Snap joins rivals Facebook and YouTube to fight terrorism

Source: Microsoft more
 Snap Inc has joined the Global Internet Forum to Counter Terrorism, which sees consumer internet companies cooperating to stop the spread of terrorism and extremism online. Facebook, Google and YouTube, Microsoft and Twitter formed the GIFCT last month, and tomorrow it will host its first workshop with fellow tech companies plus government and non-governmental organizations. Read More
Snap joins rivals Facebook and YouTube to fight terrorism

Google Calendar now plays nicer with Microsoft Exchange

Source: Microsoft more
 Google today announced a small but important update to how Google Calendar and Microsoft Exchange can work together going forward. It’s not unusual for a company to still use both Google’s G Suite tools and Microsoft Exchange in parallel, and with this update, G Suite admins can now allow their users to see real-time free/busy information across the two systems. This means tools… Read More
Google Calendar now plays nicer with Microsoft Exchange

Minecraft’s cross-platform ‘Better Together’ update arrives in beta

Source: Microsoft more
 Minecraft’s “Better Together Update” is rolling out now in beta, for players on Windows 10 PCs and Android devices. That means players on either platform with the beta installed will be able to participate in games from either type of device, together in cross-platform play.
This update was originally revealed at E3 back in June, and includes other feature additions like… Read More
Minecraft’s cross-platform ‘Better Together’ update arrives in beta

Attention: Your backup infrastructure is under attack

Source: Veeam

“There are two types of companies: those that have been hacked and those who don’t know they have been hacked,”

– John Chambers, CEO Cisco.

We are talking about cybercrime, a global industry bigger than illegal drug trafficking. That being said, you can be quite sure that your backup infrastructure will be under attack in the future if it’s not already.

The backup infrastructure is a primary target for attack because all relevant environment data is stored in that one single place. Second, if an attacker wants to destroy data, the backup environment is a good starting point because the backup server has access to pretty much every other important system, such as virtualization platform or storage systems.

It just takes a few PowerShell commands to destroy the virtual infrastructure, backups or even a company, as you can see in the following video.

To be clear, this fundamental issue is nothing specific to any piece of backup software — it applies to all backup solutions, but especially those which are agentless. The first example provided focus on an external attacker, however what about attacks that come from the inside that could occur from an IT administrator of your company? One good example of this is the Dutch hosting provider, Verelox.

Protect the passwords

The Veeam Backup & Replication user guide provides a good introduction on how to secure the backup environment in a few simple ways:

  1. Restrict user access
  2. Ensure physical security
  3. Encrypt backup data

However, if your credentials are compromised, then the attacker owns your backup environment. This attacker now has the power to do massive harm to your IT infrastructure. A privileged attacker can now obtain the credentials of user accounts and compromise other systems. For example, the password of a storage system with Veeam snapshot integration could be used to delete all volumes and LUNs of these storage systems. Again, this is nothing Veeam specific, but it points to the extreme importance in guarding access to the infrastructure as well as its credentials.

One of the standard recommendations is to use strong passwords and protect them. With the Veeam Backup & Replication Application-Aware Image Processing, every VM administrator can find MsCacheV2 hashes of the Application-Aware Image Processing’s user in their VM. In today’s standards, the MsCacheV2 is considered to be a secure hash. Veeam Backup & Replication administrator should keep in mind that weak passwords can be cracked anyway. For example, Sagitta states to be able to brute-force more than 2,500,000 MsCacheV2 hashes per second on a standard x86 hardware. This is too slow to crack strong passwords, but might be good enough for weak passwords. There’s a really good blog written by 1e Software on how attackers use brute force to crack hashes by using modern day GPUs.

Note: MSCacheV2 is the hash type for domain accounts and NTLM is the hash type for local computer accounts.

Sagitta

Source: https://sagitta.pw/hardware/gpu-compute-nodes/brutalis/

It sounds obvious, but having strong passwords is worth nothing if an attacker knows them. Almost all Veeam components are Windows based. This means you can apply the Microsoft security guidelines for the Veeam environment itself, and there are many good sources from independent security researchers as well as Microsoft themselves.

One way to gain knowledge of passwords is network sniffing. Sniffing a switched Ethernet network has been an easy task for many years. Graphical and console sniffing tools are widely available as open source, free and commercial software. The following video shows how easy it is to sniff a HTTPS connection. Who has never clicked on “accept” on a certificate error?

Keep in mind that versions before 9.5 did not use HTTPS by default, as the example shows the Veeam ONE web interface. To secure older versions of Veeam ONE Reporter and Business View, please refer to the user guide.

Backup and vSphere security

Veeam Backup & Replication connects to the vCenter to manage the backup and restore activities of virtual machines. From a security point of view — and this is absolutely considered best practice — work with the least amount of privileges required. VMware vCenter offers granular permissions to allow backups (in contrast to Hyper-V clusters or Microsoft SCVMM) and restores.

Within Veeam Backup & Replication, the different backup modes — Network, Virtual Appliance, Direct Storage Access — each require different permissions. The required permissions (also valid with version 9.5) document contains a detailed description of which permissions are required to configure for each backup mode. A security relevant permission for the “Virtual Appliance” backup mode is that it requires the “remove disk” permission.

These security considerations can influence the choice of the backup mode. It is also possible to restrict specific backup servers (if you have multiple) to specific locations or objects in vCenter.

Physical security

Improving IT security with organizational guidelines and awareness trainings, along with hardware and software, raises the bar for an external attacker. Organizations should not forget that many attacks on IT infrastructure systems today are based on social engineering or on-site physical attacks. An old, well-known weakness is attacks on “mifare classic” door access systems.

“mifare classic” door access systems

Those “mifare classic” access systems still exist in many facilities. The access keys can be easily copied in a few seconds with a smartphone. With access to the server-room, an attacker could easily steal tapes or even worse — steal the actual backup hardware, which brings us back to the beginning. Encrypt your backups!

Conclusion

Be aware that the backup infrastructure and its data are the most interesting targets for an attacker. Following the 3-2-1 Rule, air-gapped protection, separation of permissions and responsibilities, along with network segmentation, are all keys to success. Securing the backup environment is more than just setting a checkbox. A good starting point for Veeam users is the Veeam user guide and the best practice guide.

The post Attention: Your backup infrastructure is under attack appeared first on Veeam Software Official Blog.

Attention: Your backup infrastructure is under attack

Veeam wishes you a Happy 2017 SysAdmin Day!

Source: Veeam

Happy 2017 SysAdmin Appreciation Day! Today, we celebrate YOU, the unsung heroes of organizations around the world.

Each year on the last Friday of July, we honor system administrators everywhere. We are grateful for stable internet connections, working printers and fast computers. We have grown to expect these tools to always be up and running, day or night. And most of the time they are, thanks to our amazing colleagues in the IT department. System administrators don’t always get the appreciation they deserve, but today, we officially want to say thank you.

SysAdminDay

To celebrate this important day, we’ve prepared some cool assets for you, so keep reading!

NFR keys

With Veeam NFR (Not-For-Resale) license keys, you can use our products for one year in your own home lab for training, testing or demo purposes. VMware vExperts, Microsoft MVP, VTEC members, certified engineers and trainers are all eligible for FREE NFR Keys — and the licenses have no feature limitations. Get your FREE key!

FREE Veeam tools

These FREE solutions for your organization or personal use provide a high level of protection for your data at no cost:

  • Veeam Backup Free Edition — This easy-to-use tool allows you to back up an unlimited number of VMware and Hyper-V virtual machines, and it never expires.
  • Veeam Agent for Microsoft Windows FREE — This is the perfect solution to create backups for your Windows endpoints, and to recover your data fast if there is a failure.
  • Veeam Agent for Linux FREE — Now you can backup and restore your Linux systems, whether they are running in the public cloud or on-premises.
  • Veeam Stencils for Microsoft Visio — This handy stencil collection is perfect for any system administrator working with presentations, reports or documentation

DRaaS For Dummies

Because the cloud is the new normal for modern datacenters, Veeam partnered with Wiley to publish DRaaS For Dummies, a FREE e-book on Disaster Recovery as a-Service (DRaaS) basics. This e-book is ideal for any IT pro looking to learn more about DR planning, DRaaS best practices and key DRaaS benefits for organizations. Download it here.

Conversational Ransomware Defense and Survival

Ransomware is a growing threat, which makes it important to understand how it works so you can fight it. Veeam and Conversational Geek teamed up and published Conversational Ransomware Defense and Survival, an e-book that explains ransomware preparation, protection and recovery. To learn more, you can download this FREE e-book here.

 

Writing this blog post wouldn’t have been possible without my system administrator, who always makes sure that my computer and internet connection are both up and running. Today, I send wishes for a happy 2017 SysAdmin Day to all system administrators, including mine!

The post Veeam wishes you a Happy 2017 SysAdmin Day! appeared first on Veeam Software Official Blog.

Veeam wishes you a Happy 2017 SysAdmin Day!

The Hidden Node

Source: Meraki-Cisco

By Steve Harrison

Screen Shot 2017-07-26 at 8.26.05 AM

Introduction

This is the first in a series of blog posts that focus on wireless security and technology at Cisco Meraki.

It is generally good practice to connect to a secure SSID, and if we have to connect to an open or insecure SSID, to use a client VPN (both of which Cisco Meraki have great technologies to help with). But we are seldom told why this is the case, without the explanation involving lots of technical terms.

To put it simply, it’s challenging and sometimes impossible to control who can hear what you say on a wireless network.

That’s because wireless networks are Carrier Sense Multiple Access with Collision Avoidance, or CSMA/CA for short. This means that multiple clients can access the network (and now simultaneously with 802.11ac Wave 2) and they will do their best to not run into one another, sort of like a road. In a similar manner to driving roads, wireless networks have rules to avoid collisions, like waiting for your time slot to use the network (akin to waiting at a red light) or for the medium to be free (similar to making sure there are no other vehicles on the road). Unfortunately, wireless transmissions move at the speed of light, meaning that thanks to Einstein and Maxwell, that there is no physical way of getting prior notification of a transmission arriving.  

As a result, it’s actually impossible to avoid collisions, unlike with wired Ethernet networks, where each client’s connection to the switch is uncontended. Luckily, the 802.11 Standards Body thought of this and came up with the handy algorithm here.  This states that you must listen to the medium before transmitting, which in our road analogy, means that as long as there are no cars passing right now, just go for it. If the medium or “road” is busy, then wait a predetermined amount of time, plus a random additional time, before checking again.  

Screen Shot 2017-07-26 at 9.51.10 AM

The more courteous drivers amongst you will have noticed a potential problem: if you start transmitting and someone else near you also starts to transmit, then those frames are going to collide and likely neither of you will be understood. In our road analogy, imagine we can’t see the opposite lane in an intersection and it’s not until we get into the middle of the intersection that we realize someone else has also entered from another entrance…we may end up with catastrophic results!

Screen Shot 2017-07-26 at 8.26.53 AM

This problem is further compounded in wireless networks because the two colliding clients could be on opposite sides of the wireless cell. This can be hard to visualize, so the below diagram shows how both Client A and Client B can transmit to the access point but they can’t directly transmit to one another:  

Screen Shot 2017-07-26 at 8.27.14 AM

So, without an additional mechanism, there’s no way to avoid collisions! Client A and Client B are hidden nodes: they are completely “hidden” from one another.

The Additional Mechanism – RTS/CTS

802.11 wireless networks solve this problem through the use of an additional optional handshaking mechanism called “Request to Send/Clear to Send” or RTS/CTS, shown here. This is much like an intersection on a road that is controlled by pressure-pad-triggered traffic lights, whereby a light will stay on red until a car rolls onto the pressure pad. At this point, the control system knows that a car is waiting at the light on red, this is like a request to send.  The light for the waiting car then goes to green, which is much like a clear to send, at which point the car (or data in a wireless network) moves off from the pressure pad, which is similar to an ACK, which is an acknowledgment. This means that in busy networks, more RTS/CTS messages will be seen, which is why it’s often used as a key factor in determining how busy wireless networks are. Given the speed of modern wireless networks, however, this mechanism is seldom implemented and is typically only used if the total packet size exceeds 2347 octets, which is similar to an 18-wheeler, that will take a long-time to clear an intersection and hence, have more chance of something driving into it or “colliding” in wireless networks.

Screen Shot 2017-07-26 at 9.51.34 AM

What Does That Have to Do With Security?

In and of itself, nothing. But the fact that wireless networks need these mechanisms to ensure they perform well does serve to highlight just how open wireless networks are. Also, bear in mind that someone using a high-gain antenna doesn’t have to be physically close to you to be listening in to your wireless communications. If we extend out our analogy further, this is akin to someone watching the intersection with a pair of binoculars or a telescope. So, if you were shipping a top secret spy plane on the back of a flat bed being pulled by an 18-wheeler, then you’d better make sure the trailer is covered, which is what CCMP encryption does in wireless networks, but that’s another topic for another blog post.

I know some people will always think that this is overly cautious or scaremongering, but it is relatively trivial to build a high gain antenna out of household items, such as:

Screen Shot 2017-07-26 at 8.27.59 AM

*Yes, you can use an empty can of Pringles to wirelessly eavesdrop of 802.11 networks! ** No, you don’t have to use ‘Dill Pickle’ flavour ***Image credit to Tommaso Righetti – https://www.youtube.com/watch?v=PDb16PNgYPc

This makes it even more important to be cautious and to protect yourself when you connect to open wireless networks. So, the next time you connect to the Wi-Fi at your favorite coffee shop, make sure you’re using a client or per-app VPN.

 


The Hidden Node

A deep dive on VMware vSAN 6.6 and Veeam integration

Source: Veeam

Hyper Converged Infrastructure (HCI) is starting to disrupt traditional storage markets (SAN, NAS + DAS) as enterprise IT begins to replicate Hyperscale public cloud provider’s infrastructure. Public cloud giants such as AWS and Microsoft Azure have developed their own scale-out, software-defined enterprise storage built on commodity servers and disks. Adding the enterprise features from existing SAN and NAS devices into software allows the use of commodity hardware while shifting the storage directly to the host to improve performance and scalability. The storage is provided directly by the host. The storage is scaled-out, as are the compute resources, providing a truly scalable and cost-effective solution.

A report from 2016 shows the predicted change from traditional storage to HCI and Hyperscale technologies for the next 10 years.

VMware vSAN 6.6 and Veeam integration

Even though different vendors provide HCI solutions, but I am not here to compare features between them. VMware’s HCI offering is VMware vSphere combined with their Software Defined Storage (SDS) solution — VMware vSAN. I will cover vSAN and Veeam’s recent announcement to provide further support.

VMware vSAN: What is it and what challenges does it overcome?

With traditional storage, customers faced several challenges such as the hardware was not commodity and it often created storage silos that lacked granular control. Deploying traditional storage could be time consuming because it often included multiple teams and lacked automation.

By moving the storage into software, vSAN provides a linear scalable solution using the same management and monitoring tools VMware admins are already using, while also providing a modern, policy-based and automated solution.

What does the VMware vSAN architecture look like?

vSAN is an object-based file system where VMs and snapshots are broken down into objects and each object has multiple components. vSAN objects are:

  • VM Home Namespace (VMX, NVRAM)
  • VM Swap (Virtual Memory Swap)
  • Virtual Disk (VMDK)
  • Snapshot Delta Disk
  • Snapshot Memory Delta

Other objects can exist such as vSAN performance service database or VMDKs that belong to iSCSI targets. An object can be made up of one or more components, depending on different factors such as the size of the object and the storage policy assigned to the object. A storage policy defines such factors as Failure to Tolerate and stripe size. For an object to have a failure tolerance of RAID 1 would mean two full copies of the data is distributed across two hosts with a third witness component on a third host, resulting in tolerance for a full host failure. Rack awareness and multiple-site fault domains can also be configured, which can dictate how the objects are distributed.

vSAN uses the concept of disk groups to pool together flash devices and magnetic disks as single management constructs. A disk group is comprised of one flash device for the read cache/write buffer and up to seven capacity devices that can be magnetic disks (Hybrid mode) or flash (All-Flash mode). A disk group must have a cache tier with a capacity tier, and a host can have up to five total disk groups.

Any supported hardware can be used for vSAN. VMware has extensive HCL available, but it also provides vSAN-ready nodes with a multitude of server hardware vendors that come pre-built with all supported hardware.

Other HCI providers require a virtual appliance to run on the host for offloading to the storage. This typically requires reserved CPU and memory from each host in the cluster. vSAN is directly embedded into the vSphere hypervisor kernel by deployment of the vSphere Installation Bundle (VIB). vSAN does still require resources, typically up to 10% of the hosts compute, but this doesn’t compete with other VMs for resources. Because it is integrated with vSphere, the admin uses the same tools to manage that are used for vSphere, and vSAN has full support for native vMotion and DRS.

Standard and 2-Node Cluster deployment methods are supported with vSAN Standard licenses, with Stretched Cluster deployment enabled through the vSAN Enterprise license. Because the vSAN is all in the software, these deployments can be scaled as required.

VMware vSAN 6.6 and Veeam integration

A Stretched vSAN Cluster configuration enables high Availability across datacenters with zero RPO and by leveraging storage policies redundancy that can be specified locally within a site or also redundancy across sites on a per-VM basis.

Advanced features can be enabled to make efficient use of the storage, features such as deduplication, compression and erasure coding. Deduplication and compression can be simply enabled from a drop-down box on an All-Flash configuration. Savings here will vary depending on the type of data, but it is reported to be as much as 7x savings. Deduplication and compression is a single cluster-wide setting to enable and disable. Deduplication occurs when the data is de-staged from the cache tier to the capacity tier and is limited to the disk group. Compression is applied after deduplication just before the data is written to the capacity tier.

Erasure coding is another feature available for All-Flash configurations that provides the same level of redundancy as RAID 1. It reduces the capacity requirements by taking the data and breaking it into multiple pieces, spreading it across multiple nodes and adding parity data so it can be recreated in the event one of the pieces is lost. To use erasure coding RAID 5, a minimum of four hosts are required in the cluster. To use erasure coding RAID 6 a minimum of six hosts are required.

VMware vSAN 6.6 and Veeam integration

VMware vSAN 6.6 features

VMware has been running on a six-month update cycle since 2015, with 6.6 the latest version released. This version brings over 20 new features, with the key ones listed below:

  • Native encryption data-at-rest
  • Resilient management independent of vCenter
  • Stretched clusters with local failure protection
  • Simple networking with Unicast
  • vSAN easy one-click install

VMware vSAN 6.6 requirements and considerations

To run vSAN 6.6, consider the following requirements:

  • Must be running at least vCenter Server 6.5.0 d
  • Must be running at least vSphere ESXi 6.5.0 d
  • Minimum of two physical hosts with a configured disk group using a witness appliance
  • Minimum of three physical hosts for standard vSAN (at least four recommended)
  • 10 Gb network for All-Flash/minimum dedicated 1 Gb for Hybrid
  • Minimum of one flash device for cache tier and minimum of one capacity device for capacity per host
  • Hybrid and All-Flash disk groups cannot be mixed
  • Minimum of 32 Gb of RAM per host participating in vSAN
  • Consider using vSAN ready nodes and consistent hardware configuration in the vSAN cluster
  • Consider deploying vSAN with virtual Distributed Switches (vDS) to your Network IO Control

VMware vSAN 6.6 and Veeam 9.5 — Better together

That’s scalability and the required infrastructure covered, but what about data Availability?

Other HCI vendors include their own backup solutions, which have various levels of features. VMware has a very strong relationship already with existing Availability vendors such as Veeam using the vSphere Storage APIs. Instead of developing another backup solution for vSAN, the customer has the choice to take advantage of existing mature products. Many customers already using Veeam Backup & Replication can also use it with vSAN.

Veeam recently announced that it is certified on vSAN. Interestingly, though, Veeam released support for vSAN back in 2014 with the release of patch 4 for Veeam Backup & Replication 7.0. Veeam vSAN integration allows the Veeam proxy to recognize VMs running on a vSAN datastore, but it also uses smart logic for processing vSAN datastores. Since vSAN is distributed on local storage across multiple hosts, Veeam obtains information about the data distribution from vCenter. If there’s a local proxy to the data, Veeam gives priority to that proxy to reduce network traffic. This is because the data object may not necessarily reside on the compute host since with vSAN there is no data locality. To accomplish this, it is recommended that you have a virtual proxy, per vSAN node.

Veeam can also recognize Storage Policy-Based Management (SPBM) that vSAN uses. By using policy-driven storage, the customer can assign different SLAs for a given workload. The SLA can be based on performance or tolerance to failure acceptance. Veeam recognizes configured SPBMs and automatically backs up and restores these for each virtual disk upon a full VM restore. This means that when a VM is fully restored to its original location, it falls back into compliance-preserving SLAs.

Veeam Backup & Replication support for VMware VVOL

The most recent support for vSAN 6.6 is included in Veeam Backup & Replication 9.5 Update 2. In addition, Veeam is now listed in the vSAN HCL for vSAN Partner Solutions.

Read also:

 

The post A deep dive on VMware vSAN 6.6 and Veeam integration appeared first on Veeam Software Official Blog.

A deep dive on VMware vSAN 6.6 and Veeam integration

Active Directory comes to MC

Source: Meraki-Cisco

Last week, Active Directory integration was released to all MC networks. For customers that manage their corporate directories through AD, a local server can now be used as a single source of truth for phone users.

Active Directory is the most commonly used directory software in the world, and by supporting it on the MC product line, IT administrators will have one less dependency to worry about when managing their communications system.

AD

As always, this new integration was released right to the dashboard, with no need for additional licensing: just another example of how Meraki continually works to increase the value of our solution.

To learn more about MC’s Active Directory integration, check our documentation. To try out the MC74, contact a Meraki rep today.

 


Active Directory comes to MC

How to back up from HPE 3PAR StoreServ secondary storage array

Source: Veeam

You most likely know that Veeam leverages storage integration with (Hewlett Packard Enterprise (HPE), Nimble Storage, NetApp, Dell EMC and Cisco HyperFlex to provide Backup from Storage Snapshots capability, which helps reduce the impact on the production data and performance due to data protection activity. You may also know that Veeam can also provide backup from a secondary storage array to reduce impact on the production environment even further with Nimble Storage and NetApp. And as an Alliance Systems Engineer in charge of HPE, I often get the following question from HPE technical field people: “Why don’t you support this with 3PAR?” Well, we do! There are some differences, but it’s still similar. Let’s explore how backup from a secondary 3PAR array works with Veeam Backup & Replication.

Backup from a secondary HPE 3PAR StoreServ array

In the case of NetApp or Nimble Storage, backup from a secondary array process is asynchronous. The storage snapshot is first triggered on the primary array, then it’s copied or replicated to the secondary storage array, and finally, the latter can be mounted on a Veeam proxy to run the actual backup job. It also means that active production data is stored on the primary array.

How to back up from HPE 3PAR StoreServ secondary storage array

With HPE 3PAR StoreServ, the main requirement is that a Peer Persistence relationship is configured between the two arrays. This allows volumes to maintain a synchronous copy of themselves on the other array, which is the main difference compared to other storage systems. The replicated volumes are exported in a read-only mode and thus act as passive volumes. In such a configuration, both arrays are active and hold primary production volumes and secondary volumes. Note that we can back up or replicate VM data from both arrays, thanks to this.

The second difference here with HPE 3PAR StoreServ is the workflow during backup. When Veeam Backup & Replication is configured to use snapshots of secondary volumes, the storage snapshot is triggered directly on the secondary volume, which means that the primary one remains untouched from a backup activity perspective.

How to back up from HPE 3PAR StoreServ secondary storage array

However, this isn’t the default behavior of Veeam Backup & Replication. If not configured accordingly, it will still trigger a storage snapshot on the primary volume. Let’s see how to configure the backup server to enable backup from a secondary HPE 3PAR StoreServ volume.

Configuring Veeam Backup & Replication

Unlike many other features, this one isn’t configured in the GUI us it is usually. Enabling it is controlled through the Windows Registry on the machine hosting the Veeam Backup Server role. A new registry key needs to be created using the following parameters:

  • Location: HKEY_LOCAL_MACHINESOFTWAREVeeamVeeam Backup and Replication
  • Name: Hp3PARPeerPersistentUseSecondary
  • Type: REG_DWORD (0 False, 1 True)
  • Default value: 0 (disabled)

To enable the feature, the value must be set to 1. For the new setting to be effective, you need to restart it manually.

Now let’s take a look at the HPE 3PAR StoreServ Management Console when this is configured in a real production environment.

On the screenshot below, we can see the highlighted volume named ***5-VOL05-DD-RCPP owned by the 3PAR StoreServ system named ***PHY0015. We’re going to run a backup job for VMs stored on this volume.

How to back up from HPE 3PAR StoreServ secondary storage array

Thanks to the existing Peer Persistence relationship between system ***PHY0015 and system ***PHY009, we can see three things on the next screenshot:

  1. The replica of the primary volume, which is named REPLI-***5-VOL05-DD-RCPP and owned by system ***PHY0009
  2. The storage snapshot taken on the replicated volume, which is named Veeam_ REPLI-***5-VOL05-DD-RCPP
  3. The comments in the details panel on the right, which says “This snapshot is used and managed by Veeam Backup & Replication”

How to back up from HPE 3PAR StoreServ secondary storage array

Summary

Backup from Storage Snapshots is a great feature to better preserve production data and achieve a higher level of Availability. It’s even greater when you can make sure that active production data remains untouched by backup activity, thanks to the advanced storage integrations we have with our Alliance partners such as Nimble Storage and NetApp and the capacity to back up from a secondary storage array. And now you know that we can also do this with HPE 3PAR StoreServ!

The post How to back up from HPE 3PAR StoreServ secondary storage array appeared first on Veeam Software Official Blog.

How to back up from HPE 3PAR StoreServ secondary storage array