We are excited to announce the release of Kasten K10 version 6.0, the latest and most advanced version of our industry-leading platform that provides enterprise-grade Kubernetes data protection and application mobility. This release helps customers scale their cloud native data protection efficiently. Kubernetes deployments are growing at an unprecedented rate. Gartner predicts that by 2027, more than 90% of global organizations will be running containerized applications in production. However, today’s market conditions are scarred with financial uncertainty and a shortage of cloud native skills. Therefore, you must ensure operational efficiencies are in place to unleash the full potential of your cloud native environments while protecting your data. Additionally, security remains an imperative as organizations focus on keeping their businesses running. With this release, we also continue to innovate in this growing ecosystem, so that you can take advantage of the best-of-breed inn...
Get link
Facebook
X
Pinterest
Email
Other Apps
Achieving Advanced Cyber Resiliency with the Veeam Data Platform
Get link
Facebook
X
Pinterest
Email
Other Apps
In today’s digital world, what is the worst fear of any business relying on digital systems and data? Unexpected downtime! Every organization will suffer downtime at some point in time but systems and controls should be put in place to restore the system and/or data rapidly and reliably according to the business’s needs in such an event.
Advanced cyber resilience, which contains cyber security and business continuity management, is the way forward to defend against potential dynamic cyberattacks and ensure your organization’s survival following a cyberattack.
Achieving advanced cyber resiliency
The Veeam Data Platform enables you to respond faster, more accurately and in a more advanced manner to cyberattacks. By improving security and preventing unauthorized access to data and backup systems with secure access. Enhanced reporting and monitoring enable you to identify and detect cyberattacks quickly and enables a fast response to minimize the damage. Once an attack has been successfully dealt with, organizations need to be ready and able to recover their systems and data in an advanced fashion by leveraging automate recovery orchestration.
Fast response to cyberattacks
Dealing with a cyberattack is a disaster every business will inevitably face. Utilizing a monitoring and analytics tool, you can help identify abnormal activity quickly, helping to minimize and mitigate an attack. Veeam ONE provides full visibility into your environment, giving you the tools to proactively manage and monitor data protection status. Veeam ONE monitors the backup infrastructure and its components, allowing you to receive notifications of backup jobs failing, unauthorized changes being made and if components are not configured properly. These alerts can notify you that further investigation needs to happen. Alarms can notify and be set to perform remediation manually or automatically. For example, if the suspicious incremental backup size alarm is triggered you can set an action to “Add job to a SureBackup job and start verification,” this will allow you to quickly check the restore point containing the suspicious increment.
Not only does Veeam ONE have alarms, but it also has reports. Receiving a report daily, weekly or monthly ensuring your machines are protected and meeting recovery point objectives can help you maintain compliance. This allows you to stay secure by always knowing your protection status.
Secure access
To prevent unauthorized entry to the backup console, Veeam Backup & Replication supports multi-factor authentication (MFA) for additional user verification. A one-time password (OTP) generated in the mobile authenticator application is used as a second verification method. Combined with login and password credentials, it creates a more secure access environment and protects user accounts from being compromised and abused.
To prevent unauthorized entry to the backup console, Veeam Backup & Replication supports multi-factor authentication (MFA) for additional user verification and automatic console session logoff through a configurable console inactivity setting. Worry not if picking up that coffee is taking longer than expected!
You can enable 2FA for individual accounts in the Users and Roles settings of your backup server and enroll in an authenticator application of your choice to receive these one-time codes. Remove any groups in the window and make sure to apply the principle of least privilege to the users listed and give them the correct role to do their job properly.
A one-time password (OTP) generated in the mobile authenticator application is used as a second verification method. Combined with login and password credentials, it creates a more secure access environment and protects user accounts from being compromised and abused.
Just scan the QR-code with the mobile authenticator application of your choice to activate and connect 2FA to the user account.
Another important part of secure access is visibility in any changes being made. Over 90 additional events were added to the Windows Event to track those changes. Log and built-in audit logs are based on customer feedback, including various tasks performed by backup administrators. In addition, whenever a backup server fails to create an event log item, it will now send the corresponding SNMP trap alert to notify users of this situation.
Veeam ONE can show all changes on all backup objects through the Backup Objects Change Tracking report. This report allows backup administrators to get details on recent infrastructure modifications made to target objects so that any unwanted action can be quickly rolled back.
Proven recovery orchestration
When a cyberattack does happen, organizations should already have a disaster recovery plan prepared to address recovery. Orchestrated recovery can help remain compliant and ready for disaster. Veeam Recovery Orchestrator can orchestrate recovery for multiple machines, provide DR testing and equip you with documentation for compliance.
By being able to orchestrate recovery to Microsoft Azure you gain additional business resiliency. This capability is possible for virtual and physical machines running the Veeam Agent. However, when you’re hit with a cyberattack, you need to make sure before you restore that your data is clean, and not also infected. This is where Clean DR comes in. When you run an Orchestration plan in Veeam Recovery Orchestrator you now have the option to scan restore points for viruses, malware and ransomware using Veeam Secure Restore.
By enabling ransomware scan, Veeam Recovery Orchestrator can scan multiple restore points with an antivirus solution. If ransomware is found, you have the additional options to stop the recovery from happening or continue the recovery but to a designated quarantine network. This feature supports several anti-virus solutions in Windows OS. This feature ensures that you’re not restoring compromised systems and/or data back into your production environment.
Conclusion
When it comes to ransomware, it’s not a matter of if, but when. The Veeam Data Platform gives you the ability to stay cyber resilient to defend, mitigate and minimize a cyberattack. Understanding the tools you have in your arsenal to improve security and minimize unexpected downtime can help ensure your organization is defending itself from today’s cyber threats.
For those of us who have been in the business of backing up data for a while, we’re used to making copies of data on different types of media. I won’t date myself by mentioning reel-to-reel tapes, but the journey started with tape and then backing up data to block/file-based disk storage came along. More recently, a new kid on the block has become a popular destination for backed up data, object storage. Veeam started to use object storage as a target when we released Veeam Backup & Replication 9.5 Update 4 in January 2019 by introducing our use of AWS S3 compliant object storage via the Capacity Tier. A year later, we launched Veeam Backup & Replication v10 which featured support for object locking to provide data immutability for object storage. Immutability provides protection from ransomware attacks by locking the objects which prevents them from being modified or deleted by malicious software or humans. Today, Veeam Backup & Replication is protecting hundreds of petab...
Before Veeam Backup & Replication v11, the product used SQL Server to create and store its configuration database. It has always been possible to use SQL Server Express to store a Veeam Backup & Replication, however, this version of SQL Server had some critical limitations. In the 2022 version of SQL Server Express, the most relevant limitations were: Use of one socket or four cores Use of only 1.4GB per instance 10GB limit for databases In an environment of 500 machines or fewer, these limitations may not have an impact, but if you have a large backup environment, you had to migrate to one of the paid SQL Server versions to avoid these limitations. You can check the limits for each version of SQL Server 2022 by clicking this link . For V12 and with scalability, performance and licensing cost in mind, Veeam introduced the possibility of using PostgreSQL as a configuration database. PostgreSQL is a relational database management system that’s been used for over 35 years...
update notice: The information in this blog post has been updated on April 1st, 2022. Since Veeam Backup & Replication version 10, it’s possible to back up NAS shares with the SMB (CIFS) and NFS protocol. One of the challenges with backing up large file shares is doing so in a consistent state. This blog post shows how to create a consistent backup of an SMB share hosted on a NetApp ONTAP based storage. NetApp storage snapshot, Microsoft VSS snapshot or Storage Integration? Veeam offers three ways to back up a NetApp ONTAP SMB share in a consistent state. With NetApp storage integration From a NetApp storage snapshot (without integration) With Microsoft remote VSS snapshot Using the storage integration is the easiest way to get the latest state with very few configuration steps. Using an alternative snapshot path allows complex scenarios like backing up from a SnapMirror/SnapVault location but it involves scripting or a schedule on NetApp to create and delete t...
Comments
Post a Comment