The Only Ransomware Protection that runs on the Veeam® Windows Server

You need Blocky to stops ransomware attacks.  Add Blocky to your Veeam® for maximum protection of your backup data against malware and ransomware attacks. Blocky runs on the Windows VBS and hardens the Veeam® Backup Repository (VBR) without adding Linux or additional servers. 

No, Blocky does not require Linux. Blocky runs on the Veeam® Windows server. 

No! Blocky runs on the Veeam® Windows server.

Blocky is the only ransomware protection that runs on the Veeam® Windows server. Blocky transforms the Veeam® Windows repository into a WORM-only volume, and only trusted Veeam® processes can delete, encrypt, or modify backup data. Ransomware (malware) is blocked. Blocky automatically creates a fingerprint for each trusted Veeam process. Each write/delete process is verified to enforce that only Veeam® has full access to the critical backup data and to prevent corruption of backup data due to malware.

Blocky protects the ReFS and NTFS volumes on the Veeam® Backup Repository. Blocky can protect one or more on locations.

In the event of a malware attack, the backup will remain intact and the infected servers and data can be restored quickly.

The files from other backups, such as Veeam Backup Copy Jobs and Veeam Scale-Out Repositories, can also be protected with Blocky.

Blocky protects Windows NTFS or ReFS volumes that appear with a drive letter in the Windows Device Manager.

Network-attached storage (NAS devices) have their own security environment and, unfortunately, cannot be protected via Blocky.

Blocky is compatible with all current Veeam versions.

Blocky supports Windows Server 2012, 2016, 2019, and 2022.

Please note that only Windows Server operating systems are supported, and, for example, the protection function does not work under Windows 10.

Blocky for Veeam also securely protects the Windows volumes of the Veeam v12 repositories from encryption. When upgrading Veeam from a previous version, e.g. v9, v10 or v11, please carry out the following steps for Blocky:

• Temporarily deactivate Blocky Volume Protection before the Veeam update
• Activate the Blocky Protection again after the Veeam update
• Update the “Trusted Applications”:
  • Update of the fingerprints of the existing whitelist entries (right mouse button – update)
  • Add the application C: \ Windows \ Veeam \ Backup \ VeeamDeploymentSvc.exe to the Trusted Applications (add automatically or manually via “Whitelisting”)

Yes, these volumes must not be used by other applications, for example, as a cache, dump, or similar. This use is theoretically possible, but the function of the other applications cannot be guaranteed since the blocky whitelisting may not identify all DLLs belonging to the application and provide them with a fingerprint.

Both solutions offer immutability, but with key differences that impact your decision. Let’s break it down to help you choose the best fit for your needs. Click here to see the comparison.