Explanation
The assumption that can be made for the conceptual design is that Veeam Agent backups of sale staff laptops should be managed by the backup server. This assumption is based on the best practice and recommendation for using Veeam Backup & Replication. Veeam Agent backups of sale staff laptops should be managed by the backup server to enable centralized management, monitoring, and reporting of all agent-based backups. This can also simplify the backup configuration, scheduling, and retention for the laptop agents.

Explanation
The additional Veeam capabilities that must be included in the conceptual design for gold level systems are SureBackup and Secure Restore. SureBackup is a feature that allows you to automatically verify the recoverability of your backups by running them in an isolated virtual lab. This can help you meet the requirement of testing the gold tier backups to verify recoverability. Secure Restore is a feature that allows you to scan your backups for malware before restoring them to the production environment. This can help you meet the requirement of scanning all backups for malware before restoring.
References: [SureBackup], [Secure Restore]

Explanation
The information that is missing from discovery is what the available bandwidth is between Fresno and Carson City. This information is important for designing and sizing the backup copy jobs that need to run daily between the two sites. The available bandwidth can affect the backup copy performance, duration, and size.
For example, you can use the available bandwidth to estimate how much data can be transferred between the sites within the backup copy window. You can also use theavailable bandwidth to determine whether you need to use compression, deduplication, or WAN acceleration to optimize the backup copy traffic.

Explanation
The reason that justifies the decision to separate out proxies for gold tier and silver/bronze tier is that gold tier virtual machines run frequently and should not share resources with lower priority virtual machines. This is because gold tier virtual machines have a high RPO of one hour or less, which means that they need to run backup jobs more often than silver/bronze tier virtual machines. Therefore, they should have dedicated proxies that can process their data without competing with other backup jobs for proxy resources. This can improve backup performance, reliability, and scalability for gold tier virtual machines.

Explanation
To design a solution that meets the needs and requirements of Veeam University Hospital, you need to conduct a thorough analysis on the areas mentioned in the case study. This will help you to understand the current state of the environment, the goals and expectations of the stakeholders, and the constraints and challenges of the project.
According to the case study, some of the areas that would benefit from additional analysis are:
*NAS. This area would benefit from additional analysis because NAS systems are used to store confidential patient data as unstructured data, which need to be backed up consistently and securely. You need to collect more information about the characteristics and performance of the NAS systems, such as the size and type of data, the number and distribution of files, the largest file size, the version of SMB protocol, the deduplication and compression ratios, etc. This will help you to design a solution that can meet the backup and recovery objectives, as well as the regulatory and security requirements, for the NAS data.
*PostgreSQL. This area would benefit from additional analysis because PostgreSQL databases are used by some of the departments, with a mix of virtual and physical deployments. You need to collect more information about the configuration and performance of the PostgreSQL databases, such as the version and edition, the operating system and platform, the backup and restore methods and tools, the consistency and integrity requirements, etc. This will help you to design a solution that can support and integrate with PostgreSQL databases, as well as provide consistent and reliable backups and restores.
*OneDrive. This area would benefit from additional analysis because OneDrive is used by all doctor and lab staff to store their user data on their laptops, which also need to be backed up. You need to collect more information about the usage and performance of OneDrive, such as the number and size of files, the synchronization frequency and settings, the authentication and authorization methods, etc. This will help you to design a solution that can protect and recover OneDrive data, as well as exclude any operating system or personal files from backup.
Topic 2, Veeam Life and Indemnity
Executive Summary:
Veeam Life and Indemnity is expanding its existing Veeam backup infrastructure to protect additional virtual machines, physical server and NAS workloads at their Fresno, CA and Carson City, NY data centers.
The original installation and configuration of Veeam software occurred two years ago. Since the installation, the organization has grown, and as a result, the Veeam Infrastructure needs to be resized to accommodate the existing and new workloads.
For the past three months, Veeam Life and Indemnity has noticed that they are having issues with backups completing within the allotted backup window. Only 40% of backup jobs complete successfully, so they have broken the backups into two sets, and they run them on alternating days. They have also stopped all backups for their development environment.
In addition, the original configuration required a daily backup copy job, but to the issue with backups completing, this has been modified to run only on Sundays.
They have also noticed a degradation in storage performance and are having to purchase new storage on a quarterly basis to accommodate data growth.
Solution Concept:
Veeam Life and Indemnity is upgrading Veeam Backup & Replication to the last version. They are also replacing all legacy physical hardware and storage with current generation equipment. Veeam Life and Indemnity wants to be able to ensure that all backups, including production and dev test workloads, can run every night and that all backups complete within the required backup window. In addition, Veeam Life and Indemnity would like to run daily copy jobs to ensure that a copy of all backed up data resides at both physical sites.
Veeam Life and Indemnity has also expressed concern about the threat of ransomware. They have not experienced a data breach of any kind but would like to ensure the ability of recover should one occur.
Existing Technical Environment:
Veeam Life and Indemnity has VMware clusters in all locations. These clusters are broken into two categories:
general use virtual workloads, and application specific workloads, such as MSSQL and Oracle.
All customer data is subject to government regulation and must be kept secure at all times.
Veeam Life and Indemnity has a proprietary CRM system that must be quiesced prior to backup.
All email is hosted in Office 365.
All database servers are virtualized.
All virtual machines are categorized as either gold, silver, or bronze, with different service-level agreements based on tier.
All backups currently encrypted in flight and at rest.
Internet connectivity at both sites is current 1 Gbps, with plans to increase to 2 Gbps soon.
All field sales reps are assigned a company laptop that runs a CRM client.
The LAN at each location supports up to 40 Gbps bandwidth.
All backups are currently written to Scaled-out Backup Repositories with each extent residing on a CIFS share.
Each department has its own vLAN, with a total of 30 vLANs for production traffic.
A single management vLAN is stretched between sites.
All unstructured data resides either on 10 NFS shares on the company's incumbent NAS devices, or Windows file servers as file shares.
VMware uses vSAN for VM datastores.
All vLAN must traverse a firewall to communicate, and the backup network itself is no routable.
All network traffic between clusters is required to traverse a firewall.
The firewall devices can support up to 20 Gbps.
Business Requirements:
Due to limited manpower, all backups should be dynamically scope.
All backups must be copied across site outside of the current backup window to avoid any backup performance issues.
Due to the sensitivity of customer data, tier 1 helpdesk personnel must not be able to access these backups.
They should have access to restore non-customer data.
Backup administrators are subject toa rigorous background check and should be the only staff able to perform restores of confidential customer data.
For any legal issues, fast and timely discovery from backup data should be supported.
For security purposes, all storage should be hardened to prevent data breaches.
Remote sales staff should have the ability to start a backup oh their devices.
Due to regulatory requirements, audits must be performed periodically to ensure successful and consistent backups, as well adherence to security policies.
Technical Requirements:
All backups must complete within the hours of 5 p.m. to 8 a.m. local time Backup copy jobs must successfully complete daily outside of the backup window.
Gold tier virtual machines have a recovery point objective of the one hour for image backup, and 15 minutes for traction log backup, with a recovery time objective of four hours.
Silver tier virtual machines have a recovery point objective of 24 hours, with a recovery time objective of eight hours.
Bronze tier virtual machines have a recovery point objective of seven days, with no defined recovery time objective.
NAS devices and file servers have a recovery point objective of four hours, with no specified recovery time objective.
Eight weekly backup, three monthly backups, and seven yearly backups should be retained for regulatory requirements.
All data must be encrypted in flight and rest.
Alternative decryption capabilities on encrypted backups must be possible in the event of lost passwords.
Role Based Access Control must be used to prevent unauthorized access to backup data.
New storage must be hardened to prevent intrusion, and if possible, the data written must be unchangeable to prevent ransomware attacks.
All backups must be scanned prior to any restore operations for malware.
All gold level systems must have a custom script run before restore to ensure compliance to specific legal statutes.
Gold tier backups must be tested to verify recoverability.
Only silver tier systems should be indexed during backups, with the exception of laptops belonging to the sales field.
All personal files on laptops should be excluded from backup
All MSSQL server backups should exclude the H: drive.