Calculation Method for Data Center Resources – Power, Cooling, and Capacity Planning

I'm often asked at work, "How effective is your backup software's deduplication? How much space does the backup data take up?" Honestly, in terms of effectiveness, this is often directly related to the type of data and how it's stored. Different methods and different types of equipment can produce vastly different results, so this question is honestly very difficult to answer in a single sentence. However, no matter what, backup data requires disk space for storage, and during the design phase of a backup project, the capacity of the backup repository must be designed. This design is usually directly related to the user's storage costs, storage efficiency, and backup availability, making it a critical part of the backup project. Designing the storage capacity and bandwidth as accurately as possible is directly related to the success or failure of the project.

Introduction

Data centers are the backbone of modern IT, but managing resources like power, cooling, and capacity requires precise calculations. Without proper planning, businesses risk downtime, inefficiency, and high costs.

This guide explains the calculation methods for data center resources, helping IT administrators achieve the right balance between performance, efficiency, and scalability.

Here, I will use a typical virtualized environment as an example to illustrate how this calculation should be performed.

Environment information:

ESXi Hosts: 25

VMs: 500

Average disk capacity per VM: 200GB

Total Datastore used capacity: 100TB

Bandwidth Design

Typically, the backup process involves two modes: full backup and incremental backup. Generally, the first backup is a full backup, which transfers all data from the virtualized environment to the backup storage device, so the amount of data transferred is almost the entire used capacity of the Datastore. All subsequent transfers are incremental backups, transferring the amount of changed data in the virtualized environment, commonly the daily change rate. For this article, we will temporarily use the daily change rate as the unit for calculation.

In each environment, the daily change rate can be obtained from the Veeam ONE change assessment report, which provides a relatively accurate value. I will assume this change rate is 7%. So we get the following values:

Initial transfer data volume: 100TB

Daily incremental transfer data volume: 7TB

After enabling optimized compression and deduplication, assuming it achieves a conventional effect, the actual data transferred is 50% of the Datastore capacity:

Actual initial transfer data volume: 50TB

Actual daily transfer data volume: 3.5TB

Therefore, the required bandwidth is calculated as follows. Assuming for the initial transfer, we can run a continuous transfer for 24 hours on Saturday, and subsequent incremental backups are performed during daily business idle hours from 8:00 PM to 6:00 AM. After accounting for the basic configuration time of the backup job, we estimate that the actual data transfer time is about 80% of the total time. So, out of a 10-hour backup window, 2 hours are for basic backup configuration and waiting, and 8 hours are for actual data transfer. A simple calculation example is as follows:

Full backup required bandwidth: 50 * 1024 * 8 / (24 * 3600 * 80%) = 5.93 Gbps (1 GB/s = 8 Gbps)

Incremental backup required bandwidth: 3.5 * 1024 * 8 / (10 * 3600 * 80%) = 1 Gbps (1 GB/s = 8 Gbps)

From the above, we can see a general picture. The read/write throughput on the network and disks can be planned according to this data, configuring the appropriate number of NICs/HBAs to achieve the required backup throughput.

Capacity Design

Depending on the backup mode, capacity design is easiest to calculate when the data storage has no deduplication technology. The following will use the most common conventional incremental backup as an example to explain the calculation method, which is also a relatively simple calculation.

Keep at least 14 backup copies, perform one full backup per week, and perform one incremental backup per day.

Per week: Full backup 50TB * 1, Incremental backup 3.5TB * 6, Total: 71TB

Per month: 4 Weeks, Total: 71TB * 4 = 281TB

Considering an additional 15% cache-free capacity, the total estimated capacity is: 326.6TB

This is the conventional way to design backup capacity. Here, I also have an excellent tool to recommend: the Veeam Backup Repository Capacity Calculator, created by Veeam. This tool offers more comprehensive and detailed calculation methods, allowing you to input more data based on actual situations. The Veeam calculators online tool address is as follows:

https://www.veeam.com/calculators/simple/vbr/machines/vm

👉 Related reading: How to Solve the Problem of ESXi 7.0 System Storage Occupying Space

Secure Veeam Backup & Replication Login v13– Complete Guide to VBR Authentication

Secure Veeam Backup & Replication Login – Complete Guide to VBR Authentication

Introduction

Among the new features in v13, the most important are the security enhancements. Starting from this installment, I will provide a detailed introduction to the new security functions launched in v13 through practical application examples.

As cyberattacks and ransomware threats increase, securing Veeam Backup & Replication (VBR) login is more important than ever. VBR is often the last line of defense for enterprise data, making it a prime target for hackers.

This guide provides a step-by-step approach to securing VBR authentication, including multi-factor authentication (MFA), account protection, and best practices to prevent unauthorized access.

Today, let's start with identity authentication. In enterprise backup architectures, the security of management console accounts and access governance is crucial. Veeam Backup & Replication (VBR) now supports SAML-based single sign-on (SSO) in v13, which means you can centralize identity authentication to your organization's existing identity provider (IdP)—such as Azure EntraID. Through SAML integration, you can manage VBR logins alongside your company's account lifecycle, group policies, MFA, and auditing: operations become clearer, permission revocation is more timely, and higher compliance is achieved. This article uses Azure EntraID as an example to show you the specific methods for this integration in detail. For other similar solutions, such as Authing domestically or Okta and Auth0 internationally, you can try them yourself, following the Azure method.

Configuration Prerequisites

The prerequisites for configuring and using SAML integration are very simple; just install VBR using the latest Veeam Software Appliance. Of course, because network services are involved, there are still some necessary conditions for configuring SSO:

The VBR server must be able to access Azure EntraID's relevant endpoints.

Time synchronization: NTP servers must be correctly configured on VBR, and the time cannot be out of sync. SAML is timestamp-based, and authentication will fail if there is a deviation.

An Azure EntraID administrator account with permissions to create enterprise applications and assign users.

VBR administrator permissions, which are the foundation for configuring VBR accounts and identity integration.

The Windows machine where VBR Console is installed must correctly resolve the VBR hostname or FQDN; otherwise, the URLs in the SP/IdP Metadata won't match.

Why VBR Login Security Matters

If attackers gain access to Veeam Backup & Replication, they can delete backups or alter configurations, leaving businesses vulnerable.

📌 According to CISA Cybersecurity Guidelines, securing backup solutions is critical in mitigating ransomware risks

Configuration Method

The following configuration is divided into Azure and VBR parts and must be done in a specific order, so it is recommended to proceed sequentially.

Generate SP Information in VBR and Export Metadata

1. First, log in to the VBR console using the veeamadmin account. In VBR, open the hamburger icon (three horizontal lines) in the upper left corner and select Users and Roles from the dropdown menu.
   
   
   
2. Switch to the new Identity Provider interface in v13. By default, the Enable SAML Authentication option here is unchecked. Check it to enable it, and then look at the Service Provider (SP) Information section below. In identity authentication, VBR now acts as the service provider (SP) for the application, so we first need to install a certificate for VBR here. Click Install.
3. You can choose one from the local certificate store. Select an existing certificate from the certificate store and click Next.
4. In the certificate store, find the certificate with the Friendly Name Veeam Backup Server Certificate, then click Finish to complete.
5. At this point, you will see that the Certificate field in the SP Information section now has information, CN=<Backup Server FQDN>. The next step is to click the Download button below Install to download the XML file from the SP side and save it. This file will be used later during the Azure configuration.

Upload SP Metadata in Azure EntraID and Assign Users.

1. First, create a security group for VBR named VBR Users. Add a user to this group, for example, I added my own account.
2. In EntraID, find Enterprise apps. We need to create a new Application for VBR's identity authentication. Click New Application to create it.
3. When creating, do not choose from the catalog. Click Create your own application, then in the pop-up on the right, enter the app name and select Integrate any other application you don't find in the gallery (Non-gallery). For example, mine is called vbrsso.
   
   
   
4. After this Application is created, you will automatically be taken to the Application Overview interface. The Getting Started section clearly lists the next steps. You can configure them one by one as needed, following steps 1, 2, 3, 4, and 5. For VBR, we only need to configure two: Assign users and groups, and set up single sign-on.
5. After assigning the group created in the first step, VBR Users, to this application, click the second step, Set up single sign-on. This will take you to the single sign-on configuration interface. Here, we select the SAML option to integrate with VBR.
6. After entering the SAML configuration interface, steps 1-2-3-4 are clearly listed. However, we don't need to edit each item here individually. Just find the Upload metadata file option at the top, click it, and upload the XML file we just exported from VBR. Save it to complete the single sign-on configuration here. After uploading, you can see that the URLs in Basic SAML Configuration have been correctly updated to my VBR's FQDN.
7. Next, find the last row in the SAML Certificates box in step 3 above, click the Download button next to Federation Metadata XML, and download another automatically generated XML file from Azure EntraID.

At this point, the setup on Azure is complete.

Return to VBR and update the IdP configuration information.

1. Go back to the Identity Provider interface under Users & Roles in VBR, find the Identity Provider (IdP) Information settings. This is the information for the identity provider in the single sign-on setup, which in this case is Azure Entra ID acting as the identity provider. Click Browse next to it and upload the XML file you just downloaded from Azure. After the upload is complete, you will see that all the IdP information below has been correctly updated to Microsoft's URLs.
2. After clicking OK to complete the setup, we can reopen Users and Roles to add a user. Click Add..., and the External user or group option will appear; select it.
3. In the pop-up Add User dialog box, enter the complete Azure Entra ID email address.
4. With this, the entire configuration is complete. Let's test the login. Open the VBR client, and you will see that the Sign in with SSO option has appeared. Click on it directly.
5. After clicking, the login window will automatically pop up with the standard Microsoft login interface. After entering the password, the Microsoft MFA approval for login will also pop up. After approving it on the mobile Authenticator app, the VBR Console will successfully redirect and log in.
6. Let's also try the web interface. In the WebUI, we can similarly see the new Sign in With SSO option.
   
   
   
7. Likewise, after approving the login, we can access the Web UI with Veeam permissions. In the upper right corner of the Web UI, we can see that the accessing user's account and email are correctly displayed.

Viewing login audit information in Azure

In the Azure Entra ID management audit interface, you can clearly see the login information from VBR.

👉 Related reading: Veeam File-Level Recovery Guide

Conclusion

By following the above method, the integration between VBR and Azure Entra ID can be easily configured. It is important to note that users configured this way are only backup system users. They cannot log in to the Appliance's Veeam Management Console like the veeamadmin and veeamso accounts can; this SSO account cannot manage the Appliance.

From a security perspective, this configuration effectively separates backup system permissions. The authentication for the backup system is completely separated from the accounts for the backup infrastructure, which better complies with the usage standards of large enterprises and organizations.

Veeam File-Level Recovery – Powerful Open VM Backup and Restore Solution

introduction

After a virtual machine backup, there are typically many recovery methods available, each suited for different recovery scenarios. One widely used method is file-level recovery. This isn't some new technology—this need existed back when virtualization backups first emerged, and it was implemented early on by major backup software vendors. At first glance, this technology seems straightforward, but when it comes time to actually recover, Veeam can be a huge help.

Accidental file deletion or corruption can bring business workflows to a halt. Instead of restoring an entire VM, Veeam’s file-level recovery (FLR) allows administrators to quickly recover individual files from backups.

This makes it one of the most powerful features of Veeam Backup & Replication, ensuring businesses save time and reduce downtime during recovery operations.

Let's look at this situation: I've opened the file-level restore browser, which is usually an interface provided by the backup software vendor:

📌 According to Veeam’s official documentation,  FLR is available in both the free and paid editions.

Check the content of the Files before recovering them

There's a bunch of PDF files here, but I have no idea what they are. Just looking at the filenames, I can't tell what they contain. Before restoring, can I open them to take a look? What if I restore the wrong files—wouldn't that make the recovery pointless?

This is a magical button. When we click it, we can see the file contents. Then I discovered that these PDFs I couldn't open before—I can now preview them locally before deciding to restore them. Isn't that great!

Recover the file in ZIP

Here's another scenario: with ZIP files, I might only want to restore specific files inside the archive. How do we handle that? The same incredibly versatile button can handle this, too.

This magical button opens up endless possibilities for recovery. For various objects that only special applications can recognize, as long as the application is pre-installed and can recognize the data format, this amazing button can help us extract objects and restore content. Data content is the core of our information systems—any recovery that doesn't care about the content is downright deceptive. So please, use this button before restoring!

Key Benefits of Veeam FLR

• Fast recovery: No need to restore entire VMs.

• Cross-platform support: Works for Windows, Linux, and other OS.

• Granular restore: Recover single files, folders, or application data.

• Secure process: Files are restored directly from backups without altering the source VM.

👉 Related reading: Free Tool: Veeam Backup & Replication Community Edition

Conclusion

The Veeam file-level recovery feature is a must-have for IT admins who need fast, reliable, and granular recovery options. Instead of restoring full VMs, businesses can quickly bring back only the required data, reducing downtime and improving operational efficiency.

By integrating this tool into your Open VM backup strategy, you gain a secure and efficient way to recover files on demand.

 A Brief History of FreeStor – Evolution of Open-Source Storage Solutions

Introduction

FreeStor has been a significant name in the world of software-defined storage (SDS). Originally designed as a unified storage management platform, FreeStor simplified backup, recovery, and data mobility across multi-vendor environments.

In this article, we’ll explore a brief history of FreeStor, its evolution, and its influence on modern enterprise data protection solutions.

Although the term "software-defined storage" only began to gain popularity in the storage industry around 2015, FreeStor's birth and technological evolution actually spanned over a decade, long before the concept of "software-defined storage" even emerged. In fact, the company had already been practicing "software-defined storage" for more than ten years prior and has consistently adhered to the "software-defined" philosophy while innovating for the past fifteen years.

📌 According to FalconStor’s archives, FreeStor was one of the first platforms to fully embrace storage virtualization.

To discuss FalconStor's history, one must mention ARCserve. ARCserve was the world's first client/server architecture backup software, launched by Cheyenne Software, and it dominated the backup software market in the 1990s. It's worth recalling that ARCserve began selling hotly in China in 1996. At that time, Veritas had just acquired OpenVision and was still figuring out how backup worked (has anyone ever wondered why NetBackup's installation directory is called /usr/openv?). BackupExec, under Seagate, could only rely on Microsoft's shadow to operate guerrilla-style, and Commvault had just been founded without any products yet. This client/server architecture remains the fundamental framework for nearly all backup software on the market even today. After Cheyenne Software was acquired by Computer Associates (CA), ARCserve continued to shine in the market for several more years, steadily holding over 40% market share—until the core R&D team left CA around 1999-2000 to establish FalconStor Software.

As a side note: after losing this team, ARCserve's market position declined sharply. Veritas/Symantec gradually took over as the market leader, and CA never recovered in the backup field until ARCserve spun off from CA last year—it remains to be seen if it can make a comeback. Those familiar with this history may note that, to this day, a significant proportion of FalconStor employees—from the CEO down to staff at various levels in countries including China—have Cheyenne or CA experience on their resumes. From this perspective, FalconStor Software can indeed be described as a team with tradition and history.

Only storage veterans have seen this old ARCserve software box.

IPStor: The Earliest "Software-Defined Storage"

When FalconStor Software was founded in 2000, its first product, IPStor, was "software-defined storage." The main use of IPStor was to install the IPStor software on a standard x86 server, turning it into a storage virtualization gateway. It connected upward via IP networks (later switching to FC, and adding iSCSI as it emerged) to all application servers, and downward via FC and SCSI (gradually incorporating iSCSI and FCoE later) to all disk arrays. This architecture enabled the integration of heterogeneous storage and remote connectivity over IP networks, while also providing various advanced management features.

The concept behind IPStor was absolutely ahead of its time. Looking back to the turn of the century in 2000, not only was "software-defined storage" unheard of, but even the concept of storage virtualization didn't exist. VMware had just been born not long before, and server virtualization was only possible on UNIX and mainframes.

It was precisely because it was too far ahead of its time that, although it caused a major stir and discussion within technical circles, IPStor was somewhat "born at the wrong time." At that time, corporate data volumes and the number of storage devices were far less than today, so the demand for heterogeneous storage integration wasn't strong. Additionally, IP network performance wasn't high back then, making the idea of integrating storage over IP networks seem too radical. Furthermore, FalconStor's capabilities in market promotion and sales lagged significantly behind its competitors. For these reasons, IPStor's market reception wasn't ideal.

"Software-Defined Backup Appliances" and "Software-Defined Disaster Recovery"

Nevertheless, IPStor remains a technically advanced platform. Building on IPStor, FalconStor integrated tape virtualization and management functions and was a pioneer in implementing deduplication technology, leading to the launch of its Virtual Tape Library (VTL) software. FalconStor's VTL software was once extremely popular, forming partnerships with most major storage vendors, including EMC, IBM, HP, HDS, as well as domestic companies like H3C, Huawei, and Tongyou, all of which OEM'd FalconStor's VTL technology. Combined, they once held over 50% of the market share. From today's perspective, FalconStor's VTL can actually be seen as a precursor to "software-defined backup appliances" or "software-defined deduplication."

FreeStor: Modern "Software-Defined Storage"

The reason we've discussed so much history is that IPStor is the predecessor of FreeStor, while CDP and VTL can be considered "derivative products" born from the same roots. In fact, FreeStor was developed as version 8.0 of IPStor. Therefore, IPStor's foundational architecture and design philosophy have been well preserved. Meanwhile, the various test results from IPStor, VTL, and CDP—especially regarding compatibility—remain largely valid. Thus, compared to other software-defined storage technologies and products on the market, FreeStor's advantage lies in its thousands of active users, meaning its stability and compatibility have been thoroughly proven, making it more mature in many aspects. FreeStor's slogan, "Fifteen Years of Software-Defined," is genuinely well-deserved.

Compared to the previous IPStor, FreeStor has undergone numerous improvements that fully justify the rebranding. The main enhancements in FreeStor include:

• 1) Significantly improved performance to meet the demands of emerging flash media;
• 2) Greatly enhanced scalability and parallel read/write capabilities;
• 3) Added support for OpenStack;
• 4) Designed a more user-friendly interface;
• 5) Switched to a usage-based pricing model.

With these improvements, FreeStor can finally be said to have been completely transformed.

We believe that FreeStor will carry forward and enhance IPStor's software-defined storage philosophy and achieve even greater success. This is because today's enterprise users face more complex storage architectures and more pronounced heterogeneous management challenges compared to fifteen years ago. Even with a single-vendor procurement strategy, the integration of heterogeneous systems remains difficult, especially with the addition of flash arrays. At the same time, storage costs have become a more pressing issue, and the strategy of continuously expanding existing high-end storage arrays is facing serious challenges. In response to these issues, FreeStor can break vendor lock-in, optimize storage resources, and improve the cost-performance ratio of the entire storage architecture—all while ensuring performance. It also enhances manageability, high availability, scalability, and provides comprehensive backup and disaster recovery mechanisms.

Conclusion

The history of FreeStor reflects the shift from proprietary storage systems to software-defined, vendor-neutral solutions. By introducing centralized management, efficient replication, and hybrid capabilities, FreeStor helped shape today’s enterprise storage landscape.

Organizations continue to benefit from its pioneering ideas, which paved the way for modern data mobility and storage virtualization.

👉 Related reading: VMware Backup Best Practices

Free Migration Tool by Veeam – Quick VM Migration with Backup & Replication

Introduction

As a VMware administrator, you often encounter awkward situations. There are always scenarios where VMware vMotion isn't suitable, leaving you wondering whether to migrate or not when proper tools are unavailable.

Don't worry - the free Veeam Community Edition comes to the rescue. What vMotion can't handle, Quick Migration can. While it takes more time, you get the migration completed without requiring any product licenses - it's a free, unlimited-use solution. During Veeam's Instant VM Recovery, there's an option called Quick Migration, which is an optional step in the Instant VM Recovery process. When we need to migrate data from backup storage to production storage but lack VMware Enterprise Plus licensing (making the sophisticated Storage vMotion unavailable), or when there's no vCenter available during recovery and only a single ESXi node is providing services, Quick Migration becomes an excellent choice. You only pay with slightly more downtime than Storage vMotion, but gain much broader compatibility, making it a perfect supplemental solution.

But Quick Migration's uses extend far beyond this. Let me briefly give a few examples:

Cross-vCenter, Cross-Datacenter VM Migration

This is typically a complex manual operation or requires sophisticated solutions. With Veeam, this operation becomes extremely simple - Quick Migration can handle it. As long as suitable proxies are available, Veeam can perform such migration operations without relying on backups. That means Veeam's migration can proceed directly without requiring backup or replication operations as prerequisites.

The operation is very simple - there's a button in Veeam's interface. Just click it and follow the wizard to complete. During migration, Veeam also supports basic operations like Thin/Thick conversion and disk redirection.

LAN-Free Migration

What? Can virtual machine migration be LAN-free? Yes, you read that correctly. Veeam's Quick Migration can achieve LAN-free operation through proper proxy configuration. Using Direct SAN Access technology, both Fiber Channel and Direct NFS technologies can be used in Quick Migration, thereby avoiding VMKernel bandwidth limitations. This helps effectively control data flow during large-capacity virtual machine migrations.

Of course, we might achieve similar results through other methods or tools, but Veeam provides additional options here, giving us more tools to tackle the challenges we face in daily virtualization data management.

Why Use Veeam Quick Migration?

Unlike manual methods, Quick Migration leverages backup and replication technologies to ensure data safety during VM moves.

Key Benefits:

• Zero or minimal downtime for production VMs

• Works even when vMotion is unavailable

• Safe migration using existing backups

• Simple wizard-driven interface

📌 According to Veeam’s official documentation, Quick Migration is included in all editions of Veeam Backup & Replication, including the free Community Edition.

How Quick Migration Works

• Veeam creates a temporary snapshot of the VM.

• It transfers changes to the target host or datastore.

• The VM is powered on in the new location with minimal interruption.

👉 Related reading: Free Tool: Veeam Backup & Replication Community Edition

Conclusion

The Veeam free migration tool (Quick Migration) provides IT administrators with a safe, reliable, and simple way to move VMware VMs without downtime.

By combining backup, replication, and migration, Veeam ensures business continuity while helping organizations optimize infrastructure and reduce risks.

Other Free unlimited tools from Veeam Backup & Replication Community Edition 

• VeeamZIP
• Veeam storage snapshot
• Veeam Tape Library Management Tool
• Veeam FastSCP