🔄 Types of Backup by Location

Local (On-Premises) Backups

Backups stored within your office or facility.

•   External USB/Thunderbolt drives
•   Easy and cheap.
•   Risk: fire/theft/ransomware if always connected.
•   Network Attached Storage (NAS)
•   Can serve multiple machines.
•   Supports snapshots and automated schedules.
•   Risk: must be secured from ransomware via permissions or snapshots.
•   Dedicated Backup Servers
•   Full-featured systems running backup software (e.g. Veeam, Bacula).
•   May support disk rotation or replication.

Offsite (Remote Physical) Backups

Physical copies stored away from the main premises.

•   Rotated external drives
•   Manual but effective. Swap weekly and keep off-site (e.g. at home or in a fireproof safe).
•   RDX cartridges / LTO tapes
•   Enterprise-grade, durable and write-once (immune to ransomware).
•   More expensive, but secure and offline.

Cloud Backups

Backups sent via the internet to a third-party provider.

•   Cloud storage services (e.g. Backblaze B2, Wasabi, Amazon S3)
•   Can be used with backup software to push encrypted backups.
•   Set up retention, encryption, versioning.
•   Integrated backup platforms (e.g. Acronis, CrashPlan, MSP360, Veeam Cloud Connect)
•   Manage everything from scheduling to version control in one interface.
•   File sync services (e.g. OneDrive, Dropbox, Google Drive)
•   Not backups in themselves — unless versioning and archive modes are enabled.
•   Risk: synced ransomware-infected files can overwrite clean copies.

⚙️ Types of Backup by Method

Full Backup
• Everything is copied.
• Slowest and largest but easiest to restore.
Incremental Backup
• Only data changed since the last backup (any type) is stored.
• Efficient but restoration can be slower (requires chain).
Differential Backup
• Backs up all data changed since the last full backup.
• Faster restore than incremental, bigger than incremental.

🧯 Special Techniques for Ransomware Defence

•   Offline backups
•   Unplugged drives or media not accessible from the main system.
•   Immutable storage
•   Backups that cannot be deleted/overwritten for a set period (e.g. Wasabi, AWS S3 Object Lock).
•   Snapshots (ZFS, Btrfs, or NAS-specific)
•   File system-level, space-efficient, and instant rollback.
•   Schedule frequent snapshots and restrict deletion to root/admin.

August 2, 2025

🧠 Proxmox VE vs Other Hypervisors — Markdown Comparison

✅ Feature Comparison Table

Feature / Platform	Proxmox VE	VMware ESXi / vSphere	Microsoft Hyper-V	XCP-ng	Citrix XenServer (legacy)
Type	Open-source KVM + LXC stack	Proprietary + vCenter (paid)	Built into Windows Server	Open-source Xen-based	Proprietary Xen-based
License Cost	Free (sub optional)	[latex][/latex]$ (vSphere/ESS licences)	Free + Windows licensing	Free	EOL (Citrix Cloud now)
Web GUI (Local)	✔️ Yes (very good)	✔️ via vCenter (paid)	❌ (use Hyper-V Manager or RSAT)	✔️ Yes (XO Web UI)	✔️ XenCenter (Windows only)
Remote Console (HTML5)	✔️ Built-in	❌ ESXi free = no console	❌ RSAT only	✔️ via Xen Orchestra	❌ No web console
Guest Types	Linux, Windows, BSD, etc.	Linux, Windows, BSD, etc.	Windows, Linux	Linux, Windows, BSD	Legacy Windows, Linux
Windows RDP Support (Guest)	✔️ Full (via SPICE/VNC/RDP)	✔️ Full	✔️ Native	✔️ Full	✔️ Legacy
Snapshots (live)	✔️ Yes (qemu-img)	✔️ Yes	✔️ Yes (checkpoints)	✔️ Yes	✔️ Limited
Backups (live & scheduled)	✔️ Built-in (zstd, LZO)	Add-ons or vSphere required	Windows Server Backup only	✔️ Built-in (with XO)	✔️ Basic
VM Migration (live)	✔️ Clustered live migration	✔️ with vCenter (paid)	✔️ via Failover Clustering	✔️ Full (with shared storage)	✔️ but legacy
Container Support	✔️ LXC native	❌ None	❌ None	❌ None	❌ None
Storage Support	ZFS, LVM, Ceph, ext4, NFS	VMFS, NFS, vSAN	NTFS, ReFS, SMB, iSCSI	ZFS, NFS, iSCSI	LVM
Networking (vSwitch)	Linux bridges, OVS optional	vSwitch/vDS (advanced)	Hyper-V virtual switch	OVS or Linux bridges	OVS
Cluster Management	✔️ Yes (GUI + CLI)	✔️ via vCenter	✔️ via Failover Cluster Manager	✔️ Yes (XO + CLI)	✔️ via XenCenter
Cloud/Hybrid Integration	🔸 Limited (manual/cloud-init)	✔️ vSphere/VMware Cloud	✔️ Azure Stack HCI	🔸 Some via XOA plug-ins	❌ Deprecated
Ease of Use (Admin)	⭐ Very high (single GUI)	Moderate (requires vCenter)	Moderate	Moderate	Low (aging interface)

-–

🧠 TL;DR — Should You Use Proxmox VE?

Scenario	Verdict
Home lab or SMB with full control	✅ Ideal — Proxmox VE is fast, flexible, no licence cost
RDP server hosting with local failover	✅ Proxmox + local ZFS mirror + backups = stable
You want GUI-based live backup/snapshots	✅ Built-in with no extras required
You use Windows Server & Hyper-V already	🟡 Hyper-V may integrate better with existing tooling (but less pleasant)
You’re in a VMware-only enterprise	❌ Stay with ESXi if you have vCenter and DR plans
Want full open-source + API	✅ Proxmox or XCP-ng both excel — Proxmox has faster dev pace

-–

🔍 Feature Summary: Proxmox Strengths

🧩 Simple web GUI for everything
🔁 Live snapshot + backup + restore built-in
🔐 ZFS and native encryption support
🌐 Clustered HA & live migration
💸 No vendor lock-in, no licence enforcement
🖥️ Runs Windows Server 2025 RDP hosts perfectly (with VirtIO drivers, which we have)

August 1, 2025

Onprem - onsite

£4,906.44 exc vat from scan.co.uk (as at 1/8/2025)

Say 4 to 6gb ram per rdp user. Existing has 64gb and ten expected RDP users max, average 5.

🖥️ Core Server Platform

Component	Details
Chassis	Scan 3XS SER T1E Tower Server
Motherboard	ASRock GENOAD8X-2T/BCM (SP5, DDR5, 4× MCIO, 2× M.2, 2× 10GbE, 1× IPMI NIC) — `LN141489`
Power Supply	Corsair RM1000e, 1000W, 80+ Gold, Fully Modular, Zero-Fan — `LN154190`

-–

🧠 Processor & Memory

Component	Details
CPU	AMD EPYC 9354P, 32C/64T, 3.25GHz base, 3.8GHz turbo — `LN130697`
RAM	128 GB DDR5 ECC Registered (8×16 GB, 4800 MHz) — `LN133292`

-–

💾 Storage Configuration

Tier 1 — OS & Temporary Volume (RAID 1)

Component	Details
M.2 SSDs	2 × 1.92TB Micron 7450 PRO NVMe Gen4 x4 (22x110) — `LN143581`

Tier 2 — User Profile Storage (RAID 1)

Component	Details
2.5” U.3 SSDs	2 × 1.9TB Micron 7500 PRO U.3 NVMe (15 mm, Gen4 x4) — `LN148776`
RAID Controller	❌ Not required — motherboard supports direct U.3 via MCIO ports

-–

🌐 Networking

Feature	Details
Primary LAN	2 × 10GBASE-T (RJ45) — included onboard
IPMI NIC	1 × dedicated 1GbE — included onboard
Optional SFP+	Not selected — consider `LN55140` (Intel X520-DA2) if migrating to SFP+

-–

🎮 GPU

Component	Details
GPU	No GPU required — headless setup — `LN115474`

-–

🪪 Licensing

✅ Already Owned

Licence Type	Quantity	Purpose
RDS User CALs	50	Full Remote Desktop access

🛒 To Purchase Now

Licence Type	Quantity	Details	Code	Price
Windows Server 2025 CALs	2 × 5-pack	10 base User CALs to reach total of 20	`LN154299`	£431.98

-–

📌 Summary

Hardware: EPYC 9354P, 128 GB DDR5 ECC, high-end Micron NVMe/U.3 SSDs
Storage: RAID 1 for OS (M.2) and FSLogix/user data (U.3)
Networking: Dual 10GbE onboard + dedicated IPMI NIC
Licensing: 20/50 base User CALs after this order; RDS User CALs fully held
No RAID card or GPU required

-–

🛠 Optional Actions

Source MCIO-to-U.3/SFF-8654 cables for U.3 SSDs
Plan additional Windows Server CALs (30 more to match 50 RDS users)
Add Intel X520-DA2 NIC if migrating to SFP+ in next switch upgrade

Cost from https://secure.scan.co.uk/web/basket

Assumes existing license is transferable with RDP cals x 50

£5,887.73 inc vat = £4,906.44 exc vat

£431.98 10 user cals could be dropped for now ( £360 ex vat).

also consider co-location and rack version.

July 31, 2025

📚 Key Frameworks & Documentation on AI Transparency and Classification

• CLeAR Documentation Framework

Provides best practices for documenting AI systems in a comparable, legible, actionable, and robust manner. Supports user understanding of design intent, architecture, and limitations — fully aligned with your “tech mode” principle of source-grounded, tagged output.

• Explainable AI (XAI): Literature Survey

A comprehensive survey by Arrieta et al. describing taxonomy, methods, and design challenges for explainable AI. It emphasises clarity of inference, output interpretability, and the dangers of anthropomorphic outputs.

• GOV.UK / ICO Guidelines: Explaining Decisions Made With AI

Official UK government guidance offering practical advice on ensuring AI decisions can be explained clearly to users. Reinforces your preference that output should be understandable, accountable, and non-deceptive.

July 25, 2025

PBS is built precisely for this threat model.

If Proxmox Backup Server (PBS) itself remains uncompromised, it provides a strong line of defence against ransomware. Here’s why, and what to do to make it even more robust.

🛡️ Why PBS is Inherently Resilient to Ransomware

✔️ 1. Immutable backups

•   PBS stores backups as chunked, append-only objects in a deduplicated store.
•   Once a backup is written, it cannot be modified or deleted through the normal file system.
•   Deletes and pruning are only possible via PBS API calls, which require valid authentication.

✔️ 2. No writable filesystem

•   The PBS datastore isn’t exposed as a mountable filesystem to other systems — no Samba/NFS shares or iSCSI-style targets that a compromised VM could reach.
•   So malware on our Windows VM cannot reach the backup chunks.

✔️ 3. Access control is strict

•   All access (backup, restore, prune) goes through the PBS API, which is authenticated and role-restricted.
•   Without explicit credentials and permissions, nothing can be pruned or altered.

🚫 What Ransomware Cannot Do (Unless PBS is Hacked)

If only our Windows VMs or Proxmox VE host are compromised:

•   They cannot reach into PBS backup chunks directly
•   They cannot delete or encrypt the datastore
•   They cannot modify existing backups

Unless the attacker:

•   Gains PBS root access
•   Obtains valid backup prune credentials
•   Executes an API-based deletion

🔐 Additional Measures to Harden PBS

To make this near bulletproof:

✅ 1. Use strict PBS ACLs

•   For each VM’s backup group, assign:
•   Backup only: Datastore.Backup
•   Restore: Datastore.Read
•   Prune: only to trusted admin accounts

🔒 VMs themselves should never have permissions to prune or delete their own backups.

✅ 2. Use a separate PBS node (physical or VM)

•   Hosted on different hardware or virtualised host
•   Not managed from the same Proxmox cluster (if possible)
•   Isolated via firewall or VLAN if needed

✅ 3. Enable backup verification (integrity scans)

PBS can verify backups via:

proxmox-backup-client verify …

Or scheduled via the UI.

This ensures no silent corruption has occurred.

⸻

✅ 4. Replicate backups externally

As you’re planning: store long-term retention on external disks or remote PBS.

•   Disconnected or write-restricted storage
•   Air-gapped USB or cold storage rotation
•   Read-only remote PBS (via sync + strict roles)

⸻

✅ Summary

Scenario	Backups safe?
Windows VM infected with ransomware	✅ Yes
Proxmox VE host infected (not root)	✅ Yes
PBS API credentials leaked	⚠️ Maybe
PBS root access compromised	❌ No

So:

As long as PBS is isolated, authenticated, and unbreached, our backups are ransomware-resilient.

•   A checklist of ACL settings
•   Auto-verification schedules
•   Remote PBS sync setup guide

More details

📦 Proxmox Backup Server (PBS) — Ransomware Resilience Summary

This further document outlines the resilience of Proxmox Backup Server (PBS) against ransomware attacks under various threat scenarios. It assumes that PBS is properly configured and that basic access controls are enforced.

✅ Ransomware Protection Summary

Scenario	Backups safe?	Explanation
Windows VM infected with ransomware	✅ Yes	Backup storage is not exposed to the guest VM and cannot be accessed or modified from inside it.
Proxmox VE host infected (not root)	✅ Yes	Without root or backup privileges, the VE host cannot tamper with PBS storage or APIs.
PBS API credentials leaked	⚠️ Maybe	If the leaked credentials include prune/delete rights, backups may be deleted via the API. Use strict role separation.
PBS root access compromised	❌ No	If the PBS host is fully compromised, an attacker can delete or destroy all backup data. External replication is strongly recommended.

🔐 Best Practice Recommendations

1. Apply Role-Based Access Control (RBAC)

Use PBS roles such as:
Datastore.Backup — allow backing up only
Datastore.Read — allow restores but no deletion
Datastore.Admin — only for trusted administrators
Do not assign prune or delete permissions to users or automation that does not require it.

2. Isolate the PBS Host

Run PBS as a separate VM or physical host not part of the same cluster (if possible).
Use VLANs or firewall rules to restrict access to PBS ports and APIs.
Avoid managing PBS from the same place as Proxmox VE.

3. Use External or Offsite Replication

Add an external disk or remote PBS node for long-term backup retention.
Use PBS sync jobs to replicate selected snapshots offsite or to cold storage.
Rotate removable drives to air-gapped storage if needed.

4. Enable Scheduled Backup Verification

Use PBS’s built-in verification features to validate backup integrity.
Schedule checks via:
PBS GUI → Verify Task
Or CLI: proxmox-backup-client verify ...

5. Monitor Logs and Retention Policies

Regularly check logs for unexpected deletions or prune events.
Use retention policies to automate pruning but limit damage from accidental or malicious deletions.

🧠 Remember

Proxmox Backup Server provides immutable, append-only backup storage that is inherently safe from malware running on client machines. As long as PBS itself remains uncompromised, backups are highly resilient.

🔐 Defend PBS like our crown jewels — because once it’s breached, all protection collapses.

📎 Additional Resources

July 15, 2025

Major Differences — Structured Comparison

Clause

————————————————————–

July 15, 2025

← Newer Page 18 of 39 Older →