NetBackup Connector

Why This Matters

Backups are often considered the last line of defense, but ransomware actors know this and frequently target backup servers, catalog data, recovery points, and shadow copies. If a backup chain is silently encrypted or tampered with, it cannot be trusted during a recovery. Job completion and immutability settings show that backups ran, but they do not confirm that the data inside is clean.

Elastio fills this gap by providing continuous, behavioral ransomware inspection for your Veritas NetBackup workloads. The integration gives you an automated control that verifies whether each backup is recoverable, clean, and safe to restore. This strengthens incident response preparedness, simplifies audit processes, and improves confidence in your disaster recovery posture.

Key Capabilities

Native Integration with Veritas NetBackup

• Works directly with the NetBackup Backup Server using authenticated API access.
• Fully supported for on-premises environments through the Elastio Worker VM or Elastio Cluster.

Behavioral Ransomware Scanning of Backups

• Scheduled or on-demand inspections of backup data.
• Detects encryption activity, malware indicators, insider-driven data manipulation, and corruption that traditional backup checks miss.

Identification of Clean Recovery Points

• Elastio determines the last known clean backup set for each asset.
• Eliminates guesswork and dramatically accelerates recovery during ransomware events.

Compliance and Risk Visibility

• Track which backup sets are validated, clean, misconfigured, or require investigation.
• Helps satisfy internal governance, cyber insurance reviews, and regulatory reporting.

Seamless Fit with Existing Veritas Workflows

• Elastio automatically scans after Veritas backup jobs are completed.
• No changes needed to backup schedules or NetBackup policies.

How It Works (High-Level Architecture)

1. Veritas NetBackup executes backup jobs as usual.
2. The Elastio Worker VM or cluster connects to the NetBackup Backup Server through its native APIs and identifies completed backup sets.
3. Elastio mounts the relevant recovery points without rehydrating data, ensuring efficient and scalable inspection.
4. Elastio runs its behavioral ransomware engine on the mounted data, detecting signs of encryption, tampering, malware, or suspicious activity.
5. Results are sent to the Elastio console, your SIEM, and reporting dashboards. Backups are marked as Clean or High Risk.
6. Your SOC, IR, or DR team uses the verified clean recovery point information to guide safe restorations and perform forensic analysis when needed.

Elastio also offers advanced threat hunting capabilities and access to incident response specialists for detailed investigations.

Deployment Scenarios and Use Cases

Hybrid and On-Premises Veritas Environments

Ideal for organizations running NetBackup on dedicated infrastructure. Elastio provides an ongoing view of backup health and recovery readiness.

Highly Regulated Industries

Financial services, healthcare, and government organizations benefit from auditable proof that backup data is free from ransomware and safe to restore.

Ransomware Incident Preparedness

During an attack, recovery speed determines impact. Elastio pinpoints the cleanest possible recovery point, avoiding delays caused by scanning multiple backups or restoring contaminated data.

Disaster Recovery Modernization

Elastio strengthens existing Veritas deployments with continuous assurance rather than relying solely on point-in-time checks or manual verifications.

Setup and Prerequisites

NetBackup Requirements

• A NetBackup user with the Administrator role for API operations.
• Network connectivity between the Elastio Worker VM and the NetBackup Backup Server.

Elastio Worker VM or Cluster Requirements

• Minimum VM spec: 4 vCPUs, 16 GB RAM, 100 GB storage.
• Supported hypervisors: VMware vSphere.
• Static IP configuration and access to required outbound endpoints.

Deployment Steps

1. Deploy the Elastio Worker VM or cluster using the provided OVA or CloudFormation templates.
2. Configure network settings, static IPs, DNS, and required ports.
3. Initialize the Elastio console and cluster with Veritas as the selected vendor.
4. Provide AWS credentials and NetBackup access keys during setup.
5. Create scanning plans that define included assets, schedules, scan types, and retention rules.
6. Monitor scan queues, performance metrics, and results through Grafana and the Elastio console.

Why Elastio vs Traditional Backup Validation

Backup job logs and immutability settings confirm that backups exist, but they do not protect against:

• Malicious encryption hidden in the dataset
• Tampered or corrupted recovery points
• Insider attacks that bypass perimeter defenses
• Stealthy malware embedded in backup files

Elastio adds a behavioral ransomware detection layer to every Veritas backup, providing verifiable proof of which recovery points are clean, safe, and ready for restoration.

This reduces downtime, eliminates guesswork, and dramatically improves recovery confidence during ransomware events.