Veeam 12.3 – Security Features Recap & Tips

INTRODUCTION

The topic of security is on the daily agenda for us professionals in the IT world nowadays: news of hacker attacks, data breaches, and ransomware requests are no longer news, but are unfortunately everyday occurrences.

đź’ˇ: for staying up-to-date on the latest ransomware attacks around the world and many other insights on the topic I suggest checking out the Ransomware Live site

In this scenario, Veeam Data Platform 12.3 helps us protect our data and reduce the impacts of a cyberattack.

Let’s find out what are all the security-oriented features built into the software.


SECURITY FEATURES


The latest Veeam 12.3 release brings with it many security features that have been gradually introduced and improved over the years by the leading US Data Protection company.


Security and Compliance Analyzer

It is a tool integrated into the VBR console, it analyzes several configurations of backup infrastructure components by checking compliance with suggested security best practices.

Some examples: disabling obsolete/vulnerable protocols, verifying presence of hardened/immutable repositories, 3-2-1 rule, encryption password complexity, having the latest patches installed

đź’ˇ: you can schedule the automatic scan and send it via email

Malware detection

It is the real engine of cybersecurity built into Veeam 12.3, and includes several features. Below are the details:


1) guest index data scan

Supported for VMWare, Hyper-V, Nutanix, and Veeam Agent for Windows backups, allows you to scan the indexes of a file system (upon enabling the “guest file system indexing” option on the backup job) and flag any suspicious files/extensions with a specific event in the VBR console.



It is managed by the Veeam Data Analyzer Service, which at the end of each backup compares the indexing contents with the “SuspiciousFiles.xml” file, where indeed a (customizable) list of suspicious files and extensions is contained.

đź’ˇ: for backup servers that have internet browsing blocked to Veeam addresses as well, you can manually update the list of suspicious files by downloading the “SuspiciousFiles.xml” file following this KB

This xml file also contains a list of the IoCs (Indicators of Compromise) selected from the matrix developed by the MITRE ATT&CK, i.e., files that are not malicious but may indicate the presence of suspicious activity in progress. In this case, the Veeam Data Analyzer Service compares the indexing file of the last two restore points (created at least 25 hours and maximum 30 days apart), looking for any potential indicators of compromise. It is also possible here to choose which default IoCs to monitor and which not.



Another feature also managed by the Veeam Data Analyzer Service is the one that identifies any multiple file deletions: by comparing the indexing file of the last two restore points (created within a time window of at least 25 hours and maximum 30 days), if there are at least 100 files of a specific extension and in the last restore point more than 50 percent of the total are deleted, a malware detection event is created. Extensions are recorded in the file “TrackedFiles.xml”, which can be customized by changing the parameters of Thresholdpercent and Thresholdfiles, or even adding specific extensions or ignoring file system paths that we do not intend to monitor.

Finally, with the same logic of comparing the indexes of two restore points, the presence of multiple extension changes is also identified; based on the occurrence of certain conditions, this time not customizable, such as at least 200 files with new extension and not present in the “SuspiciousFiles.xml”, a malware detection event is triggered.

💡: logs of malware detection events, in addition to the dedicated section within the VBR console, can be accessed in the default path “C:\ProgramData\Veeam\Backup\Malware_Detection_Logs”

đź’ˇ: you must also consider that by default the indexing data is kept in the Veeam Catalog for 14 days. If you want to increase this value, you can use the Veeam Enterprise Manager, which will maintain an extra copy of the Catalog with configurable duration

2) inline scan

While the features just described are based on post-backup analysis at the file system level, inline scan acts at the image/block level during a backup, detecting possible entropy generated by malware, such as encrypted files or artifacts, text files that may contain onion links or ransomware notes.
Technically, during each backup session on the Veeam Proxy used, files are generated (RIDX format, one file for each virtual disk processed) containing the disk metadata (disk name, creation time, disk size, used size, sector size, partition table) and ransomware data (encrypted data, file types, onion addresses, ransomware notes). After the backup is complete, these files are copied to the VBR Catalog, and scanned by the usual Veeam Data Analyzer Service, which will then save the results of its analysis in the “RansomwareIndexAnalyzeState.xml” file. When a new restore point appears, the service compares the most recent and oldest RIDX file (created in a time window of 25 hours and maximum 30 days), going on to update the “RansomwareIndexAnalyzeState.xml” file. If anything suspicious is identified, a malware detection event is created and the object, the specific virtual machine, marked as “suspicious”.


đź’ˇ: the inline scan feature is disabled by default; in case you want to enable it, keep in mind that it increases the CPU usage of the proxies and RAM/Disk space of the VBR

💡: to check in detail which files have been identified as “encrypted data,” use the procedure provided in this KB


3) scan backup – signature detection

Using this feature it is possible to find a clean restore point (not infected with malware) or to identify specific information, such as sensitive data. Currently, scanning only Windows servers (VMs or agents) via, precisely, a Veeam mount Windows server is supported.

There are three engines that can be used for scanning:

  • veeam threat hunter, a Veeam service automatically installed on mount servers and running in the background. Before each scan, it is checked for any malware signature updates. đź’ˇ: a registry key can be set to configure file and folder exclusions from the scan

  • 3rd party av, as an alternative to the veeam threat hunter, you can use a third party antivirus pre-installed on the mount server; you can find information about the default avs and add custom ones using the “AntivirusInfos.xml” file in the mount server.

  • yara rule: using files with a well-defined syntax, it is possible to search for infected restore points or sensitive data. In the former case, if a clean restore point is not found, a malware detection event is generated.

Whenever the scan finds a restore point that is not clean, it is marked as “infected”. If the scan session finds at least one clean restore point, it ends in “success,” otherwise in “failed.”


đź’ˇ: it is possible to suppress the event generation by inserting this line within the yara file: <rule SearchFileHash : SuppressMalwareDetectionNotification>


đź’ˇ: the complete scan logs can be found in the following directory of the mount server C:\ProgramData\Veeam\Backup\FLRSessions\Windows\FLR__<machinename>_\Antivirus


Secure restore

This feature allows the scan engines described above to be exploited during a restore.

Specifically, the following scenarios are supported:

â—¦ Instant Recovery
â—¦ Virtual Disks Restore
â—¦ Entire VM Restore
â—¦ Restore to Microsoft Azure
â—¦ Restore to Amazon EC2
â—¦ Restore to Google Compute Engine
â—¦ Disk Export


đź’ˇ: you can schedule automatic scanning of backups using SureBackup

đź’ˇ: if you have VRO, you can take full advantage of automation features in a clean room environment

Incident API

Veeam not only leverages its own malware detection capabilities, but also offers the ability to integrate third-party tools.
By exposing Veeam’s specific REST API, external monitoring and analysis tools are able to automate incident management and incident response processes to the point of involving the backup infrastructure as well.
In fact, an automatic quick backup can be launched upon receipt of an external threat detection event.

Syslog integration

Within Veeam it is possible to configure the forwarding of events to external syslogs, following the RFC 5424 standard

It is possible to exclude the forwarding of certain events, either by entering them manually in the interface or via xml files.

đź’ˇ: the full list of events managed by Veeam 12.3 can be found here

đź’ˇ: for advanced configurations please refer to this KB



Analytics View – Veeam Threat Center

It is possible to integrate within the VBR console the view of some Veeam ONE dashboards, such as the Veeam Threat Center one, which embeds a set of information about the global security and compliance status of our backup infrastructure.

Recon scanner

This feature is one of the latest additions to the Veeam Data Platform, and is based on technology developed by Coveware, a leading Cybersecurity Incident Response company acquired by Veeam in April 2024.

It consists of installing an agent in VBR environments that continuously collects data in order to proactively identify possible suspicious activity or the use of TTPs.

With each full system scan, the agent the results can be viewed directly in the dedicated Coveware portal.

đź’ˇ: it requires Veeam Data Platform Premium license version

External projects: Veeam decoy / Veeam vScan

It is also right to mention two external open source projects, but also maintained by the Veeam community. These are Veeam Decoys and Veeam vScan, which always fall under the security domain.

The former is a system simulates multiple Veeam and Windows services, such as Veeam Backup Server services, Veeam Hardened Repository, Veeam Windows Repository, Veeam Backup Enterprise Manager, etc. .
All captured connection attempts, including information such as source port, source ip, or credentials used, can be sent to a centralized syslog or via email.

The second allows vulnerability assessments to be performed on existing backup data, using the open source tools Trivy and Grype.

CONCLUSION


In short, as we have seen the security features present in Veeam Data Platform 12.3 are numerous and useful.

We are now waiting to find out what’s new in the next versions! đź’š

Veeam Vulnerability Scan Project

After the Veeam Decoy Project a few months ago, here is another very interesting tool developed for the Veeam community.

This is once again an open source project in the security area: integrated with Veeam Backup & Replication, it enables vulnerability assessments on existing backup data, using the open source tools Trivy and Grype.

The solution is designed to help manage situations such as security incidents, during which a specific server may be required to be restored at a specific point in time. Using vScan, it is possible to analyze that backup and check what vulnerabilities it has at the OS level (Linux only) before putting it back into production.

What would happen, in fact, if an attacker was still in our network ready to exploit our systems again?

Let’s explore some details of this tool.

Installation requirements

  • OS (client): Windows 10+
  • CPU: 1 core
  • RAM: 512 MB
  • Disk: 500 MB
  • Software: VBR console e Veeam Powershell module
  • Veeam version: 12.x
  • Linux server for scan: Rocky Linux 9.x / Ubuntu 22.x
  • Backup support: vSphere VM, Linux OS
  • Credentials Linux Server for Scan: root or user with sudo
  • Ports: 9392, 22, 587
  • Internet Access

You can download the software from the following address: https://github.com/VeeamHub/veeam-vscan-security

Method of use

  • Open the application with administrative rights
  • Under settings, validate the presence of the VBR console and Powershell module
  • Enter the credentials of the VBR
  • Select a linux scanner from the list of servers in the VBR or specify an external one
  • Test and save the configuration
  • Configure settings for email notifications (optional)
  • Select server, disk and restore point of which to scan (multiple selections can be made by adding scan “queue”)
  • Perform the backup mount operation and select an engine for the scan
  • Analyze or export the generated results

Features Summary

  • Integration with Veeam Data Integration API
  • Integration with Security Scanner Trivy and Grype
  • Automatic installation and update of definitions
  • Granular selection of backups
  • Use of a managed or external VBR linux server for scanning
  • Dashboard with vulnerability and severity trends
  • Vulnerability list synchronized with Nist NVD and Github Advisory database
  • CVE check contained in the CISA Known Exploited Vulnerabilities catalog
  • Status tracking of detected vulnerabilities
  • Ability to filter detected vulnerabilities by severity, status, server name, etc.
  • Export of results to CVS/HTML
  • Email notifications
  • Connection status

Conclusion

The tool is very simple to setup and use, the graphics is minimal but attractive. This version only supports scanning Linux machines on VMware, but there will be improvements for sure in the next releases.

Obviously, it is not to be considered as something to prevent security incidents or to be used as a replacement for the more classic vulnerability assessment tools on live production systems.
Instead, it can be categorized, alongside the malware detection features already included in the latest versions of Veeam such as Antivirus/YARA Scan and Veeam Threat Hunter, as an extra weapon to perform additional checks on our last barrier of defense, the backup data.

Enjoy! đź’š

Veeam v13 – Requirements and Deprecated Features Preview

INTRODUCTION

A few days ago, Veeam product management decided to share with users of the R&D forum some useful information about the upcoming v13, coming out in the second half of this 2025.

More specifically, the system requirements and deprecated features of the next long-awaited version were announced.

Let’s go over the most interesting points in detail.

SYSTEM REQUIREMENTS

Regarding OS system requirements, it is important to note that 32-bit operating systems will no longer be supported.
Also out will be older OS, such as Windows Server 2008 and 2012, Debian 10, RHEL 7, and among client systems Windows 7 and 8, Mac OS 10.
Also out of support of course is CentOS, now in End of Life.

Checking the hypervisors, we also find some important news here: as for VMware, the minimum supported version of vCenter/Esxi will be 7.0, for vCloud Director 10.4; for Hyper-V the 2012 and 2012 R2 versions will go out of support, the minimum supported version will be 2016; for Nutanix AHV instead, at least version 6.8 will be needed.

Let’s now check out what’s new for applications: regarding Microsoft, eliminated support for older Exchange 2013, Sharepoint 2013, SQL server 2008; out of support also SAP HANA 1.0 .

Special paragraph for systems that are part of the backup infrastructure: here the requirements are even more stringent, to ensure greater security for the Veeam environment. The minimum OS versions supported for the installation of Backup Server, Console and Enterprise Manager will be Windows Server 2016 and Windows 11 22H2. Special mention to Rocky Linux 9.2 (managed by Veeam), great future innovation of this v13. Also, if Microsoft SQL DB is chosen, the minimum version will have to be SQL Server 2016.

As for primary storage, support for some families and more legacy versions, such as Dell VNX/VNX2/VNXe and Netapp ONTAP 7, will be dropped.

DEPRECATED AND DISCONTINUED FEATURES

Some features will not be available in new v13 installations and in new jobs created in environments from v12. They will then be completely removed starting with v14, allowing everyone time to comply with these changes.

The most important ones include:

  • Reversed incremental backup mode
  • Retention based on the number of restore points (only time-based retention will be available)
  • Non per-machine backup chains (only per-machine backup chains will be available)
  • Active Directory based authentication for Veeam Cloud Connect tenants.
  • Veeam Backup Enterprise Manager – Cloud Connect Portal

Then there are some features that will be removed as early as v13, so if present they will not allow the upgrade to go forward:

  • Jobs with backup metadata still not upgraded to V12 format.
  • Backup Copy jobs still in legacy mode.
  • Full Veeam Agent for Windows installs prior to V6 (with LocalDB configuration database).

CONCLUSION

In my opinion, this communication is a very good thing for us software end-users, as it allows us to know in advance these two fundamental aspects for future upgrade.

As reported in a previous article, in order to better plan the software upgrade, it is essential to check the compatibility matrix with the various components that are part of our infrastructure.

In addition, knowing the future features that will be removed from the software allows us to assess potential critical issues and put in place the appropriate changes before the upgrade.

NB: support for v12 has been extended by one year (until February 2027), to allow even those who are managing more legacy infrastructures to have time to upgrade the systems required to meet the future compatibility matrix.

Enjoy! đź’š

Veeam v13 – Technical Preview

As you all know, during the last VeeamON 2024, the long-awaited Linux version for Veeam Backup Server installation was announced.

Those like me who are lucky enough to be part of the Veeam100 program, these days are having a chance to test the upcoming Veeam Data Platform v13 version.


Obviously this is a Technical Preview, so the future official version, which will be GA in Q2 2025, might vary a little in terms of user experience and implemented features.


Well, let’s start by revealing some details!


First, the TP looks like an OVA that can be installed on our hypervisor (e.g. VMWare).


According to current information, there should be three options for (Rocky) Linux-based software installation in the future:

  • Virtual Appliance (OVA/OVF)
  • Bootable ISO
  • Linux installable packages (rpm)

The first two options are obviously the most recommended, because they also include the operating system and are optimized as well as compliant with the DISA-STIG and FIPS standards.


Once the OVA is installed, access will be allowed only with non-root users.

Other information, following the principles of zero trust, even the software services are associated with non-privileged accounts.
Regarding the console, the big news is the new colorful web interface, integrated into the Linux installation, which will initially operate alongside the classic VBR console.

This console will most likely not have immediately all the functionality of the classic VBR console installed with Windows, but it is still a good starting point to go and completely replace the “legacy sister”.


One option in my opinion very interesting introduced in this new console, is the possibility to manage software updates in a dedicated section, the Veeam Updater.

Very similar to what is already happening in dedicated Public Cloud backup appliances (Veeam for Azure/AWS/GCP), this section allows for custom updating of components, as well as a setting to force automatic deployment of security updates within a certain number of days of their availability.

Let us now turn to the preview of the VBR Windows console.

We can see lighter and more attractive graphics, with the option to enable dark mode as well.


In terms of new features, notable is the introduction of SAML authentication for integration with external providers and the Veeam Security Officer role (now Veeam Security Administrator) for managing the most sensitive operations.


We will stop here for now, waiting for the beta and of course the GA version! đź’š

Veeam Decoy Project

Let’s start from the beginning: security and backup.

Today, unfortunately, ransowmare attacks are on the rise, and defending against them is an increasingly difficult challenge.

If backups used to be considered as something not really important, perhaps useful only in case of any storage damage, today they have become the last resort to keep our data safe.

For this reason, one of the main targets during a cyber attack is the backup infrastructure: if threath actors succeed in taking it down, the road to ransom payment will be straight downhill.

News of collaborations and product integrations between large data protection and security vendors are now a daily occurrence, most recently the one between Veeam and Palo Alto Network Cortex XSIAM/XSOAR.

All this brings home to us how important it is to focus on the security of all systems, including backup infrastructure.

One of the several best practices recommended by Veeam, for example, is to try to make its components as anonymous as possible.

Assigning backup servers and repositories a name that cannot be identified with their role can be a first attempt to avoid making just about everything so easy for any malicious attackers.

Another method for attempting to identify and perhaps slow down an ongoing attack is to use honeypots: traps, decoys used to attract threat actors and draw them out.

The honeypot is a component that simulates the production system, possibly with the same applications, but with data that is not real.

In the case of Veeam Data Platform, the idea might be to create a VBR server that acts as a honeypot, perhaps even equipped with working backups.

Of course, this might require a not inconsiderable effort, because we would have to use sacrifiable, non-production systems, with the only purpose of attracting malicious attackers and having our anomaly detection software detect instrusion or tampering attempts on the honeypot.

A more simple option is the one developed by the open source Veeam Decoy project.

This system simulates multiple Veeam and Windows services, such as Veeam Backup Server services, Veeam Hardened Repository, Veeam Windows Repository, Veeam Backup Enterprise Manager, SSH, RDP, Netbios.

It supports the use of multiple network cards, so each service can be associated with a specific VLAN, so it is ready for a realistic attack scenarios using lateral movement tactics (TA0008).

The system doesn’t receive any incoming traffic, so any connection attributable to the use of discovery tactics (TA0007) should represent an intrusion attempt.

This tool can be downloaded as an OVA appliance (compatible only with vSphere 8.0 or higher) or installed on a minimal Rocky Linux.

The console comes with a very simple yet comprehensive interface where we can manage the status of decoy services, associated network interfaces, and view real-time ports in use and connection logs on each specific service.

All captured connection attempts, including information such as source port, source ip, or credentials used, can be turned over to a centralized syslog or via email, so that alerting can be triggered and readily handled by a SOC.

Of course, we do not expect it to be our most effective weapon against cyber attacks, but in this battle between the two worlds it is still one more option! đź’š

Veeam 12.2 – What’s New

During this week, the long-awaited news arrived: Veeam 12.2 is finally available for download.

As previewed in this article, there are many new features compared to the previous version.

The main ones are:

  • support for Proxmox VE, with immutability on backup and cross-platform VM restore capability
  • improved Nutanix integration, including support for backup operations via Prism Central with Veeam backup for Nutanix AHV 6
  • native backup support for Mongo DB, one of the most popular NoSQL databases, including the classic explorer for granular restores
  • full support for VMware vSphere 8.0 U3 and VMware Cloud Director 10.6
  • improvement of integrations with IBM Db2 and SAP HANA
  • support for Amazon Redshift and Amazon Fsx
  • support for Microsoft Azure Data Lake and Cosmos DB

In addition to the above, some of the most interesting improved features include:

  • support for direct offload from performance tier to archive tier for all types of repositories present on-prem in the SOBR
  • CDP I/O Filter Cross Compatibility, to also support older versions (12.0 and 12.1)
  • Veeam App for Splunk, an extension that allows users of the popular software to monitor the status of the Veeam backup environment
  • introduction of two new RBAC roles, Incident API Operator and Security Administrator
  • new checks added in the Security & Compliance Analyzer
  • sure backup continuous schedule, selecting specific time windows
  • database authentication for Oracle RMAN Plugin
  • intelligent SOBR extent selection for backup of unstructured data
  • immutable snapshots integration for HPE Storage Arrays

For the full list of all new features, see the vendor’s official document here.

Enjoy! đź’š

VeeamON 2024 Recap

INTRO

Last week in Fort Lauderdale, Florida, VeeamON 2024 took place, as every year the most awaited and important event organized by Veeam Software.

This year’s event was particularly rich in announcements, and there was really no lack of surprises.

Lots of demos and technical sessions, though not all available for those like me who followed everything remotely.

Veeam’s vision continues to focus on data resilience through 5 main strategies: Data Backup, Data Freedom, Data Recovery, Data Security, and Data Intelligence.

WHAT’S NEW

Starting to explore Data Backup, the core part dedicated to protecting and saving data, new versions of some solutions were officially presented.

  • Oracle Linux Virtualization Manager (oVirt): native support for OLVM, a KVM-based virtualization platform, has been available already since a few weeks
  • Proxmox VE: announced a few weeks ago the compatibility with this virtualizer, during VeeamON 2024 the first demo was presented, with the Veeam solution that promises to be 3 times faster than the native backup solution. The official release is scheduled for next Q3 2024
  • VBA v7: some new features for the future version of Veeam Backup for Azure announced, including the introduction of support for Cosmos DB
  • Veeam Backup for AWS v8: new features also for the Amazon cloud backup solution, introducing, for example, support for Redshift and Fsx
  • VBM365 v8: many new features also for Veeam Backup for Microsoft 365, coming out probably next Q3 2024, including MFA for console, proxy pools, immutability for backup, restore operator audit in Veeam ONE
  • Veeam Backup for Salesforce v3: additional features for this solution as well, where support for data encryption, data archive and data pipeline will be introduced
  • K10 v7: of course, it could not be missed an overview of the new version of Kasten, which includes, among others, support for FIPS-Enabled Clusters, for Azure Blob Immutability and for VMs on Openshift

We now turn to the surprises, which, as anticipated, were not lacking. Notable among the new features announced were, without a doubt:

  • VBR server on Linux OS starting with v13, with the specific capabilities of native zero trust architecture, and support for HA of Config DB, which will add that level of resilience and automation to the software that to today was lacking
  • Enter ID Backup, a solution that will be intergrated into Veeam B&R, to protect data, such as users, groups and app registrations, from Microsoft’s cloud-based identity/access management solution (Q4 2024)
  • Mongo DB Plugin, which will increase the package of natively supported enterprise applications (Q3 2024)
  • Lenovo TruSacle Backup, which will intregrate Veeam Backup & Replication and Veeam ONE into Lenovo ThinkSystem solutions for on-premise backups


In addition, as we know, Veeam has recently expanded its range of solutions by introducing fully SaaS services, further explored at this three-day event, including:

  • Veeam Data Cloud for M365, a preconfigured Microsoft 365 backup solution with a predictable cost model (per user/unlimited space)
  • Veeam Data Cloud for Azure, native and optimized backup solution for Microsoft Azure
  • Veeam Vault, fully managed cloud storage, with flat/TB rates, including api call charges and any outbound traffic

We move on to the Data Freedom and Data Recovery strategies, which is Veeam’s ability to use its own format to move a piece of data from one platform to another, allowing it to bypass the so-called “vendor lock-in”.

In this section we can mention the announcement of more new features for the upcoming version of VRO (Veeam Recovery Orchestrator).

Regarding Data Security, that strategic component through which Veeam and its solutions help data to be resilient to increasingly frequent cyber attacks, much space was given to Coveware, a company specializing in incident response acquired by Veeam last April 2024.

In particular, the key role it can play in a Cyber Recovery phase was explored, as it offers services such as:

  • Assessment
  • Forensic Analysis
  • Identification of ransomware type and impact on the customer’s organization
  • Negotiation with cybercriminals
  • Incident remediation and documentation


Also in the area of Data Security, also worth mentioning is the new partnership with Palo Alto for SIEM integration.

Speaking of Data Intelligence, another big surprise presented was the formalization of the partnership with Microsoft for Copilot AI integration with Veeam solutions.

Finally, we must mention other improvements and developments announced on Veeam ONE, Veeam AI assistant, Linux Hardened Repository and Veeam Service Provider Console.

CONCLUSION

In short, there was a lot of news, and I’m sure there will be an opportunity to explore some of them in more detail in future posts..STAY TUNED! đź’š

Veeam – Proxmox Announcement

This week Veeam Software made the much expected announcement: support for Proxmox will be released soon.

What is Proxmox, and why so much interest behind this news?

Proxmox VE (Virtual Environment) is an open-source, KVM-based virtualizer that allows both virtual machines and container-based architectures to run.

The recent acquisition of VMware by Broadcom, and the subsequent unknowns about the future strategies of the world leader in virtualization systems, have pushed many customers to look for possible alternatives to focus on for their infrastructures.

For this very reason, the name of Proxmox has gained popularity in the recent period, so much so that even Veeam has decided to focus on developing integration with this new hypervisor.

The first official demo will be presented at VeeamON 2024 to be held in Florida next June 3-5.

If you have not yet registered you can do it here.

Enjoy! đź’š

Veeam – Wasabi Object Storage

When we talk about backup repositories in Veeam, we have to mention object storage, a technology that has been growing in popularity in recent years.

From version 12 of Veeam B&R, in fact, it is possible to directly write a backup to this type of repository.

Since version 12.1, it has also been possible to back up data stored on an object storage.

Unlike file system type storage architectures, which manage data hierarchically within directories, object storage architecture is flat, and is designed to store unstructured data, such as backups.

Specifically, the data is divided into blocks with associated metadata and unique identifiers, which are used by the system when accessing it.

The main advantages include that it can hold large amounts of data at no excessive cost, is easily scalable, and is compatible with HTTP/HTTPS and REST API protocols.

Wasabi is one of the cloud-based object storage vendors, so we can compare it to the better-known S3 from AWS or Azure Blob Storage from Microsoft.

Unlike the large vendors mentioned above, the price/TB is much lower, and there are no costs for ingress/egress traffic or API calls.

Wasabi is listed in the Veeam Ready compatibility directory as an object storage backup target (S3 compatible), and with native support for immutability (object lock) functionality.

The first thing to do to use Wasabi for our Veeam backups is to create a storage account by registering for the free 30-day trial; after that, it is possible to continue using the account in Pay As You Go or Reserved Capacity Storage mode.

Once registered and logged into the dashboard, generate a new access key/secret key pair, and create the bucket that will store our Veeam backups:

Now we can go to our Veeam B&R console, and from the main menu click on “Add Repository,” then select “Object Storage” and “Wasabi Cloud Storage”:

Once the wizard starts, enter the name we want to give on Veeam to our Wasabi repository:

Next, enter the details of the storage account and region on which we created our bucket:

At this point, enter the details of the bucket and folder to be used for our backups:

NB: for this tutorial in a lab environment the immutability flag was not enabled, but for production environments it is always recommended to use it

Finally, specify the mount server and complete the wizard:

Here is our Wasabi repository to use for our backup jobs:

Enjoy! đź’š

WBD 2024

Today, March 31, is World Backup Day 2024!

This anniversary, which started way back in 2011, wants to make businesses as well as individuals aware of the importance of having their data backed up and safe with an annual commemoration.

If we think about any business in the world, small or large, we know for sure that every day it has to manage data to carry out its work. Personal registries, orders, payments are a few examples of activities that are indispensable for a business, activities that need to write this data in almost always digital devices, whether they are servers, storage or simple computers.

Let us now think of ourselves, our family members, our friends. Who among us does not use a smartphone or computer? Photos, videos, messages, important documents, all valuable material that we certainly don’t want to lose.

But what if the computer suddenly breaks down or our smartphone gets stolen? We would no longer be able to recover our data, unless we had backed it up first!

Well yes, for any important data, it is good practice to make at least a second copy and keep it in a safe place. Cloud, external hard drives, usb sticks are some examples of devices that can help us save our important files, a backup indeed!

Sometimes we do not realize the importance of something until we have lost it, but why take the risk?

Backup is the solution!