely manner.

Trusted Path/Channels

The TOE developer provides a secure mechanism for receiving reports of security flaws.   Product vulnerabilities are tracked and addressed, and software updates are securely distributed to customers in a timely manner.

Vendor Information