Veeam Community Forums Digest December 11 - December 17, 2017
THE WORD FROM GOSTEV vSphere users, note that VMware Tools 10.2.0 is now generally available, and there are two major new features that make it quite a significantly release – so much I decided to highlight one here. First, this release finally adds offline bundles VIB which can be deploying using vSphere Update Manager to vSphere 5.5 and later ESXi hosts. Woohoo! Second, it brings support for Microsoft System Center Configuration Manager (SCCM) for distributing and updating VMware Tools on your VMs. Which will also be appreciated by many! Here are the direct links to Release Notes and the actual bits for your convenience.
Another attack story from one of our customers, who hired a security firms post attack to investigate this attack thoroughly – thus all the scary details. Cryptomix Arena made it's way into the network and started encrypting Windows file servers and Hyper-V VMs. Once VHDs were encrypted, the ransomware deleted the original VHDs and ran a disk scrubber. Next, actual hackers appeared (feels like just like sharks sensing blood in the water, doesn't it – but what really happens is ransomware "phones home"). After failing to connect to the Veeam backup server through PowerShell, hackers managed to instead logon to one locally by brute forcing RDP, and proceeded to delete all backups manually – both those sitting on the local NAS, and their copies in Cloud Connect. They also manually ran a disk scrubber to ensure those local backups could not be recovered. Finally, they accessed Hyper-V management console and deleted the backup server VM entirely. The only way customer managed to recover some of their data was from storage snapshots.
So if this does not teach you to implement two-factor authentication for RDP access to your critical systems, then I don't know what else will. And naturally, the Insider Protection functionality for Veeam Cloud Connect cannot come fast enough – luckily, Update 3 is just around the corner now. Also, this story confirms the importance of having some sort of air gap – even if it was not true air gap in this case, still the hacker either was completely unaware of the presence of storage snapshots, or simply was not able to break into the storage array management console to delete those. Although I'm guessing the disk scrubbing probably overfilled snapshot storage location, so most snapshots were lost anyway.
By the way, another reason to use two-factor authentication and not just use strong password alone is repeating reports on the presence of keyloggers in OEM drivers like Synaptic and Conexant. Which means it's hard to find a modern PC that would not be at risk... the article's name is actually very misleading – not sure why would they pick on HP specifically, when other PC vendors are equally affected. For example, my Lenovo X1 had both Synaptic Touchpad and Conexant Audio drivers preinstalled too.
To those using Data Domain as a target for Veeam: according to DELL EMC, close to a thousand of your systems are still running DD OS 5.4 and 5.5. Please, schedule the upgrade in the next few months, as we're planning to end support for these DD OS versions in the next update. With the real reason being the DDBoost SDK required by the upcoming DD OS version supporting 5.6 and later only.
Did you know the biggest bubble in the human history was with tulips? I was fascinated reading the article, especially that snippet on how much goods you could get for a single bulb. Luckily, the humanity advanced so far in 500 years, and this sort of explainable craziness can never repeat... just kidding, actually I learnt about tulip mania while watching the video on the mother of all bubbles.
VEEAM CLOUD & SERVICE PROVIDER CORNER It's been a month now since Veeam Availability Console (VAC) was launched, but we already see some great download numbers and as well as the positive feedback on the observed functionality! Thank you for that!
In this digest I would like to cover a couple of most commonly asked questions I saw during our product launch webinars and in our community forums:
Deployment and Configuration
Licensing
- If you have multiple Cloud Connect servers deployed, then you need to install VAC server for each Cloud Connect server. We are planning to add support for multiple Cloud Connect servers in our next releases.
- If you're already using Cloud Connect, then all your tenants will be re-created as companies in the Veeam Availability Console automatically after you add that Cloud Connect server to VAC.
- To collect data about quotas, job states and other information from the Veeam Backup & Replication server, VAC management agent must be installed on that server. This happens automatically when your client enables "Allow this Veeam Backup & Replication installation to be managed by the service provider" checkbox. Here is a bit more info on how it's done.
This is all for today, have a great week!
- Only paid versions of Veeam Agent for Microsoft Windows (VAW) can be managed in VAC.
- If your client already has his own license key for VAW, then you cannot manage these agents in VAC. Server provider must install his own license key (rental) to VAC to start deploying, configuring and managing remote backup agents.
- If your client already has a license key for the Veeam Backup & Replication server, then you can add it to VAC. Edition of that backup server does not matter.
- In order to update your production (rental) license key automatically, you need to enable license auto-update option in the product UI. You can also update the key manually, but for this you need to go Veeam license management portal and download the updated file yourself.
- To report on your license usage, you can use pre-built functionality of VAC. Every month VAC will generate a license usage report for all managed Veeam Backup & Replication servers as well as the report for all managed Veeam Agents for Microsoft Windows. Here is the user guide page for further reading.
-Vitaliy
BEST POST OF THE WEEK Re: Any closer to an ETA for Veeam v10 ? [BY: Gostev • LIKED: 6 times]
Very soon!
TOP CONTENT How to speed up guest file indexing? [VIEWS: 156 • REPLIES: 11]
Hi,DirectSAN configuration [VIEWS: 136 • REPLIES: 7]
when taking a backup from an w2008r2 file server then guest file system indexing take about an hour every time.
There are about 3 millon files on that server, indexing or windows search are not installed. more
Hi,Agent for Windows free edition initial snapshot question [VIEWS: 135 • REPLIES: 7]
I'm currently working on a new backup server with DirectSAN access and i would like to know if i need any virtual backup proxies on my hosts when using this transport mode?
We are using revere incremental on our backup jobs and we have mixed VMs with thin and thick disks. more
Hey guys, new to Veeam products but like what I see so far. I've been using Veeam Agent free for some workstations and I'm thinking about trying it out on some servers to replace Windows Server Backup but I had a question about how it works. moremount server not work correctly [VIEWS: 134 • REPLIES: 7]
dear friendEvacuating compressed data to non-compressed repository [VIEWS: 129 • REPLIES: 5]
Hi
i read about mount server that config on each backup repository i think it will be used when we get backup from a vm and want restore (FLR) it will be mount all vm data on mount server but now my repository server is :10. more
We have a few XFS repositories that store data with Veeam job compression. On the other hand we have ZFS/NTFS based dedup repositories that decompress data when writing it out to file system to achieve max dedup ratio from file system. more
YOUR CONTENT None of topics you have contributed to have been updated this week.
WEEKLY VEEAM COMMUNITY FORUMS DIGEST
Komentáře
Okomentovat