ExaGrid Time-Lock – Who’s (still) afraid of ransomware?

Introduction

Ransomware currently represents one of the most prominent threats to IT infrastructures. Reports of successful attacks are accumulating, the attacks are getting closer. More than 30% of all companies, institutes, universities or public authorities in Germany have already dealt with such attacks. In some cases, a ransom was paid to get access to their own data again.

Even with payment, success is never certain. After all, one negotiates with criminals. Authorities therefore advise against payment.

The essential protective measure against the consequences of such an attack is an up-to-date and consistent backup.

Ransomware vs. Backup

Unfortunately, attackers also know about the importance of backups. The currently circulating malware, such as Emotet or Ryuk, contain code that actively searches for backups on the net. Using previously obtained access data for Active Directory accounts or by attacking via RDP exploits or using the brand-new Zerologon exploit an attempt could be made to take over the systems that operate the data backup in the company or hold the backup data.

The automatic attack is often followed by hackers in the flesh who actively browse the net and try to destroy all backups. This is often an easy task, since backups today are preferably held on hard disk systems, permanently connected to the infrastructure.

The reason is obvious: If all backups are deleted or also encrypted, the compliance of the “customer” to pay his ransom increases by far.

Many approaches have therefore already been conceived to store the backup data out of reach of an attacker. A very simple and secure variant is an Air-Gap – a physical separation of the backup media from the system. For example, LTO tapes can be physically removed from the library.

Without this kind of time-consuming manual extraction – which would also have to be performed daily – the data remains latently vulnerable. It doesn’t matter whether it is stored on disk systems, dedup appliances, tapes in a library or even in an S3 cloud repository.

S3 cloud providers have therefore proposed an API extension called “Immutability” some time ago. With this, at least the backups in the cloud layer can be made immune to changes for a certain time.

Some of these solutions are natively supported by Veeam. Amazon AWS is one of them. Microsoft Azure is currently still missing. Furthermore S3 memory is not suitable for every application. A primary backup with Veeam on S3 is for example not directly possible. The S3 layer is only available as an extension of a scale-out backup repository.

10. June 20202. September 2020

Veeam Storage Plugin for DataCore – Deepdive

Any questions, remarks or additions: melter[at]idicos.de

SANsymphony meets Veeam Backup and Replication – true love in the end!

In December 2019 the plugin for the popular DataCore SANsymphony SDS was finally released. And it is done in the only proper way: With full support and validation by Veeam.

In this article series we will cover several aspects of the plugin:

Scope, features and license requirements for Veeam (just read on)
Installation and configuration
BfSS Jobs
Manual snapshots and snapshot-only jobs
Recovery from snapshots
Off-label usage together with CDP

Pages: 1 2 3 4 5 6

26. February 2019

Veeam Backup support for Server 2008 will end with next major release

Next major release of Veeam Backup & Replication will no longer support several Windows versions. That was announced by Anton Gostev in his weekly forum digest on Feb. 25th 2019.

Veeam Backup & Replication components will no longer support being installed on Windows Server 2008 SP2, Windows 8.0 and Windows 10 1507/1511. However, Windows Server 2008 R2 SP1, Windows 8.1 and Windows 10 (1607 or later) will continue to be supported. Also, Microsoft Windows 7 SP1 continues to be supported as before.

Server 2003 und XP guest OS affected

Application-aware processing and guest file system indexing will no longer support Windows Server 2003 and Windows XP virtual machines. However, crash-consistent backup of such VMs will of course still be supported – as generally speaking, we don’t care what’s inside those images we’re backing up (and whether there is any OS at all).

Curtains für vSphere 5.0 und 5.1

VMware vSphere 5.0 and 5.1 will no longer be supported. However, vSphere 5.5 will continue to be supported. Importantly, the new VeeamCDP functionality specifically will require vSphere 6.5 or later due to its platform dependencies.

VeeamCDP only for vSphere 6.5 and later

The long announced and postponed feature VeeamCDP will require vSphere 6.5 and later versions.

5. October 20189. October 2018

VeeamON Virtual Event – save the date

Virtual Online-Conference on Dec. 5th 2018

2018 VeeamON took place in Chicago. Not everybody had the time or funding to go there. But there’s good news. Like in the years before there’ll be a virtual conference that makes it easy to attend. Join VeeamON Virtual 2018 from your desk, couch or garden hammock.

It’s been a pleasure being media partner for the event last year. And so I will join this year’s event too. Stay tuned!

Registration

Grab your virtual seat and save the date on December 5th 2018. Registration is free but priceless.