Cisco HyperFlex Multi-Cloud Platform adds Hyper-V support

Source: Veeam

Buenos dias from Cisco Live in Barcelona! You know what makes Spanish paella so delicious? It’s the blending of a variety of ingredients into a succulent dish chock full of flavor. The perfect marriage of meat, seafood, rice and seasoning to deliver a dish that is both beautiful and absolutely yummy. The Cisco and Veeam partnership reminds me a lot of a perfect paella. Mix the two together and you get a perfect Availability solution chock full of features, functionality and real value for our customers.

And today, it gets even more tasty with the announcement of Cisco HyperFlex 3.0 their, next generation hyper-converged infrastructure platform.

HyperFlex Multi-Cloud Platform

I have been a fan of HyperFlex since its inception. As so often happens, it’s not the first technology to market that ends up being the best, it is often the second or third who develop their solutions based on the experiences of the original ground breakers. Based on the award winning UCS platform Cisco HyperFlex, it brings agility and the ease of use of cloud-based economics to the modern data center. Unlike others, it allows you to scale individual components, like compute and storage, avoiding the need to scale only by adding additional nodes. It utilizes UCS manager so you can manage not only your hyper-converged infrastructure, but also any UCS storage servers in your environment, which is a big advantage over standalone hyper-converged infrastructures.

Now HyperFlex gets even better! With the HyperFlex Multi-Cloud Platform announcement, they have added support for Hyper-V, centralized cloud-based management, increased compute and storage node cluster scale, Flex Clusters which allow HyperFlex to be operated across data center locations, cloud mobility and self-service features with CloudCenter, and workload optimization with Cisco Workload Optimization Manager (CWOM).

With the addition of Hyper-V, Cisco HyperFlex can take advantage of Veeam’s Windows server 2016 functionality for production checkpoints and resilient change tracking and offer enterprise-grade data protection for application running in Microsoft Hyper-V environment.

Hyper-convergence at a multi-cloud scale

While that sounds like a lot, I think you can see there is a definite theme. It’s all about the cloud, and more specifically, it’s about multi-cloud which makes sense as we live in a multi-cloud world. In fact, Cisco is now positioning HyperFlex as HyperFlex Multicloud Platform: an adaptive platform enabling customers to power all their applications with the simplicity of hyper-convergence at a multi-cloud scale. What they are talking about is the ability for customers to deploy and provision at cloud-like speed, consume compute and storage resources as needed, and be able to power any application including multi-cloud hybrid applications efficiently and economically.

At Veeam, we totally embrace this philosophy across physical, virtual and cloud environments, delivering the #1 Availability for any app, any data, across any cloud, supporting any application on any cloud.

In case you missed it, Veeam announced our very first acquisition of N2WS to further broaden our offerings in Amazon AWS environments.

Microsoft, Microsoft, Microsoft

With HyperFlex adding Hyper-V support, there is a pretty good story here with Cisco + Veeam + Microsoft. Now customers that utilize HyperFlex with Hyper-V will get the full support of Veeam to back up and replicate their HyperFlex environments, and they can take advantage of the full breadth of Veeam’s Microsoft solutions. Our seamless solutions provide customers the ability to back up to Microsoft Azure with a cloud service provider, lower costs by archiving data to Azure, mitigate risk by backing up Office 365, and ensure Availability of cloud-based workloads with the protection of Azure virtual machines.

Cisco + Veeam keep getting better together

Cisco Global ISV partner of the year Cisco and Veeam offer our customers modern solutions to meet their Always-On Enterprise challenges. Recently, we announced our third Cisco Validated Design (CVD) for Veeam and HyperFlex, Cisco HyperFlex with Veeam Availability Suite for Multisite Deployments. This builds on the announcement made at the end of 2017 that Veeam is available in Cisco’s dCloud which is a cloud-based platform that provides a powerful way for customers to demo the Veeam and HyperFlex solutions, including our unique native snapshot integration with HyperFlex. Additionally, Veeam was awarded the prestigious Cisco Global ISV partner of the year for 2017 which demonstrates just how advanced our relationship with Cisco has become.

 

While 2017 was quite the year for Cisco and Veeam, I am looking forward to even more greatness in 2018.  ¡Salud!

 

 

Useful resources

The post Cisco HyperFlex Multi-Cloud Platform adds Hyper-V support appeared first on Veeam Software Official Blog.

Cisco HyperFlex Multi-Cloud Platform adds Hyper-V support

Best practices from Veeam support on using tape

Source: Veeam

When speaking about backup storage strategies, Veeam’s recommendation is to keep the initial backup chain short (7 – 14 points) and use general purpose disk that will allow you to recover data in the shortest amount of time. The long-term retention should come from secondary and tertiary storage, which typically boasts a much lower storage cost per TB, but at a trade-off, the RTO when restoring from such storage can take much longer time. Here’s the graphics, which illustrates this scenario:

Best practices from Veeam support on using tape

Additionally, with many new features of Veeam, the tape support now includes putting vSphere, Hyper-V, and Veeam Agents for Microsoft Windows and Linux backups on tape.

One of the most popular choices for backup archival is tape. It is cheap, reliable and offers protection against crypto viruses and hacker attacks. Additionally, it’s offline when not in a tape loader.

With Veeam, IT administrators can use flexible options to create copies of backups and store them on a different media, following the 3-2-1 Rule for the backup and disaster recovery. This blog post provides advice and considerations that will help you create a robust tape archival infrastructure.

How to deploy a tape library and use it with Veeam

When planning and implementing your deployment project, follow the recommendations below:

  1. It is recommended to configure the tape library for use exclusively by Veeam Backup & Replication. Using it together with any third-party tape-recording software (for example, in your evaluation lab) may prevent other software from recording.
  2. To streamline the workflow, use tapes with barcodes. Please check the integrity of the barcodes before you start using the tapes, and make sure the barcode reader is turned on. If you have multiple libraries, ensure that the barcodes are unique throughout the infrastructure.
  3. For increased capacity, use the latest LTO. Since Veeam Backup & Replication 9.5 Update 3, Veeam now supports the LTO-8 format.
  4. If you plan to use encryption for archived data, consider using hardware encryption (implemented in LTO-4 and later). Software encryption can decrease performance.
  5. Do not use hardware compression with compressed Veeam backups. Double compression will not give any benefits and can even increase the size of the file on tape.
  6. Install and check the following:
  • The latest drivers for your tape library. Remember that only the original (OEM) drivers are supported. Drivers supplied with Microsoft Windows are not recommended.
  • The latest changer and controller firmware. Changers working via SCSI are supported.

You will need a tape server that will perform most data transfer tasks during archiving to tape. Check the following prerequisites:

  • This should be a physical machine or a VM connected through iSCSI, since direct pass-through is not supported.
  • Using a Windows 2008 R2 machine for a tape server is not recommended due to the possibility of performance degradation. Instead, use Windows Server 2012 or later to achieve better performance and seamless operation.
  • Best practice is to provide a direct connection from tape server to the repository to improve the performance and specify this preferred repo in tape server connections.
  • If you plan to create synthetic backups, using a deduplication storage is not recommended.

One thing to also consider is to use GFS media pools with the tape support in Veeam. This feature allows longer-term retention to be set easily for tape backups as shown in the picture below:

Best practices from Veeam support on using tape

If you plan to perform file-to-tape archiving for a large number of files (more than 500,000 per job), consider using any commercial edition of SQL Server for Veeam configuration database to support these operations. Configuration database stores information about all files backed up by Veeam Backup & Replication, and using SQL Server Express edition (with its 10 GB limit for a database size) may lead to significant performance degradation. If database size reaches 10 GB, all Veeam operations will stop.

To load or get the tapes from the library, use the import-export slots. If you need to perform these operations manually, remember to stop tape jobs, stop tape server, perform manual operation, start server, rescan or run inventory for the library (to recognize the uploaded tapes) and then restart the tape job.

  • If the tapes have barcodes, then you can perform the rescan.
  • If the tapes do not have barcodes, then you should perform the inventory.

Note: For more information on tape infrastructure and operations, refer to the Veeam Backup & Replication User Guide for VMware or Hyper-V

What to consider before starting the upgrade

If you are upgrading your Veeam deployment, then you should first upgrade the Veeam backup server.

The tape server will be upgraded after that, using the automated steps of the Upgrade wizard that opens after the first launch of Veeam Backup & Replication console. However, you can choose to upgrade it manually by starting the Upgrade wizard at any time from the main Veeam Backup & Replication menu.

If you are upgrading your tape library, consider the following:

  1. To streamline the process and skip the catalogue step, you can add the new library to the existing media pools, and after the old library is switched off, remove it from the media pools.
  2. After connecting the new library to Veeam server, you should load the existing tapes with their barcodes to that new library and perform the rescan. Then you can switch the old library to the offline state (detach it from Veeam server) and then delete it from Veeam Backup & Replication configuration.

What to consider when planning for tape jobs

Before you start configuring Veeam jobs for tape archiving, consider the following factors:

  1. What entities will you need to archive? Will these be files and folders, or VM backups? Do you need to archive full backups only, or both full and incremental backups?
  2. What is the estimated data size?
  3. How often will you need to archive data?
  4. What will be the retention policy for your data?
  5. How often will the tapes be changed? Will they be exported?
  6. What is the tape capacity?
  7. What tape device will be used for archiving?

After these considerations, it is recommended that you double your estimated number of tapes when planning for the resources.

Conclusion

In this blog post, we’ve talked mainly about tape infrastructure. We recognize that when setting up tape jobs, the learning curve can be quite steep. Instead of explaining all the concepts, we chose a different approach. We’ve prepared a list of settings and a well-defined result that will be achieved. You can choose to use them as they are or as a basis for your personal setup. Check out this Secondary Copy Best Practices Veeam guide for more details.

The post Best practices from Veeam support on using tape appeared first on Veeam Software Official Blog.

Best practices from Veeam support on using tape

Why is ransomware still so successful?

Source: Veeam

There’s no end to ransomware in sight. It’s a simple enough attack — install malware, encrypt data/system, and ask for the ransom — so why aren’t we stopping ransomware?  Security vendors are keenly aware of the issue, as well as the attack vectors and methods, but can’t seem to stay a step ahead, causing ransomware to grow form $1 billion in damages in 2016 to an estimated $5 billion in 2017. There are two basic reasons ransomware continues to be a “success” for cyber criminals.

Reason 1: Malware authors are getting better at their craft

Just when we think we’re getting on top of the ransomware problem, our adversaries alter their tactics or produce new techniques to replicate and cause damage and misery. We’ve recently seen ransomware like WannaCry take advantage of unpatched vulnerabilities in the Windows SMB service to propagate around networks, especially those that had SMB open to the internet — A clever technique borrowed from mid-to-late 90s Windows worm malware like Sasser. We’ve also seen malware writers develop new techniques for installing malicious code onto computers via Microsoft Office. While the threat posed by malicious macros in Office documents has existed for a number of years, we’re now seeing the use of a Microsoft protocol called Dynamic Data Exchange (DDE) to run malicious code. Unlike macro-based attacks, the DDE attack doesn’t give the user a pop-up, prompt or warning, so exploitation is far more effective and successful.

The technological advances made by malware authors are significant, but their soft skills, like social engineering, also keep on getting better. Improved writing, more realistic email presentation, and even solid social engineering tactics are all cause for the increase in their success.

And if you’re good at what you do, make it a service and profit on those that have a similar interest, but lack your skills. Thus, “crime-as-a-service” and “malware-as-a-service” now exist, further perpetuating the ransomware problem. The availability and ease of use of these platforms, means anyone can turn to cybercrime and ransomware with little or no coding or malware experience. These platforms and networks are run by organized cybercrime gangs, for vast profits, so we won’t see them going away any time soon,

Reason 2: We’re causing our own problems

Of course, there’s still one large problem many of us have not dealt with yet, and that’s the weaknesses we ourselves cause that become the entry way for the cybercriminals. WannaCry was so successful because it leveraged an unpatched windows vulnerability. NotPetya did the same. So, what are the weaknesses?

  1. A lack of patching – We continue to shoot ourselves in the foot here, because we don’t have solid protection and prevention routines that include the patching of operating systems and applications — especially those leveraged by ransomware authors to gain access.
  2. Not enough (reliable) backups – A lack of validated backups — the primary ransomware recovery tool — can leave us out in the cold and unproductive. It’s a simple equation: if you have backups, you choose recovery over ransom.
  3. User awareness – Users simply don’t understand the threat, the impact, or the cost of a ransomware infection. But, nor should they really — they have a job to do in accounting or sales, not IT security. Even so, putting in solid phishing training and testing can make a material difference.
  4. A lack of least privilege – The more access a user has, the greater scope of infection the ransomware can have. With 71% of end users say they have access to company data they should not be able to see[1], IT has some serious work to do to ensure privileges are locked down.
  5. No layered defense – A single security solution, such as an antivirus, can only do so much to protect the organization. You need solutions like IPS, an email gateway, endpoint protection, and more all working on concert to give ransomware as little a chance of succeeding as possible.

Doing something about the ransomware problem

What should you do to stop ransomware being so successful? Hide? Run away? Unplug the internet? Probably none of those ideas are likely to solve this problem, although out of sight and all that. I mentioned briefly above, the idea of many thin layers of defense, and while ‘defense in depth’ might seem a little old school and became extinct when we lost control of the network perimeter, there are some ideas we can borrow:

  1. Defense in depth – Make sure you have a solid, proactive security stance in place, including: patching, least privilege, user training, etc.
  2. Protect the endpoint – Desktop and endpoint protection solutions can offer some degree of protection, however, keep in mind that malware can adapt itself to these solutions and circumvent them.
  3. Plan for the worst – Ransomware seems to find a way and you need to make sure you can recover when it does. Backups, off-site backups and backups on different media types are essential. Make sure you test their recovery too, as you don’t want to be finding out how to restore a backup in anger. They say you train hard to fight easy. Never has that been more true for IT contingency planning.

Get these three things right, and you’ll be a lot closer to stopping the rain of ransomware from ruining your day, night or weekend.

 

[1] Ponemon, Corporate Data: A Protected Asset or a Ticking Time Bomb? (2014)

The post Why is ransomware still so successful? appeared first on Veeam Software Official Blog.

Why is ransomware still so successful?

Cisco Announces Intent to Acquire Skyport Systems

Source: Cisco
I’m excited to share that today Cisco announced its intent to acquire Skyport Systems, Inc., a privately-held company providing cloud-managed, hyper-converged systems that run and protect business-critical applications. This acquisition will enable Cisco to utilize Skyport’s intellectual property, seasoned software and network expertise to accelerate priority areas across multiple Cisco portfolios. Cisco was also an […]Cisco Announces Intent to Acquire Skyport Systems

Veeam Recovery to Microsoft Azure featuring Veeam PN now available!

Source: Veeam

Networking has always been one of the most complex parts of any IT solution, and whether you are connecting into a remote site, connecting branch offices together or extending on-premises networks to the cloud, there is traditionally a high level of complexity and cost that’s involved in establishing a reliable networking solution. When it comes to networking during a disaster, the level of complexity and margin for error is magnified. In relative terms, it has become easy to back up, replicate and then recover workloads, but getting access to those recovered systems remains a cumbersome process.

At VeeamON 2017, we announced the Release Candidate of Veeam PN (Veeam Powered Network) which — in combination with our existing Veeam Backup & Replication 9.5 feature Veeam Restore to Microsoft Azure — created a new total solution for networking and restoration called Veeam Recovery to Microsoft Azure. At the heart of this new solution is Veeam PN, which extends an on-premises network to an Azure network, enhancing our ability to back up anything, anywhere and restore to Azure.

Veeam PN

Deployable from the Azure Marketplace, the Veeam PN Appliance can be setup within minutes and be ready to act as the central hub for remote sites that have the Veeam PN Appliance deployed as a site gateway. It can also be used for remote users who connect to the central hub via an OpenVPN client application. Used in conjunction with Veeam Restore to Microsoft Azure, workloads can be recovered into Azure and then accessed remotely via the extended network created by Veeam PN.

Veeam PN is now Generally Available

NEW Veeam PN is a FREE solution that allows administrators to create, configure and connect site-to-site or point-to-site VPN tunnels easily through an intuitive and simple UI all within a couple of clicks. No need to deal with complex, time-consuming set ups — cloud connectivity is now made easy! There are two components to Veeam PN, a Hub Appliance that’s deployable from the Azure Marketplace, and a Site Gateway that’s downloadable from the Veeam.com website and deployed on-premises from an OVA, which means it can be installed into a number of virtualization platforms. New to the GA release is the ability to install from the Veeam.com Linux repositories using your package management system of choice depending on distribution.

Veeam PN for Microsoft Azure (Veeam Powered Network) is a free solution designed to simplify and automate the setup of a data recovery site in Microsoft Azure using lightweight software-defined networking (SDN).

 

Veeam PN is built upon OpenVPN which is a trusted and mature virtual private networking technology platform. We have created an intuitive, simple user interface which simplifies the entire networking configuration process.

Total on-demand recovery in the cloud

Having an easy way to leverage the public cloud as a recovery site should be available for every organization no matter the size, yet many recovery solutions still lack the ease of use, reliability, and can come with a steep price tag. With Veeam Recovery to Microsoft Azure, you get a reliable, turn key solution for creating an on-demand recovery site — available whenever you need it. This is truly a set-it and forget it solution, ideal for any sized organization wanting to gain new recovery options, without the need to build or maintain a costly recovery site.

Veeam PN highlights

  • Provides seamless and secure networking between on-premises and Azure-based IT resources
  • Delivers easy-to-use and fully automated site-to-site network connectivity between any site
  • Designed for both SMB and enterprise customers, as well as service providers.

Conclusion

Networking is still the most complex part of executing a successful data recovery plan. With Veeam PN, you can easily extend on-premises networks to recovery networks, and provide connectivity from remote sites back to recovery networks. Veeam PN achieves this together with Restore to Microsoft Azure via site-to-site connectivity, extending on-premises sites to Azure recovery networks. It also provides access for remote users, with the ability to connect into the HUB appliance in Azure and be connected to systems and services via point-to-site connectivity.

Veeam Recovery to Microsoft Azure is available now!

 

Helpful resources:

The post Veeam Recovery to Microsoft Azure featuring Veeam PN now available! appeared first on Veeam Software Official Blog.

Veeam Recovery to Microsoft Azure featuring Veeam PN now available!

Conversations

Source: SANS security tip
When traveling, it is very easy to forget where you are when discussing business with colleagues. That airport, taxi, restaurant or hotel lobby may have individuals nearby eavesdropping on your conversation. When discussing confidential information, agree to hold off on the conversation until you can be assured of privacy. Also, be careful not to share sensitive information with strangers you meet.
Conversations

How Veeam integrates in the multi-cloud era

Source: Veeam

The IT industry knows what change looks like, and the current speed is unprecedented. Businesses need to adapt quicker than ever, knowing that what works for their data protection needs now is likely to change in the future. As a result, organizations today are taking a multi-cloud approach or, depending on their business needs, they are moving data from cloud to on-premises, cloud to cloud or within the cloud. Research shows that a massive 81% of enterprise organizations are choosing a multi-cloud strategy. Meaning that Availability across private, public and hybrid clouds is more important than ever to ensure customer confidence, brand reputation and competitive advantage. This blog post will shed some light on how Veeam’s tight-knit integrations with leading public-cloud providers, as well as its partnerships with managed-cloud providers, enables multi-cloud Availability.

How Veeam integrates with the Microsoft Cloud

One of the industry’s most dominant and recognizable CSPs is the Microsoft Cloud. Enterprises of all sizes can now experience simplified business continuity with Veeam for the Microsoft Cloud. This integration provides Availability for virtual, physical and cloud-based workloads, lowers costs through Microsoft Azure data archives and mitigates the risk of losing access to email data with Veeam Backup for Microsoft Office 365. The 3-2-1 Rule suggests your business should maintain at least three copies of data stored on at least two different types of media, with one of those copies off site. Veeam and Microsoft are helping businesses realize this final step through archives in Microsoft Azure with full and file-level granular recovery back to an on-premises environment or in Azure. On top of that, Veeam Recovery to Microsoft Azure protects your physical and cloud-based workloads, which eliminates complexity for you, and makes migration and restore much easier on your busy IT department.

How Veeam integrates with Amazon Web Services (AWS)

AWS is heavily investing in Infrastructure as a Service (IaaS), and has gained traction by paving one of the easiest roads to large-scale, public-cloud migration. Whether you are backing up to or recovering from the cloud, Veeam offers seamless integrations with AWS, which reduce costs and save time with lower recovery time objectives (RTOs). The first integration allows customers to send virtual tape library (VTL) backups to AWS Simple Storage Service (S3) and Glacier. The second integration allows customers to back up Amazon Elastic Compute Cluster (EC2) instances using Veeam Agents, or you can consider a cloud-native agentless approach with N2WS Cloud Protection Manager, which Veeam recently acquired.

Agility and scalability are key benefits to utilizing Veeam’s integration capabilities with AWS in your multi-cloud strategy.

How Veeam integrates with the IBM Cloud

Enterprises looking to fuel innovation and competitive edge need to look no further than the IBM Cloud. IBM Cloud applications, data and services can all be backed up through the integration of Veeam for the IBM Cloud. Veeam works with IBM Cloud to deliver Availability for your entire IT environment, allowing you to back up, replicate and more, within the IBM Cloud, just like it’s your own environment! This is important because Global enterprises all have unique service level requirements and require scalability at different times, in different departments and with different capacities. Veeam offers backup and replication to more than 55 IBM Cloud data centers worldwide and continual backup and recovery of the VMware infrastructure that powers IBM Cloud solutions.

How Veeam partners with managed cloud providers

Getting backups and replicas off site is something every IT organization should be considering to ensure data protection and access in the event of a disaster. But for many, building or maintaining an off-site backup repository is not feasible due to limited budget and resources. They choose instead to offload some or all of their data-protection duties to a service provider. You can take advantage of huge business and financial gains when you make the move to cloud and managed services:

  • Improve recovery time in case disaster strikes
  • Benefit from OpEx pricing models
  • Conquer complex regulatory compliance requirements
  • Experience the freedom to innovate

You can utilize Veeam Cloud Connect to easily send virtual or physical backups and replicas off site to a hosted cloud repository offered by one of our Veeam Cloud & Service Provider partners through a secure SSL connection. It’s easy to find the right provider to meet the needs of your business. You can reach out to your Veeam reseller, or find a provider in our Veeam-powered services directory.

Take action on your multi-cloud Availability strategy

There is an acceleration of multi-cloud adoption as enterprises are choosing hybrid-cloud options for their multi-dimensional, data-protection needs. But, multi-cloud strategies can be complex in the current IT landscape, and Availability and data protection remain imperative. Veeam’s flexible, multi-cloud data protection solutions meet the needs of today’s multi-cloud enterprise, protecting any app, any data, on any cloud. Get started with your multi-cloud strategy with Veeam for the Multi-Cloud!

The post How Veeam integrates in the multi-cloud era appeared first on Veeam Software Official Blog.

How Veeam integrates in the multi-cloud era

You Are a Target

Source: SANS security tip
You may not realize it, but you are a target. Your computer, your work and personal accounts and your information are all highly valuable to cyber criminals. Be mindful that bad guys are out to get you.
You Are a Target