Blog

How to back up from HPE 3PAR StoreServ secondary storage array

Source: Veeam

You most likely know that Veeam leverages storage integration with (Hewlett Packard Enterprise (HPE), Nimble Storage, NetApp, Dell EMC and Cisco HyperFlex to provide Backup from Storage Snapshots capability, which helps reduce the impact on the production data and performance due to data protection activity. You may also know that Veeam can also provide backup from a secondary storage array to reduce impact on the production environment even further with Nimble Storage and NetApp. And as an Alliance Systems Engineer in charge of HPE, I often get the following question from HPE technical field people: “Why don’t you support this with 3PAR?” Well, we do! There are some differences, but it’s still similar. Let’s explore how backup from a secondary 3PAR array works with Veeam Backup & Replication.

Backup from a secondary HPE 3PAR StoreServ array

In the case of NetApp or Nimble Storage, backup from a secondary array process is asynchronous. The storage snapshot is first triggered on the primary array, then it’s copied or replicated to the secondary storage array, and finally, the latter can be mounted on a Veeam proxy to run the actual backup job. It also means that active production data is stored on the primary array.

How to back up from HPE 3PAR StoreServ secondary storage array

With HPE 3PAR StoreServ, the main requirement is that a Peer Persistence relationship is configured between the two arrays. This allows volumes to maintain a synchronous copy of themselves on the other array, which is the main difference compared to other storage systems. The replicated volumes are exported in a read-only mode and thus act as passive volumes. In such a configuration, both arrays are active and hold primary production volumes and secondary volumes. Note that we can back up or replicate VM data from both arrays, thanks to this.

The second difference here with HPE 3PAR StoreServ is the workflow during backup. When Veeam Backup & Replication is configured to use snapshots of secondary volumes, the storage snapshot is triggered directly on the secondary volume, which means that the primary one remains untouched from a backup activity perspective.

How to back up from HPE 3PAR StoreServ secondary storage array

However, this isn’t the default behavior of Veeam Backup & Replication. If not configured accordingly, it will still trigger a storage snapshot on the primary volume. Let’s see how to configure the backup server to enable backup from a secondary HPE 3PAR StoreServ volume.

Configuring Veeam Backup & Replication

Unlike many other features, this one isn’t configured in the GUI us it is usually. Enabling it is controlled through the Windows Registry on the machine hosting the Veeam Backup Server role. A new registry key needs to be created using the following parameters:

  • Location: HKEY_LOCAL_MACHINESOFTWAREVeeamVeeam Backup and Replication
  • Name: Hp3PARPeerPersistentUseSecondary
  • Type: REG_DWORD (0 False, 1 True)
  • Default value: 0 (disabled)

To enable the feature, the value must be set to 1. For the new setting to be effective, you need to restart it manually.

Now let’s take a look at the HPE 3PAR StoreServ Management Console when this is configured in a real production environment.

On the screenshot below, we can see the highlighted volume named ***5-VOL05-DD-RCPP owned by the 3PAR StoreServ system named ***PHY0015. We’re going to run a backup job for VMs stored on this volume.

How to back up from HPE 3PAR StoreServ secondary storage array

Thanks to the existing Peer Persistence relationship between system ***PHY0015 and system ***PHY009, we can see three things on the next screenshot:

  1. The replica of the primary volume, which is named REPLI-***5-VOL05-DD-RCPP and owned by system ***PHY0009
  2. The storage snapshot taken on the replicated volume, which is named Veeam_ REPLI-***5-VOL05-DD-RCPP
  3. The comments in the details panel on the right, which says “This snapshot is used and managed by Veeam Backup & Replication”

How to back up from HPE 3PAR StoreServ secondary storage array

Summary

Backup from Storage Snapshots is a great feature to better preserve production data and achieve a higher level of Availability. It’s even greater when you can make sure that active production data remains untouched by backup activity, thanks to the advanced storage integrations we have with our Alliance partners such as Nimble Storage and NetApp and the capacity to back up from a secondary storage array. And now you know that we can also do this with HPE 3PAR StoreServ!

The post How to back up from HPE 3PAR StoreServ secondary storage array appeared first on Veeam Software Official Blog.

How to back up from HPE 3PAR StoreServ secondary storage array

Protecting Innovation: ITC Declines to Suspend Ruling; Orders Remain In Effect

Source: Cisco
The International Trade Commission yesterday sent a strong message to Arista that its “corporate culture of copying”, as the ITC has put it, must stop. By rejecting Arista’s efforts to delay orders that Arista stop importing and selling infringing products in the U.S., it reinforced the protection of intellectual property rights. On May 4, the Commission […]Protecting Innovation: ITC Declines to Suspend Ruling; Orders Remain In Effect

NEW Veeam Backup for Microsoft Office 365 1.5 — Early review and beta testing

Source: Veeam

Last week, Veeam released the beta version of the new Veeam Backup for Microsoft Office 365 1.5. It promises a significant improvement over the previous version, starting from easier usability, better performance and improved scalability — all designed for service providers in mind. As usual, I took the new version for an early test run, and we wish to share with you what I found.

Note: As always with these early reviews, all the information we provide is not guaranteed to find its way into the final release. Therefore, reader discretion is advised.

As with the previous version, Veeam Backup for Microsoft Office 365 is still considered and deployed as a standalone backup product specifically developed and designed to protect the Microsoft Office 365 email system. It has new and improved architecture components to allow it to easily scale for large and multi-tenant deployments. The Veeam Backup for Microsoft Office 365 server can be deployed on any Windows OS. The following specifications are recommended:

  • CPU: x64 processor
  • Memory: 4 GB
  • Disk: 500 MB for the installation
  • OS: Windows 7 or later
  • Architecture: Virtual or physical

A new component added to this latest version is the backup proxy. With the current Veeam Backup & Replication backup proxy, this newcomer to Veeam Backup for Microsoft Office 365 is designed to optimize data processing and the first proxy will be deployed during the product installation. The backup proxy server requirements are:

  • CPU: x64 processor
  • Memory: 4 GB
  • Disk: 500 MB for the installation
  • OS: Windows 7 or later
  • Architecture: Virtual or physical

Note: The proxy server must belong to the same domain as to the Office 365 backup server.

Now, let’s start with what’s new in Veeam Backup for Microsoft Office 365 1.5.

User interface

When you finalize the deployment and run the console, you will immediately notice that the user interface now has a new option called Backup Infrastructure. This is the same as in Veeam Backup & Replication product option and should give away that Veeam has big plans for this product.

Veeam Backup for Microsoft Office 365

Accessing the Backup Infrastructure will allow the configuration, or addition, of a new proxy server, along with the capability to add and configure the backup repository.

Backup repository

The backup repository will be used in the same fashion as in Veeam Backup & Replication when storing the backup data. In this latest version, a user can configure multiple backup instances, and then target his backups to a different backup repository (e.g., per customer or organization, and so on). In addition to this new flexibility, each repository can handle its own retention policy. The default retention is three years, but users can adjust the period to a specific number of days or years (one, two, three, five, or 10 years), or permanently.

Each repository will assign a backup proxy server to it. See the following figure:

Veeam Backup for Microsoft Office 365

Veeam Backup for Microsoft Office 365

Veeam Backup for Microsoft Office 365 stores backup data in its own database, which is similar to the Exchange database type, but still is specific for Veeam Backup for Microsoft Office 365. The database structure consists of a database, checkpoint and log files. For example, backup data will be stored in a .ADB file (Exchange databases used .EDB).

Add organization

A big welcome to the new release is the diversity you can use this product with when it comes to the Exchange server deployment. From now on, you will be able to back up the Microsoft Office 365 organization, or on-premises Microsoft Exchange, and if you are using a hybrid deployment, you can protect both.

Veeam Backup for Microsoft Office 365

PowerShell and RESTful API support

Version 1.5 has added support for PowerShell and RESTful API, giving customers and service providers the option to automate many of the administrative tasks, injecting Veeam Backup for Microsoft Office 365 commands to the PowerShell will accomplish using the Import-Module Veeam.Archiver.PowerShell command. The RESTFul API will be welcomed by the service provider community, and with the multi-tenancy repository and scalability, a service provider can build a self-service offering throughout the web, for example.

Veeam Backup for Microsoft Office 365

Notifications

Notifications are an important part of any scalable product. With that in mind, Veeam added several notification layers to keep the backup administrator informed of jobs and proxy status. With job notifications, administrator can select Success, Warning or Failure as the status level of server performance to be reported.

Veeam Backup for Microsoft Office 365

For example, the notification for a proxy server can inform the user if the server goes offline.

Veeam Backup for Microsoft Office 365

All notifications are provided using an STMP delivery method.

Scalability and backup performance

As we mentioned earlier, scalability is one of the focused areas of the new release, and it is achieved by using the new proxies and repositories server role. For example, customers or service providers can configure a different organization to target a different repository. Each repository will be accessed through a dedicated proxy server with the option of sharing one proxy server to target multi-repositories.

Backup performance was also kept on focus when interacting with Microsoft Office 365 or on-premises Exchange server. In this new release, the number of backup threads is increased from 32 threads on the previous version to 64 by default with the option to modify this parameter along with the limiting the network bandwidth on each proxy.

Veeam Backup for Microsoft Office 365

Backup continuity remediation

There’s no doubt this version builds on many intelligent algorithms, and what’s impressive is the autonomy of the proxy server when it comes to backup. If the Office 365 backup server fails, the proxy server will keep functioning and pull the data from Microsoft Office 365 for backup for the next 48 hours. If there’s no connection, resume with the Office 365 backup server and the proxy server will stop pulling the data. After the connection is established, the new backup will be refreshed on the Office 365 backup server. For this to work, the proxy server must communicate with Microsoft Office 365 via ports 80 and 443.

Conclusion

It is clear that Veeam Backup for Microsoft Office 365 version 1.5 has been designed with service providers and scalability in mind. The performance has been improved dramatically, and this can be noticed in daily operations. Recovery processes and management options are still the same as in the previous version, but with 1.5, data restore also can be initiated from PowerShell.

To summarize, it is a much better product, and the improvement is obvious. And when looking at this new release, I see a big winner for you service providers. The beta version is out, and I recommend that you give it a try. I think you will be as excited about this as I was.

The post NEW Veeam Backup for Microsoft Office 365 1.5 — Early review and beta testing appeared first on Veeam Software Official Blog.

NEW Veeam Backup for Microsoft Office 365 1.5 — Early review and beta testing

How to make your vSphere 6.5 upgrade a success

Source: Veeam

vSphere 6.5 has been generally available for several months now with the first release date being October 2016. Not everyone was excited to jump straight onto the vSphere 6.5 bandwagon though and for good reason. There were product interoperability issues at launch (I’m looking at you NSX), not to mention it is typically expected for companies to wait until the first major update package is released to make sure issues have been ironed out. However, a lot of the frustrations experienced by early adopters seem to have been resolved in minor patch updates to ESXi and to the vCenter server platform. vSphere 6.5 VCSA (vCenter Server Appliance) made a move to the VMware Photon OS which is a minimal Linux container host optimized for vSphere. What this meant for us, vSphere consumers, is that VMware appears to be more agile in delivering more frequent updates to the VCSA platform. At the time of writing, we are looking at the 6th minor release update of VCSA, 6.5.0e. That is about an updated release once a month.

Now, the key to any successful project is the planning stage. The project needs to be well thought out and potential issues need to be identified before continuing to the implementation stage. Timescales for project implementation are also defined at this stage.

For a vSphere upgrade project, take stock of everything in the environment that touches the existing vSphere infrastructure. At a high level, this will be things like ESXi hosts, storage arrays, network equipment as well as any software integrations such as Veeam Backup & Replication, monitoring software and other VMware products such as Horizon View, vRealize Operations, NSX, ETC.  You can use tools such as RV Tools to capture some of this information. Host models and specifications can be gathered using this tool as well as current vCenter version. I will explain why this is important soon.

vSphere 6.5 upgrade

Once the fact-finding exercise has been completed, categorize all the infrastructure items into Hardware, VMware software, Other Software.

Hardware planning

Head over to the VMware Compatibility Guide and make sure the hardware that is going to form the basis of the vSphere 6.5 infrastructure is present on the compatibility list. For the Dell R630 servers identified in RV Tools earlier, it looks like this:

vSphere 6.5 upgrade

 

Take note of the Systems/Servers drop down list. This can be changed to other item types such as SAN/Storage.

vSphere 6.5 upgrade

It is up to the vendors to validate their solutions and add them to the list. If you do not see a device on the list, reach out to the vendor and ask.

VMware software compatibility

The VMware Product Interoperability Matrices are your friend here. Let’s run with an example of vCenter 6.5 and Horizon View 6.2. These two solutions are not compatible with each other as we can see from below.

vSphere 6.5 upgrade

This leads us onto the supported upgrade path for VMware products: The VMware Update sequence for vSphere 6.5 . Using the example above, View Connection Servers need to be updated before vCenter server.

vSphere 6.5 upgrade

Veeam support for vSphere 6.5

Veeam Backup & Replication offered support for vSphere 6.5 in just three months after it was GA – in January 2017 – with the Veeam 9.5 Update 1 release. But in those three months, many people who jumped straight into vSphere 6.5 in 2016 quickly found themselves in a situation where they could not back up virtual machines with Veeam. This is another great example of why it is important to plan the upgrade process before moving onto the project implementation phase. Check with all software vendors that integrate into the vSphere environment that their product has been tested and is supported.

Now you have all your ducks in a row as far as hardware and software compatibility is concerned, take a moment to check online for any other issues with the upgrade process. For example, at the time of writing, there is no direct upgrade path from vSphere 6.0 U3 to vSphere 6.5. Its things like this that can trip you up at the final hurdle.

To summarize, research, research and research again to ensure that everything will work following an upgrade. It is better to eliminate an issue up front rather than it turning into a problem during an upgrade. Following these high-level steps should guarantee a successful upgrade project.

The post How to make your vSphere 6.5 upgrade a success appeared first on Veeam Software Official Blog.

How to make your vSphere 6.5 upgrade a success

Cisco Announces Intent to Acquire Observable Networks, Inc.

Source: Cisco
The ability to dramatically improve visibility, security and response capabilities across an entire IT surface, including highly distributed branch environments and public cloud infrastructures, is becoming increasingly important as companies and organizations continue their digital transformation. With this in mind, I am pleased to announce Cisco’s intent to acquire Observable Networks, a privately held software […]Cisco Announces Intent to Acquire Observable Networks, Inc.

Special for service providers — Veeam is now on virtual, physical and in the cloud!

Source: Veeam

Earlier this year, Veeam showed their commitment to Veeam Cloud & Servicer Provider (VCSP) partners with the collaboration of the FREE Cloud Services offer — a truly unprecedented offer for their customers to extend Availability to the cloud. But for Veeam, that is only the beginning of their plans to help their VCSP partners in 2017. With the release of new service provider-enabled solutions, Veeam is once again giving VCSP partners an opportunity to bring extra value to their customers. Veeam’s new offer will help get VCSP partners up and running quickly, and provide new Veeam-powered services with no financial obligation.

The offer for VCSP partners — NEW Veeam capabilities for physical, endpoint devices and in the cloud

VCSP partners can now offer NEW Veeam-powered services — whether in the cloud, or on physical and endpoint devices — with FREE unlimited usage through December 31, 2017.

Unlimited VCSP rental licenses are available for the following products:

This offer is available for existing VCSP partners and is also open to those who are interested in becoming a VCSP partner. Register for the offer here.

The NEW Veeam products VCSP partners can leverage

The list of the Veeam products service providers can now leverage truly goes beyond one protection strategy, and enables VCSP partners to protect their customers’ data whatever their requirements may be — whether virtual, physical or in the cloud. It also reinforces Veeam’s goal of enabling partners to deliver Always-On Availability. Let’s dive into the new products that service providers can now leverage.

Veeam Agents

NEW Veeam Agent for Microsoft Windows and NEW Veeam Agent for Linux both deliver simple backup and powerful recovery for physical servers, laptops and desktops, and virtual servers in AWS or Microsoft Azure. The release of the Veeam Agents has created a massive opportunity for VCSP partners, enabling them to not only protect their customers’ virtual data, but now also be able expand their services to the other half of the coin — with physical data protection. This will enable VCSP partners to deliver true value to customers by using Veeam’s products to protect their customers’ entire hybrid environments.

Veeam Cloud Connect Backup for Service Providers

Veeam Cloud Connect is one of the easiest ways in the market to leverage the cloud for off-site backup and disaster recovery. Hundreds of VCSP partners have been offering Cloud Connect services to their customers for a few years now, with much success in helping customers secure virtual backups in the cloud. And now, Veeam has extended its proven technology for cloud backup of VMs to physical workloads with NEW Veeam Cloud Connect Backup for Service Providers for servers and workstations! This means that service providers can now host Veeam Agent for Linux backups with Veeam Cloud Connect, and back up Windows-based physical data directly to Veeam Cloud Connect with Veeam Agent for Microsoft Windows. We’re looking forward to having service providers build on the successes of Veeam Cloud Connect VM protection by now being able to offer their customers a secure repository for off-site cloud backups of their servers and workstations as well.

Veeam Backup for Microsoft Office 365

Coming soon Veeam Backup for Microsoft Office 365 will have new VCSP capabilities in version 1.5. This will allow VCSP partners to offer a managed backup service for all their customers using Microsoft Office 365. While Microsoft takes on much of the management responsibility, customers still need a backup of their email data. With the adoption of Office 365 continuing to sky rocket, there is a great need to protect email data — which VCSP partners can now help fulfill with Veeam-powered Office 365 backup services.

Deliver more value with Veeam

Service providers today have an increasing number of objectives, priorities, products, services and teams to manage, but don’t let this opportunity with Veeam pass you by! Our new solutions are easy to install and use, and integrate seamlessly with Veeam Backup & Replication, Veeam Cloud Connect and Veeam Availability Console (coming soon). Veeam will work tirelessly to ensure that you are successful in offering these new solutions. Let’s partner together and bring more value to your customers!

Getting started

To be eligible for this offer, you must be a member of the VCSP program. If you are a reseller who is interested in joining the program, or not currently a Veeam partner — now is the perfect opportunity to get involved and start offering new services! The first step is registering for the products you want to utilize with FREE unlimited usage through December 31, 2017. Get started using the links below:

The post Special for service providers — Veeam is now on virtual, physical and in the cloud! appeared first on Veeam Software Official Blog.

Special for service providers — Veeam is now on virtual, physical and in the cloud!

To the Connected Women of Cisco and Beyond – You are IT – Lead, Connect, Inspire.

Source: Cisco
Every person has a few key events in their professional lives they will remember forever. Being the first male to host this year’s Cisco Empowered Women’s Network (CEWN) event is one of these moments for me. If you’re not familiar with CEWN, it is a network of Cisco customers, partners, and employees joining together to […]To the Connected Women of Cisco and Beyond – You are IT – Lead, Connect, Inspire.

5 Top ransomware exploits that you should know

Source: Veeam

We used to call the Internet the “information super-highway” back in the day, when connections were slow, bulletin boards and gopher were about as techie as it got. Those days are long gone, but something of the ‘highway’ has remained, like a bad smell, one that has come back to haunt us in 2017… The highway robber!

The person who went about their villainy on the trade routes and highways of the world, extorting money and valuables from unsuspecting travellers with a simple threat –– ”your money or your life” –– reinforced of course with the trademark flintlock pistol and sabre.

Today’s highway robber is a lot more sophisticated and savvy. They take far less risk and turn to the latest technology to extort you out of your money by threatening your valuables. In this case your data, your technology and most probably your computing ability.

Of course, I’m talking now about ransomware, the threat that’s been in the news almost every day for the past couple of months. The tool of choice for the modern highway robber has become headline news around the world with variants such as WannaCry and the more recent Popcorn Time. Organizations around the world have been affected by this ransomware, from the UK National Health Service, through to the Russian Postal Service in the last few weeks.

Interestingly, WannaCry leverages a previously known vulnerability in the Windows operating system, which is alleged to have been hoarded by a national security agency of the USA. In this case a vulnerability which allowed the ransomware to be especially successful in both current and older versions of Windows, such as XP and Windows 7, by using a weakness in their inbuilt SMB networking functionality. Even when out of support, there are still organisations using Windows XP and putting themselves at risk.

Luckily however an enterprising security researcher managed to find a kill switch written into some variants of WannaCry, in the form of a phone-home domain which hadn’t been registered by the malware’s author. Registering the domain seemed to give these variants of the malware the dead letter box it was looking for in order to shut down, thus halting the attack.

After intense examination of WannaCry’s tactics by the security community, we now know the infection spread within organizations by means of leveraging SMB connections. And, while patching the known vulnerability (as the patch had been out for over a month) helps sqelch WannaCry’s ability to spread, there are a broad range of ransomware sources through which you can get infected, such as:

  • Trojans – Perhaps the most common and the ransomware attack source we read the most about. Email attachments that contain malicious macro attachments are the chosen method here.
  • Removable media – Perhaps the most likely ransomware source of infection for the majority of malware in an enterprise, whether it’s ransomware or something more nefarious. Especially for those organisations that don’t lock down their USB ports. USB sticks and removable media are a very simple way to infect a PC as users generally trust those devices. A study by Google and two US universities showed that dropping USB sticks in public places was a simple and effective way to trigger human curiosity, with a full 49% of the ‘bait USBs’ being plugged into a computer by people who found them. Imagine if those had been malicious?
  • Malvertising – Malver-what-now? A portmanteau of malicious advertising. Where attackers compromise the weak infrastructure of an online ad network that serves adverts to legitimate websites. Therefore, when users view those adds, usually on well-known news websites, they can be used to trick browsers into downloading malware through the page display ads. Exploit kits such as Angler and Neutrino are often used as the initial dropper of the malware, which often then allows cyber criminals complete control of the infected endpoint. Ransomware is just one of the common outcomes of these watering-hole or drive-by attacks.
  • Social media and SMS – The prevalence of shortened links used on social media platforms and in SMS text messages gives attackers a superb mechanism to deliver ransomware and malware. Users rarely, if ever, check the destination of shortened links in social media, SMS or even email and attackers know this. Security solutions that ‘link-follow’ are increasing in popularity, but not fast enough. Ransomware delivered through shortened links is also often JavaScript based and requires little action on the users’ part, other than to click the link.
  • Ransomware-as-a-Service – RaaS? Yes, it does exist, as one of the many ‘Crime-as-a-Service’ networks. (Yes, those exist too). RaaS allows criminals of any variety to become instant cyber criminals, to the extent we’re seeing a drop off in classic crime like burglary, as RaaS is far a less risky ransomware source for them. RaaS and CraaS have given rise to vast affiliate networks too, where ransomware is easy to deploy and manage for almost anyone and where the earning potential is significant. I use this example to demonstrate the sophistication and motivation of the cybercriminals behind ransomware. Ignore them at your peril.

Of course, we’re used to thinking of ransomware as an email-specific or Trojan-based attack and that’s certainly the most common route it takes, but we should note that once ransomware makes its way into your business, ransomware creators will attempt to take as many routes possible to ensure as widespread an infection as is possible.

What all of these attacks and the breadth of ransomware sources show us is that it’s a live and hostile environment on the information super-highway and that for all the good we do, there are still people intent on exploiting, stealing, violating and pillaging our assets. Don’t be under any illusion they’re not motivated either; ransomware is a great money earner for them so don’t expect the attacks to die down anytime soon. Technologically not doing your best is not an option either. Sitting back hoping Windows XP or 7 will “struggle on for a little longer” or that those patches you didn’t deploy don’t matter is not a sensible strategy. Remember there are books written about hope not being a strategy, so don’t fall into that trap.

Patch your stuff, back up your valuables and keep an eye out for the highway robbers.

Stay safe out there.

What can you do with Veeam to stay resilient against ransomware? Check out our ransomware series content.

Read more:

The post 5 Top ransomware exploits that you should know appeared first on Veeam Software Official Blog.

5 Top ransomware exploits that you should know

Protecting Innovation: Presidential Review Period Expires in ‘945 Investigation

Source: Cisco
We learned this morning that the U.S. Trade Representative and the White House have rejected Arista’s “trade policy” pleas, and refused to stop the ITC’s limited exclusion and cease and desist orders from going into effect. The orders were issued in response to Arista’s infringement of two Cisco patents. That means that effective today, Arista […]Protecting Innovation: Presidential Review Period Expires in ‘945 Investigation