Veeam Community Forums Digest for dandvo [Sep 11 - Sep 17, 2017]

Veeam Community Forums Digest

September 11 - September 17, 2017

 

THE WORD FROM GOSTEV

VMworld Europe is over - with not too many exciting new announcements, but in my memory it's always been like that: with every other VMworld, there's simply not too much for VMware to talk about because of the absence of a major platform release. Still, this was the biggest VMworld Europe by the numbers, and probably the most useful VMworld in the history for me specifically due to all the side meetings, particularly with VMware developers. I finally had a chance to review many of the pressing architecture issues with VVols and VMFS that caused limitations our customers have often been complaining about with the file system folks – and they quickly came up with suggestions on how we could attempt to work around some of those limitations. Definitely something we will be trying out soon – quite excited because these issues have been around for years! I''ve also met with VSAN folks and learned about one cool new platform capability they are developing – for which some of the functionality we're adding in v10 makes the perfect fit. Gotta love it when the things add up! Probably expecting my complaints here, VMware made up for the lack of exciting tech announcements literally the next day after VMworld has ended, announcing a patch for the new critical virtual machine escape flaw in ESXi 6.5, which is really the worst type of security bug you can imagine for a hypervisor. Now THIS did sparkle some great discussions on the IT Pro communities I follow – go figure, it must be true that there's no such thing as bad PR. Again, vulnerability is in the SVGA driver - just like the one I covered here back in March. And again, the only ESXi version affected is 6.5 – staying on the previous ESXi versions seem to just keeps on giving to those of you who still do! While all ESXi 6.5 users should definitely scramble and install the patch ASAP – especially service providers – as the vulnerability is quite nasty indeed. I realized how much am I learning about security by having access to details of security breaches affecting our customers. And I keep sharing these details with you, because I also look forward to perspectives of security people by trade, as these sometimes contains tips I'd have never thought of myself. One such gem I picked a few days ago on Twitter from someone who read the cyber-attack story in the previous digest. His comment made so much sense that it's embarrassing I have not thought about this myself, having so much Active Directory experience from my previous life. This person basically noted that personally he'd scrap and rebuild all domains that the attacker had Domain Admin level access to during the attack, because you never know what stuff he could have left behind to be able to come back in later. This makes so much sense – I've immediately thought of a number of modifications that can be quietly left behind in AD to make the next attack trivial. Trojan horse at its best! You've paid the ransom, decrypted your VMs and think it's over – but no, you're on the hook even worse than before. Another useful comment I've received was around saved RDP credentials – this thread covers Group Policy settings around restricting the use of saved credentials. Interestingly enough, you can implement this both on a RDP client and on RDP server side separately (scroll down to read all suggested solutions, not just the marked one). In case you were wondering about our plans for going public, here's a great commentary from our President in the Fortune Magazine > Why going public doesn't make sense right now

 

BEST POST OF THE WEEK

Bring back stand alone Pssnapin/Module installer.   [BY: Craig Dalrymple • LIKED: 3 times] Is there any particular reason why we are no longer able to install the Veeam PSSnapin/Module on its own? Now we have to install the remote console just to be able to call the pssnapin/module, which is a bit much if all you want to do is run a quick command. Appreciate it's a one time install, but you get the point Are there any plans to upload the module to the Powershell gallery, to simplify the installation of the module , along the lines of :- Code: Select All Code Install-module -Name Veeam.Powershell Would mean it's an easy and quick solution for Veeam admins out on the road etc to install the required modules without having to carry a copy of the remote console installation files with them.

 

TOP CONTENT

Feature Request: Restore DFS Namespace   [VIEWS: 218 • REPLIES: 9] Had an incident lately where one of our techs accidentally deleted a DFS Namespace rather than a folder under it. Sod's law dictated this was our biggest namespace with circa 1,000 subfolders which all were deleted in an instant. more why backup proxy not work correctly during backup job ?   [VIEWS: 175 • REPLIES: 7] Dear all Hi i have a question about backup proxy: more Weekly full backup copy of 2 physical file servers (VAW)   [VIEWS: 173 • REPLIES: 6] Hello, I'm struggling with the following issue. I have two physical file server (each ~2TB data) which are backed up daily to our VBR server using VAW Free (14 days retention). On the VBR server I have 2 backup copy jobs which copies the new files to our FreeNAS repository. more HPE 3PAR Inform OS 3.3.1 Storage Snapshot Bug   [VIEWS: 159 • REPLIES: 2] Hi All, Just posting this to make everyone aware that there is a bug in the current Inform OS 3.3.1 in which processes on the 3PAR will get stuck/frozen during a snapshot removal and cause the system to Panic. more Bottleneck Confusion   [VIEWS: 157 • REPLIES: 8] Here's the layout. Veeam Server has a large RAID 5 Disk via SAS physical connection. There are 2 jobs in this Veeam Server scenario: more

 

YOUR CONTENT

None of topics you have contributed to have been updated this week.