The Only Ransomware Protection that runs on the Windows Veeam® Server

Ransomware protection
for your Veeam® Windows Volumes
without adding extra servers,
specialized storage, or Linux.

Screenshot 2024-04-29 at 10.05.29 AM
Play Video
Screenshot 2024-04-29 at 10.04.26 AM
Play Video
Play Video

What is Blocky? Click to watch this video.

Why Blocky?

Reduced complexity
  • No additional servers or specialized storage
Optimize Veeam TCO
  • Runs on the Windows Veeam®
  • Easy deployment across multiple sites

Transform ReFS/NTFS into a hardened WORM repository.

  • Create A Zero-Trust Environment In Minutes
  • No Additional Hardware Needed 
  • Active Intrusion Detection Alerts
  • Event Management
  • Centralized Management 

Join the team, become a Blocky Partner

“Blocky is the perfect product to protect the Veeam repository from ransomware. Quick to install, inexpensive, and extremely effective.”

Jörg Vogel

Cristie Data
Blocky Partner

Protect Veeam® backups from ransomware attacks
- no Linux or additional hardware required.

Blocky is the only solution to harden Veeam® Windows repository without adding extra servers, specialized storage, or requiring Linux. Blocky installs on the Windows server to harden the NTFS and ReFS volumes. Blocky instantly transforms Veeam® into a hardened, zero-trust environment.  The Veeam® repository becomes a hardened, WORM-only volume, and only trusted Veeam processes can delete, encrypt, or modify backup data. Ransomware (malware) is blocked. 

Blocky 30-day free trial

  • No need for Linux or additional hardware 
  • Tamperproof Deactivation Protection
  • Active intrusion detection and event management
  • Deploys in minutes

Key facts and features


Have questions? We’re here to help!

You need Blocky to stops ransomware attacks.  Add Blocky to your Veeam® for maximum protection of your backup data against malware and ransomware attacks. Blocky runs on the Windows VBS and hardens the Veeam® Backup Repository (VBR) without adding Linux or additional servers. 

No, Blocky does not require Linux. Blocky runs on the Veeam® Windows server. 

No! Blocky runs on the Veeam® Windows server.

Blocky is the only ransomware protection that runs on the Veeam® Windows server. Blocky transforms the Veeam® Windows repository into a WORM-only volume, and only trusted Veeam® processes can delete, encrypt, or modify backup data. Ransomware (malware) is blocked. Blocky automatically creates a fingerprint for each trusted Veeam process. Each write/delete process is verified to enforce that only Veeam® has full access to the critical backup data and to prevent corruption of backup data due to malware.

Blocky protects the ReFS and NTFS volumes on the Veeam® Backup Repository. Blocky can protect one or more on locations.

In the event of a malware attack, the backup will remain intact and the infected servers and data can be restored quickly.

The files from other backups, such as Veeam Backup Copy Jobs and Veeam Scale-Out Repositories, can also be protected with Blocky.

Blocky protects Windows NTFS or ReFS volumes that appear with a drive letter in the Windows Device Manager.

Network-attached storage (NAS devices) have their own security environment and, unfortunately, cannot be protected via Blocky.

Blocky is compatible with all current Veeam versions.


Blocky supports Windows Server 2012, 2016, 2019, and 2022.

Please note that only Windows Server operating systems are supported, and, for example, the protection function does not work under Windows 10.

Blocky for Veeam also securely protects the Windows volumes of the Veeam v12 repositories from encryption. When upgrading Veeam from a previous version, e.g. v9, v10 or v11, please carry out the following steps for Blocky:

  • Temporarily deactivate Blocky Volume Protection before the Veeam update
  • Activate the Blocky Protection again after the Veeam update
  • Update the “Trusted Applications”:
    • Update of the fingerprints of the existing whitelist entries (right mouse button – update)
    • Add the application C: \ Windows \ Veeam \ Backup \ VeeamDeploymentSvc.exe to the Trusted Applications (add automatically or manually via “Whitelisting”)

Yes, these volumes must not be used by other applications, for example, as a cache, dump, or similar. This use is theoretically possible, but the function of the other applications cannot be guaranteed since the blocky whitelisting may not identify all DLLs belonging to the application and provide them with a fingerprint.

Both solutions offer immutability, but with key differences that impact your decision. Let’s break it down to help you choose the best fit for your needs. Click here to see the comparison.

Learn more about us

Blocky for Veeam® was developed by GRAU DATA, a leader in data protection software for over 20- years.



The latest news from our blog!