Blog

Cisco’s 200th Acquisition— a Tradition of Advancement, Disruption and Growth

Source: Cisco
Cisco’s ability to successfully acquire and integrate innovative companies is an industry gold standard. Today, this acquisition engine has achieved a major milestone with the announcement of Cisco’s 200th acquisition. Acquisitions help extend market leadership in our key domains, as well as position us to enter into new, growth markets. Acquisitions drive value and benefit […]Cisco’s 200th Acquisition— a Tradition of Advancement, Disruption and Growth

Cisco Announces Intent to Acquire Perspica

Source: Cisco
Earlier this year, Cisco announced the acquisition of AppDynamics – uniquely positioning Cisco to enable enterprises to accelerate their digital transformations by actively monitoring, analyzing and optimizing complex application environments at scale. Today, we are excited to announce the intent to acquire Perspica, the first acquisition to support and accelerate the AppDynamics vision. In our […]Cisco Announces Intent to Acquire Perspica

Veeam in Cisco SolutionsPlus program and other big news from Cisco + Veeam alliance

Source: Veeam

I’m dusting off my cowboy boots and getting ready to head down to the Lone Star State (Texas) for Cisco’s annual partner summit in a couple weeks. The Cisco Partner Summit is their premier, invite-only partner event held annually for their top partner executives. This year’s theme is “OWN IT,” and as it rapidly approaches, I thought about how Veeam and Cisco is well on their way to OWN IT and enable their customers to do the same, together.

In the technology world, where partnerships are typically “coopetition,” it makes me appreciate how unique the Veeam and Cisco relationship truly is; there are no overlapping competitive technologies. Like the Texas Two-Step, a country western dance that requires partners to work together and be totally in sync, Cisco and Veeam work hand-in-hand to help our customers innovate and modernize their data centers. Cisco delivers the perfect platform for running Veeam’s industry-leading Availability solutions in the UCS series of storage servers that combine high performance, ease of use and reliability.

One-stop shopping

The big news is that Veeam has been chosen as one of a select group of ISVs to participate in Cisco’s SolutionsPlus program, which will make Veeam available in the Cisco Commerce Workspace (CCW), which is the quoting and configuration tool that Cisco and their partners use. Cisco SolutionsPlus delivers a one-stop ordering experience that means resellers building solutions with Cisco UCS and Veeam can quote and purchase the two together. For customers, that means they can have the confidence that these configurations are pre-validated and sized for workloads, significantly reducing risk with the deployment. But that’s not all!

More Boot Scootin’ — unique integration with Cisco HyperFlex

Veeam can also be quoted and configured with Cisco HyperFlex, their next generation hyper-converged infrastructure that is getting accolades across the industry. Earlier this year, I wrote about Cisco adding Flash to HyperFlex, which to me, signaled that HyperFlex was ready for any application or workload in the data center. Now the best part, Veeam has unique integration with HyperFlex’s native snapshots, providing faster backups without impacting performance on the production systems, thus lowering RPOs — it’s another example of Veeam and Cisco doing the perfect Texas Two-Step. Another win-win for customers, HyperFlex is ready for any workload, and Veeam delivers the lowest possible RPOs providing Availability for the Always-On Enterprise.

Performance, manageability and reliability

The Veeam and Cisco partnership has been steadily maturing and going deeper. Beyond being in CCW and the native integration with Cisco HyperFlex, Veeam and Cisco have worked on a variety of reference architectures and Cisco Validated Designs (CVDs). In the last year, Cisco has added a CVD for Veeam and HyperFlex design, another one for implementation and soon there will be a new one for distributed environments and remote office, branch office environments.

Also coming soon, Veeam will be part of Cisco dCloud, which provides an online way to offer demos, training and sandboxes for Cisco architectures. This means partners will be able to easily show the way Veeam integrates with HyperFlex and sizzles with Cisco UCS.

It is truly a testament of Cisco and Veeam working together to bring best-of-breed solutions to our joint customers. And customers agree too. In a recent ESG paper surveying our joint customers, the traits most often sighted for choosing Cisco and Veeam were performance, manageability and reliability.

Are you a customer or partner benefiting from Cisco and Veeam’s close collaboration? Share your experience in the comments section.

Learn more:

The post Veeam in Cisco SolutionsPlus program and other big news from Cisco + Veeam alliance appeared first on Veeam Software Official Blog.

Veeam in Cisco SolutionsPlus program and other big news from Cisco + Veeam alliance

Podcast: Preparing Today for Tomorrow’s Cyber Threats

Source: Cisco
For many countries around the world, October is Cyber Security Awareness Month, when participating governments and private industry sponsor advocacy campaigns to promote cyber awareness, and provide the information and resources for us all to be more safe and secure online. Cisco is a founding member of the National Cyber Security Alliance (NCSA), and a […]Podcast: Preparing Today for Tomorrow’s Cyber Threats

Ransomware history highlights: from AIDS Trojan to Locky

Source: Veeam

Ransomware attacks are not a fake threat – they are real and increasing day by day. The below insights on ransomware history can help you understand the evolution of its delivery and extortion strategies and be better prepared in case you become the victim of an attack.

Ransomware, locker or crypto-malware, has been around for a long time — decades in fact. Originally, ransomware was an annoyance and a con-trick, but today’s ransomware is considerably different and presents much more of a sophisticated threat to systems and users.

We believe that the ground zero for the ransomware history is the 1989 AIDS Trojan, also known as the PC Cyborg Trojan, developed by Dr. Joseph Popp, an evolutionary biologist. This first-generation ransomware was unsophisticated and easily defeated. It was delivered via diskettes, the original form of removable storage If you’re too young to know what a diskette was. The ransomware was used at the WHO AIDS conference in Montreal — 20,000 copies in total. Popp’s malware hid files in the victim’s computer and encrypted the file names before demanding (or extorting) $189 for a repair tool.

Nearly thirty years later, ransomware is a much more insidious threat. As a piece of malware, its capabilities and effectiveness have increased exponentially, as have the number of ways one can be infected. Cybercriminals have become skilled at launching their ransomware campaigns, using platforms such as Ransomware as a Service to generate millions of dollars from each attack.

2000-2005: Fake anti-virus and spyware removal tools

Fake anti-virus, fake spyware removal tools and PC performance enhancement tools designed to trick victims into paying for a fix, patch or solution to the advertised problem were the biggest worry. This simple form of extortion started to appear on our computer screens from around 2005 onwards, but didn’t lock or encrypt data like today’s malware. For the cybercriminals though, the misleading application market proved the concept and business model for today’s ransomware. Fake anti-virus was so successful at conning users into paying for a “fix” to their “problem,” that in 2008, one malware distribution affiliate reported earnings of $158,000 in a week.

2006-2011: First encryption Trojans

The Achievus Trojan was an early piece of ransomware malware that used the “asymmetric” RSA encryption to encrypt the files in the user’s My Documents folder, then it would demand victims purchase goods from an online pharmacy in order to receive a 30-character decryption key to gain access to their files. Also in this year, email became the distribution mechanism for ransomware. This is where we see the birth of the crypto-malware we see today.

Between 2006 and 2011, the GPcode encryption Trojan spread via an email attachment claiming to be a job application. Locking malware such as Winlock or Ransomlock, which simply locked your computer until a fee was paid, were also popular at this time.

2011 gave us the first large-scale ransomware attack in history, claiming to be a Windows Product Activation notice, which users were duped by on a large scale. This attack was aided in part by the ubiquity of new and anonymous payment services. Services which made it much easier for hackers and cybercriminals to collect payment from victims without being traced. Ransomware as a Service networks first appeared on the mass-cybercrime-market in 2012. The newly created and sophisticated Citadel toolkit allowed would-be-hackers and cybercriminals the ability to build, deploy and manage a botnet and associated ransomware campaign for under $50.

2013-2014: CryptoLocker

2013 was a ground-breaking year for cybercriminals and hackers, as they released many new and much more sophisticated types of ransomware. CryptoLocker was the poster child at this time, and we saw the first utilization of the e-currency-as-payment method with Bitcoin. CryptoLocker was easily spread by drive-by downloads from malicious or compromised websites and by malicious email attachments. In email, a new tactic emerged too: socially engineered content, designed to look like customer complaint letters, invoices or account alerts encouraging the recipient to open an attachment. In this same year, other devices and operating systems started to be affected too. Smartphones running Android were targeted, as were Mac computers running the OSX operating system.

In 2014, ransomware such as CryptoDefence, CryptoWall, Koler (AndroidOS) and others which were all based on CryptoLocker, started to infect more victims. However, in a win for the good guys, an international team of law enforcement and security experts managed to sinkhole the botnet which controlled most of the world’s ransomware traffic. The Gameover ZeuS, or GoZ, botnet was comprised of more than a million infected endpoints which contributed significantly to the global volume of ransomware traffic. Once offline, there was a brief decline in traffic, but that was short-lived.

2015: CryptoWall

CryptoWall quickly took over now that the sink-holed CryptoLocker was offline. CryptoWall quickly became the most successful and lucrative piece of ransomware yet. Famously, when CryptoWall 2.0 was killed off, it took the developers of the malware just 48 hours to build CryptoWall 3.0 from a completely new code base. Impressive, even with its nefarious intentions, you have to admit. 2015 also gave us CryptoWall 4.0, TorrentLocker, TeslaCrypt, Lowlevel04, LockerPin and many more. In a response to this “new” threat, an FBI Special Agent famously said; “The ransomware is that good. To be honest, we often advise people just to pay the ransom.” The FBI have since issued more appropriate advice.

2016: Ransom32 and Ransomware as a Service

Ransom32 was a new and exciting ransomware we had to deal with as it used JavaScript, unlike any other codebase we had seen before. Delivered by a Ransomware as a Service network, Ransom32 had the ability to support not only JavaScript, but also HTML and CSS.

2016 also saw the return of Office-document macros as a delivery mechanism for malware. Not seen for perhaps the last fifteen years, all of a sudden Microsoft Office file types such as Word and Excel were being used to circumvent traditional security products and services. Locky is the best example of this and was spread by the Dridex network using phishing campaigns that sent a malicious Word document to its victim. Once the attachment was opened and the macro enabled, ransomware was downloaded by the macro to the victim’s computer.

The Petya ransomware of 2016 was the first ransomware to encrypt the entire hard drive, preventing the system from booting by overwriting the MBR (Master Boot Record) for added effect.

2017: Petya, WannaCry and other guys

Jaff, Cerber, Sage, Mamba, Petya, NotPetya and arguably the most successful — WannaCry. 2017 has been a bumper year so far. WannaCry was the ransomware you see on the news because it took down large parts of the critical infrastructure of telecoms companies and the UK National Health Service. 2017 was a watershed year for ransomware authoring too. Both Petya and WannaCry were written to exploit previously unknown vulnerabilities and exploits that were leaked from US government organizations by the Shadow Brokers hacking group. The exploit, called EternalBlue, leveraged a weakness in the Microsoft SMB protocol (CVE-2017-0144) to allow attackers to execute arbitrary code on the victim’s computer.

Even Locky made a comeback in 2017 with a campaign that pumped out 23 million emails in just 24 hours.

Conclusion

2017 is proving to be the most successful year in the ransomware history so far, and given the amount of money that can be earned by these ransomware authoring cybercriminals, it’s hard to see an end to this problem anytime soon. Ransomware will continue to be a major problem well into the future, requiring organizations of all sizes to take reliable protection and prevention measures. Keep your data safe and stay tuned!

Read also:

The post Ransomware history highlights: from AIDS Trojan to Locky appeared first on Veeam Software Official Blog.

Ransomware history highlights: from AIDS Trojan to Locky

Three Key Takeaways from Cox Communications’ Customer Presentation

Source: Cisco
I recently spoke with a select group of Cox Communications’ customers. The audience consisted of CXOs in gaming, healthcare, education, and the public sector. I was impressed with the dedication and commitment they showed to urgently solving the very difficult challenges of thriving in a world of digital disruption. Here are the top three insights […]Three Key Takeaways from Cox Communications’ Customer Presentation

Plugging into vSphere 6.5 enhancements to increase Availability

Source: Veeam

It’s been nearly a year since VMware released vSphere 6.5 which marked the 12th major release of VMware’s hypervisor and hypervisor management product suite. And while VMware has been focusing on more recent products like vSAN and NSX, it shouldn’t be forgotten that vSphere still remains at the core of the virtualization platform on top of which all other products are consumed. Veeam has a strong history of working with and supporting vSphere features, and the 6.5 release is no different.

As timing would have it, vSphere 6.5 was released a week before Veeam Backup & Replication 9.5, and with that, Veeam officially supported vSphere 6.5 with Veeam Backup & Replication 9.5 Update 1 which was released in January. Since then, VMware recently released Update 1 for vSphere 6.5 which brought a number of features and enhancements over the GA release. This is officially supported in Veeam Backup & Replication 9.5 Update 2.

vSphere 6.5 brought a simpler customer experience with automation and management at scale being a core focus. Enhancements focused on:

  • vCenter Operations
  • Storage
  • Security
  • Automation
  • Networking
  • Availability

There is a VMware technical white paper that contains the vSphere 6.5 What’s New information as well as the general release notes (plus release notes for vSphere 6.5 Update 1). Rather than go through the whole list, this article will focus on new features we at Veeam support, specifically covering how we plug into those vSphere features and enhancements to increase the efficiency of Veeam Backup & Replication which in turn creates a more efficient and trusted Availability platform.

vCenter Operations

With vCenter 6.5, there is now a native backup and restore function if you run the vCenter Server Appliance (VCSA) that enables users to back up vCenter and the Platform Service Controllers directly from the vCenter Appliance Management Interface (VAMI) or the API. In addition to that, we have come out with a technical white paper on how to back up and recover the VCSA and PSC with Veeam to ensure full recoverability of your vCenter components.

vSphere 6.5 enhancements to increase Availability

With the release of vSphere 6.5, the HTML5 Web Client was available as a side-by-side alternative to the existing Flash-based Web Client. This HTML5 is a big step forward and is based on a VMware Fling. The version included in the GA of 6.5 had partial functionality, meaning it was not a one-to-one replacement for the Flash client, and as of Update 1, the HTML client has about 90% of general workflows completed. The HTML5 client can be accessed from https://<vcenter>/ui and requires no browser plugins to work.

Veeam has its own Web Client Plugin that’s currently compatible with the Flash-based Web Client and gives backup administrators an operational view of Veeam Backup & Replication as well as the ability to perform full backups with VeeamZIP or incrementals with Quick Backup. The Web Client Plugin also works when Veeam ONE is installed. You can also examine the Protected VMs report that provides a list of which VMs are protected by Veeam Backup & Replication and those which are not.

Storage

With regards to storage, vSphere 6.5 introduced VMFS 6 and offered support for advanced drive format support. VVol 2.0 was also enhanced in 6.5 and Veeam fully supports backup and recovery operations to both VVol and VMFS6 backed datastores. There have also been significant improvements in snapshot performance which leads to more efficient backup windows and less stress on applications due to less risk of VM stun if Veeam Hot-Add mode is used as a backup transport mode.

vSAN has also been improved in the vSphere 6.5 timeframe with the release of vSAN 6.5. Veeam is fully vSAN-aware and has some built-in logic in the job engine that detects if a VM is on a vSAN datastore and then works out which Veeam Proxy should be the primary for the VM Hot-Add, ensuring an optimal backup traffic path from the host to the backup repository.

Security

Security has become a big focus for VMware and vSphere 6.5, and Update 1 added significant improvements to VM security. Apart from encrypted vMotion and secure boot, one of the most important features is the introduction of encrypted VMs.

Encryption occurs at the hypervisor level and not at the VM guest level, and therefore works with any guest OS and datastore type. Encryption is managed via policy, and the policy can be applied to many VMs, regardless of their guest OS. Verifying that the VM is encrypted is as simple as confirming that the policy is applied. The policy framework being used leverages vSphere Storage Policy Based Management (SPBM). Veeam Backup & Replication fully supports encrypted VMs for backup and recovery operations.

Automation

There is an enhanced set of APIs released as part of vSphere 6.5 including an API explorer as part of the vCenter Server Appliance (VCSA). However, vSphere 6.5 discontinued the VIX API that previous Veeam versions leveraged for network-less guest interaction for functionality such as application-aware processing. As part of Veeam’s vSphere 6.5 support effort, we have switched the corresponding functionality to the new vSphere API for guest interaction, so that you can continue using the existing product functionality with vSphere 6.5.

There is also a new VM tag API support by way of new APIs for programmatic access and management of vSphere tags. With its support by Veeam, you can continue using advanced backup policies based on tags even after you upgrade to vSphere 6.5, which is all part of Storage-Based Policy Management.

Networking and Availability

Finally, there have been a number of under the hood enhancements to networking including dedicated gateways for VMkernel adapters and datapath enhancements that improve the scalability or the vSphere Distributed Switch. While not directly related to backup, having a resilient networking stack is critical for Veeam to work as efficiently as possible when performing backup and restore tasks. With regards to Availability in terms of core vSphere enhancements, there is new Proactive HA and Admission control improvements as well as DRS enhancements.

Veeam vSphere enhancements

In Veeam Backup & Replication 9.5, we released some significant scalability enhancements to specifically optimize the backup and recoverability experience for our users. In general, there was a doubling of I/O performance that can shorten backup windows by up to five times while reducing the load on core virtualization platform components such as vCenter. Advanced Data Fetcher improves backup performance for individual virtual disks while reducing the load on primary storage due to the reduced number of I/O operations required to complete a backup. This was a VMware feature in 9.5 and is used by Backup from Storage Snapshots, Hot-Add and Direct NFS modes. VMware vSphere Infrastructure Cache maintains an in RAM mirror of vSphere infrastructure hierarchy to accelerate the Building VM list operation when creating or modifying a job. This also removes loads from vCenter. The cache is maintained with real-time updates via a subscription to vCenter Server infrastructure change events.

That put together with the other vSphere supportability talked about above, continues to show Veeam’s commitment to ensuring its VMware customers are getting the best Availability experience possible, and we are set to continue that when Veeam Backup & Replication v10 becomes available.

See also:

The post Plugging into vSphere 6.5 enhancements to increase Availability appeared first on Veeam Software Official Blog.

Plugging into vSphere 6.5 enhancements to increase Availability

Demystifying Recovery Objectives

Source: Veeam

Downtime is not an option for modern organizations that must fulfill their customers’ needs and expectations. Different types of incidents can occur and impact your business revenue or even existence. Whether it’s a ransomware attack, a power outage, flood or simply human mistakes, these events are unpredictable, and the best thing you can do is to BE PREPARED.

Preparedness means that you should have a solid business continuity and disaster recovery (BCDR) plan. One that has been tested and that can be put in motion smoothly.

Two of the important parameters that define a BCDR plan are the Recovery Point Objective (RPO) and Recovery Time Objective (RTO). For those of you who are not familiar with these terms, let me give you a brief description:

  • RPO limits how far to roll back in time, and defines the maximum allowable amount of lost data measured in time from a failure occurrence to the last valid backup.
  • RTO is related to downtime and represents how long it takes to restore from the incident until normal operations are available to users

Demystifying Recovery Objectives

While RPO and RTO may sound similar, they serve different purposes and, in an ideal world, their values would be as close to zero as possible. However, back to our world, the cost for zero RPO and RTO would be extremely expensive and might not be worth the effort.

Let’s take a closer look at recovery objectives. RPO is about how much data you afford to lose before it impacts business operations. For example, for a banking system, 1 hour of data loss can be catastrophic as they operate live transactions. At a personal level, you can also think about RPO as the moment you saved a document you are working on for the last time. In case your system crashes and your progress is lost, how much of your work are you willing to lose before it affects you?

On the other hand, RTO is the timeframe within which application and systems must be restored after an outage. It’s a good practice to measure the RTO starting with the moment the outage occurs, instead of the moment when the IT team starts to fix the issue. This is a more realistic approach as it represents the exact point when the users start to be impacted.

How to define RTO and RPO values for your applications

The truth is there is no one-size-fits-all solution for a business continuity plan and its metrics. Companies are different from one vertical to another, have different needs, and therefore they have different requirements for their recovery objectives. However, a common practice is to divide applications and services into different tiers and set recovery time and point objective (RTPO) values according to the service-level agreement (SLA) the organization committed to.

Data protection classification is important to determine how to store, access, protect, recover and update data and information more efficient based on their specific criteria. It is essential to analyze your applications and determine which of them are driving your business, generating revenue and are imperative to stay operational. This process that is essential for a good business continuity plan is called business impact analysis (BIA), and it establishes protocols and actions for facing a disaster.

For example, you can use a three-tier model to design your business continuity plan:

  • Tier-1: Mission-critical applications that require an RTPO of less than 15 minutes
  • Tier-2: Business-critical applications that require RTO of 2 hours and RPO of 4 hours
  • Tier-3: Non-critical applications that require RTO of 4 hours and RPO of 24 hours

It’s important to keep in mind that mission-critical, business-critical and non-critical applications vary across industries and each organization defines these tiers based on their operations and requirements.

Now that you have ranked your applications and services and you know what the impact will be in case of specific incidents, it’s time to find a solution that can help you protect your business data and operations. Veeam Availability Platform is a complete set of tools designed to achieve stringent recovery objectives for virtual, physical and cloud-based workloads.

How do RTO and RPO work in practice

Quick application-item recovery

A sales representative deleted an e-mail which needs to be sent to a customer ASAP. Microsoft Exchange is an example of Tier-2 applications. Since the IT administrator schedules backup jobs throughout the day, the company can definitely achieve the RPO of 1 hour. With Veeam Explorer for Microsoft Exchange, which is part of all versions of Veeam Backup & Replication, it’s very easy to recover an individual email item within minutes or even seconds, saving time and resources on staging or restoring an entire application server VM!

Demystifying Recovery Objectives

Instant recovery of an entire virtualized server directly from a backup

Let’s imagine a bank that operates several ATM machines. The ATM system is business-critical for the bank’s operations (Tier-2), but if it crashes for few hours it will impact the bank transactions, not the whole bank integrity. With the use of Veeam Backup & Replication and the Instant VM Recovery feature, you can immediately startup the virtualized ATM server from the deduplicated and compressed Veeam backup file. This will result in an RTO of a few minutes! Moreover, with the use of hypervisor migration functionalities and Veeam Quick Migration you can easily migrate the running VM from the backup datastore to the production datastore to complete the recovery process.

Demystifying Recovery Objectives

Full-site failover

Maintenance workers caused an electrical failure in one of your data centers resulting in a full-site failure and loss of access to all your Tier-1 applications. Let’s say, you use Veeam to replicate all your critical VMs off site twice a day. This makes you able to easily achieve the defined RPO of minutes. From an RTO perspective, Veeam enables you to easily recover in case of major incidents with several built-in features: one-click failover, assisted failback, Re-IP to match the network in the DR site, and true cloud-based disaster recovery.

Demystifying Recovery Objectives

Protecting endpoints

Switching from your virtual infrastructure to the physical world, Veeam also provides backup and recovery solutions for your laptops or desktops. With Veeam Agent for Microsoft Windows, you can restore files from your Recovery Media to your Windows-based computer or even power your PC backup image to a virtual machine to achieve low RPOs.

Demystifying Recovery Objectives

Furthermore, with Veeam Agent for Linux, you can protect your Linux workloads, whether they are running on-premises or in the public cloud.

Demystifying Recovery Objectives

Conclusion

Nobody can predict a disaster, however, you can act organized following your business continuity plan when facing such an incident. RPO and RTO values may vary across different companies, but at all times they will be a compromise between business needs for Availability and required investments in IT. Their estimation should be a result of a deliberation between your organization’s business and IT experts. But what goes beyond any deliberations is an implementation of a reliable Availability solution for virtual, physical and cloud workloads to ensure Always-On operations for your business.

Read also

The post Demystifying Recovery Objectives appeared first on Veeam Software Official Blog.

Demystifying Recovery Objectives

Cisco Employees Give Back—Everywhere—with Heart and Ingenuity

Source: Cisco
Karen Walker is the Senior Vice President and Chief Marketing Officer at Cisco. As CMO, Karen is responsible for the company’s Marketing and Communications and Government and Community Relations groups.   Together, Karen and Joe were co-sponsors of Cisco’s Global Service Month. Here are their reflections on the month. What a month! As executive sponsors […]Cisco Employees Give Back—Everywhere—with Heart and Ingenuity