Search This Blog

Sunday, September 11, 2022

How to Sync Huawei Health Workout Record to Apple Health and Strava?

This post will explore how to sync Huawei health workout records to the Apple Health app and Strava App.

On Huawei Health App

1. Click on ME

2. Click Privacy Management

3. Click on Data sharing and authorization

4. Select Strava and link it

Note: this setting allows the app to send data to Strava app

To view latest data, make sure you perform sync manually

On Strava App

1. Click on Settings

2. Select Application, Services, and Devices

3. Select Health Services and enable

  • Send to Health
  • Notification for new workout


Note: this setting allows the app to send data to Apple Health

On Apple Health

1. On the Summary page, scroll to top, and click your picture - to access settings.

2. Scroll to Privacy, go to Apps


You able to view Huawei Health and Strava


Go to Huawei Health and turn on all


Go to Strava and turn on all


That should do the trick and you able to view data from Apple Health

How to Pull Workout Activity from Strava?

During the past few weeks, I have been exercising " Walking workout" as part of my company well fitness program. I'd be required to do 80km a month starting Aug 22 - Sept 19, 2022.

  • An application used - Strava app.
  • Smart Watch - Huawei Watch

When I viewed on status from the Strava app, it did a great job of listing my workout. Sample example:


Since I did not subscribe and use it as free, it is hard for me to pull a selective report based on date & activity.

It did provide a list of activity and distance but I cannot generate a report based on the date


To resolve this, I have used another program called StatsHunters : statshunters.com

This website was able to connect to Strava to pull your workout information.


After connecting and pulling the activities on Strava, you can do filtering

Go to Left and click on the hamburger menu (3-line bar) and select Activity


Then go to the right side to do the filtering

Type:- Walk

Date: Start date and end date


You will get the result that you want and export it to excel


Excel report


Hope this guide help you to pull workout activity from Strava


Friday, August 12, 2022

Take part in this 2022 Ransomware Survey & Win a 4K Samsung Monitor!



Cybersecurity is a hot topic for any organization worldwide, as ransomware attacks continue to target companies that barely possess any protection against cyber threats. Last year, Hornetsecurity found out that 1 in 5 companies had been the victim of a ransomware attack, and many of those either lost data or had to pay the ransom to keep their operation running.

 

In such an event, some organizations may take longer to recover fully. That is why security leaders are constantly looking to upgrade their programs to safeguard their data and provide efficient cybersecurity practices for employees. 

 

Ransomware techniques are constantly evolving. Cybercriminals are working hard to find new ways to attack businesses, and Hornetsecurity are committed to staying ahead of the curve.

 

Be part of the solution. Hornetsecurity have created the ultimate 5-minute Ransomware Attacks Survey for MSPs and IT admins, so you can contribute towards the collection of practical, real-world insights that will help us continue to build our knowledge and combat the threat.

 

But that's not all - by completing the Ransomware Attacks Survey, you will be enrolled and have a chance to win a 32" 4K Samsung Monitor worth $349! Are you ready to get rewarded? 

 

Take the survey now! 

Friday, August 5, 2022

Video: Bare Metal Recovery Using Veeam

 In the below video, you will learn how to create recovery media & perform bare metal recovery


Wednesday, August 3, 2022

Error "This device can't use a Trusted Platform Module"

Error message encountered when enabling Bitlocker encryption for C Drive [Fixed Drive]
To solve this error, you need to configure local security. Open Local Group Policy Editor [gpedit.msc]

Navigate to Windows Components > BitLocker Drive Encryption > Operating System Drives

Enable "Require additional authentication at startup


Tick Allow Bitlocker without a compatible TPM and set all parameters to Allow.

Once done, restart the server/workstation.

Now you will able to configure BitLocker Drive Encryption on C Drive



 


Saturday, July 30, 2022

This SysAdmin Day, WIN with Hornetsecurity!


Can you believe it's here again? SysAdmin Day is back, and with it comes endless gratitude for all the great SysAdmins who support us 24/7. For all the times you've prevented disasters and saved us from catastrophes, for all the hard work and patience, we, the Altaro Backup team, want to say a big thank you!

If you use Microsoft 365/Office 365, Hyper-V or VMware, celebrate with us. All you have to do is sign up for a 30-day free trial of either Altaro VM Backup or Altaro Office 365 Backup – it's your choice!

What can you win?

·       Receive a guaranteed $20 Amazon gift voucher when you sign up for and use the trial of Altaro Office 365 Backup or Altaro VM Backup

·       Get a chance to WIN one of our Grand Prizes by completing the following sentence: "You know you're a SysAdmin when…"!

What are you waiting for? Sign up now!

Monday, July 4, 2022

Note Taking Veeam v12 Capabilities for Service Providers

 This blog post is note-taking for Veeam v12 Capabilities for Service Providers


1. Support for Postgres for VBR and Enterprise Manager

  • Open Source Database
  • Performance & Scalability
  • Microsoft SQL Server is still available to use
  • Upgrade path 
    • a) EM to v12-> VBR to v12 -> Migrate EM to Postgres -> Migrate VBR to Postgres
  • The backup server & Enterprise Manager must have the same database type
  • Reduce licensing cost

2. CDP proxy on Linux

3. Linux Gateway & Proxies

to proxy access object storage

3. Move Machines between backup job

4. Retry one machine instead of whole job

5. Trigger active full for one VM

6. Separate health check schedule

7. VeeaMover

  • move back up to a different repository
  • Migrate Refs to XFS, NTFS-> Refs
  • Rebalance SOBR
  • Copy backup to a different repository

8. Security

  • gMSA and Keberos support
  • Multi-Factor Authentication (MFA) for Veeam Console
    • Protect IaaS environment
    • Protect cloud connect environment
    • Protect MSP environments
  • Auto log off after X minutes
  • Classified data marking

9. Object storage & SOBR

  • Direct to Object Storage
  • End-to-End Storage for SOBR
  • New object storage format
    • reduce transactional overheads and streamlines IO
  • SOBR rebalance

10. Self Service Portal Enhancement

  • Instant VM Recovery capability on EM by tenant
  • Available on vSphere and Vmware Cloud Director

11. Automation & API

  • Powershell 

12. Continuous Data Protection for Cloud Cloud with Vmware Cloud Director

  • CDP for IaaS (vcloud director) or CDP via Cloud Connect (vcloud director)
  • Replication
  • Failover vApps between virtual datacenter
  • Different vcloud director server are supported

13. Restore from Cloud Connect as the Service Provider Restore

14. VSPC v7 Integration

a)Self Service FLR for VSPC managed agent

  • self service portal for users
  • delegated restore (by a service provider or reseller)
  • Support for Windows/Linux/Mac

b) VBR patching and updating

c) CDP Policies support

d) Veeam Backup Appliance (public cloud) -orchestrate VB appliance creation

Sunday, July 3, 2022

Note Taking Veeam v12 Object Storage Enhancement

This is a note-taking on Veeam v12 Object Storage Enhancement

1. Direct-to-object storage support
  • suitable for the customer that has no local storage edge/branch office
  • Direct from performance to an archive tier
  • Not supported - Enterprise Plug-in, AIX & Oracle Solaris, Restore from tape
  • VBR, Agent for Windows/Linux/MAC, NAS Backup

2. End. to end object storage for SOBR


3. New object storage format
  • reduce transactional overhead and streamlines IO

4. Multiple buckets
  • increase performance and improves consumption tracking
  • Performance issues if all put into 1 single bucket
  • 50TB per buckets
  • S3 = S3
  • Azure = Azure
  • S3 compatible = S3 Compatible
  • Same provider

5. SOBR rebalance
  • rebalance all extent
  • supported for performance tier, capacity tier, archive tier

6. Standalone immutability
  • S3
  • S3 Glacier
  • S3 Glacier Deep Archive
7. Multi-Region support
  • Copy from 1 region to another region 
  • Move from S3 to S3 Glacier Deep Archive
Use case
  • BJ -> Object storage -> Tape
  • BJ ->Object Storage -> Object storage
  • BJ -> Object storage
  • BJ -> On-prem repo -> BCJ -> Object storage

BJ= Backup Job
BCJ = Backup Copy Job

Saturday, July 2, 2022

Note Taking : Veeam Backup for Google Cloud Best Practice

 This is note-taking for Veeam Backup for Google Cloud (GCP Best Practice)

1. Configure Role-Based Access Control (RBAC) to manage portal users

  • Portal Admin - full access (including configuration)
  • Portal Operator - access management/infrastructure only
  • Restore Operator - perform workload restore

2. Lower storage costs using archive class

  • minimum retention 365 days
  • automatic archiving to low-cost, long-term storage

3. Protect VB appliance with configuration backup

4. Monitoring Appliance Memory

  • overconsumption due to high usage.
  • Solution - reconfigure the appliance machine type to have more memory - n1 standard (4cpu, 15GB Memory)


Friday, July 1, 2022

Note Taking: Veeam v12 Enterprise Plug-In Enhancement

 This blog post is note-taking for Veeam v12 Enterprise Plug-in Enhancement

1. Central deployment and management for Veeam Plug-in for Oracle RMAN, SAP Hana and BR Tool (SAP on Oracle)

  • Plug-in deployment via protection group
    • same as Veeam agent deployment
  • Policy configuration - Backup Job
    • database
    • transaction log backup
    • compression
    • channel
    • scheduling

2. Veeam Plug-in for Microsoft SQL Server

  • DBA-driven native backup to Veeam Repository
  • Manual deployment to source SQL Server
  • Able to run the backup from SQL Management Studio
  • Backup data transfer to Veeam Repository
  • Can do configuration, backup & recovery from this plug-in
  • Supported environment
    • OS: Windows Server 2012 R2 onward
    • SQL : SQL 2014 SP3 - 2019 (x64 only)
    • Enterprise, Standard, Web, Developer
    • Cluster: Always on group including cluster less, Windows Server Failover Cluster with shared volume or shared disk

3. PostgreSQL backup and Restore

  • Agentless for Linux VM
  • Veeam Agent for Linux
  • Log shipping
  • Veeam Explorer for PostgreSQL

4. General improvement

  • Hardened Linux Repo Support
  • Kerberos support
  • ipv6 support
  • Certificate based authentication
  • Linux group enhancement for plug in configuration access control

Thursday, June 30, 2022

Note Taking : Veeam v12 NAS Enhancement

 This is a blog post on note-taking for Veeam V12 NAS Enhancement

1. Backup to object storage directly

2. NAS Backup - Copy mode

  • copy recent data to the archive repository

3. Immutability for NAS backup

4. Storage Integration - Nutanix Files support on Veeam

  • NAS Filer
  • Automated snapshot creation
  • Changed File Tracking

5. NAS to tape - File to Tape with new improved engine

  • NAS backup to tape does not support GFS
  • Tape job always writes latest restore point to tape

6. Instant File Share Restore

  1. SMB shares - no longer read only and can migrate to production
  2. NFS shares - can be published as read only SMB

7. Health Check available for NAS

8. Rotated Drives - with limitation

  • only for backup
  • Not for archive repository, backup copy


Wednesday, June 29, 2022

Note Taking : Veeam v12 Tape Enhancement

This is a blog post taking for Veeam v12 Tape Enhancement

LTO 9 Support

Tape Server on Linux

  • Not recommended running on hardened linux repository
  • Put on a separate Linux machine
  • Linux uses SCSI drivers used
  • Tested on IBM
  • Support x64 system only. Same as VBR repository/proxy in v12

New File to tape job

  • Require to license - VUL
  • 1 instance = 500GB
  • Allow to backup directly to tape using file to tape job
  • Better performance & optimization (parallel tape drive support, database optimization, backup and enumeration run at same time, asynchronous read)
  • Retain permission like NAS Backup
  • Cross ACL restore is not supported (Windows to Windows/Linux to Linux)
  • Path exclusion supported
  • Console display for file to tape job (file share). Able to restore file to tape job
  • V12 last backup time is stored in UTC format

NAS Backup to Tape

  • Avoid load on production NAS storage
  • Fulfill 3-2-1
  • Source -> NAS backup to Disk -> File to Tape
  • NAS backup/and or NAS backup copy as source
  • Tape job always writes latest restore point to tape
  • NAS backup to tape does not support GFS
  • A periodic full backup is available for file to tape/NAS to tape
  • Files are store in native format. Restore files as files
  • Does not consume license for NAS to tape

Other tape enhancement

  • Support backup object storage to tape
  • Daily GFS & Monthly media set
  • Display current activity on tape drives
  • Eject after inventory or catalog
  • Audit for tapes
    • Windows event
    • File from tape restore audit
      • General options > security > audit logs location
      • Default to C:\ProgramData\Veeam\Backup\Audit

Tuesday, June 28, 2022

Note Taking: Veeam v12 Security Enhancement

This is a blog post on note-taking for Veeam V12 Security Enhancement

Your responsibility

1. Secure your infrastructure

2. Secure your data

3. Secure your session

4. Secure your application

5. Secure your visibility

Base security

  • Support ipv6
  • All supported except
    • Veeam Backup for Nutanix and RHEV
    • Plug in for AWS, Azure and GCP
    • Unmanaged Veeam Agent
  • Kasten - not tested

Data Security

  • Any repository with immutability
  • Hardened repository
  • Object lock for object storage
  • Storeonce catalyst
  • Primary Backup and archive
  • NAS backup immutability
  • Enterprise Plug-in backup immutability

Authentication

  • Group managed service account for Application-Aware Image processing
  • Backup Server does not store password 
  • Backup Server gets password on-demand from Active Directory
  • Recovery Token for bare metal recovery on Veeam Agent

Application Security (Session)

  • MFA for Veeam Console
  • Auto Log off after X minutes

Visibility

  • Classified data marking- by use tag/label. Required for security certification.
  • New column in inventory: last backup. To identify who perform the action 

Security update subscription

  • https://veeam.com/knowledge-base.html
  • Select security advisory
  • Enter your email address



Monday, June 27, 2022

Personal Experience Use AirAsia Ride Advanced Booking

I give AirAsia Ride a try since GrabCar does not allow for advanced booking. The only platform enabling you to do so at the time of writing this blog is 27 June 2022.

[Destination]

To Subang Airport to catch a flight to Penang.- Monday 27 June 2022

[Booking]

  • Tried on Sunday (26 June 2022) morning, but few drivers accepted and then canceled my booking.
  • Give up and on hold till night.
  • At night- Tried booking. Managed to get a driver. No cancellation make.
  • Booking with credit card payment

[Monday Trip]

  • Able to see the driver on the way after booking time.
  • Pick up by the driver

[Comunication with driver]

Based on his feedback:

AirAsia Ride - no penalty driver if cancel booking

If the driver cancels last minute, the system will try to find a nearby driver. If cannot find it, then no pick up. Therefore no guaranteed will get a ride

Driver prefer these payment methods

  • Cash - most prefer
  • Credit card - less prefer as payout needs to wait for a week
  • AirAsia Pocket - not preferred due to already passed 3 weeks, yet to get money back from the previous ride.

Driver feedback on GrabCar:

  • GrabCar has a penalty system to drivers. 
  • No advanced booking at this moment.
  • Can accept credit card as payout received by driver is 1 day

[Tip]

Encourage for the driver to select your ride

[After ride]

  • Can rate the driver
  • Get receipt by email


The strange part is driver added RM4 for toll even though they did not use toll. Cannot complain much about the system as traffic was bad in the morning to Subang Airport. Just consider as a tip to the driver.



Note Taking : Veeam v12 Core Architecture Improvement

 This blog post on v12 Core Architecture Improvement

Improvement

  • Postgres Veeam Database
    • Alternative from Microsoft SQL Express
  • Move backup job from Veeam Console
  • Execute active full/retry for one VM of a job
    • Without executing a job for multiple VM
  • Do Health Check outside the backup window
    • Can set scheduling
  • Improve per machine backup chain
  • Clean up orphaned backup based on retention time. 
  • Ipv6 support
    • Prior version support ipv4
  • Redundant Gateway
    • Gateway for Dedup Appliance
  • Multiple locations with different internet bandwidth
  • Code name: VeeaMover - for migration storage to new hardware
    • Simplified repository change -> Move Backup Button
    • Moves backup files (including transaction log)
    • Copy backup files
    • Move machine between job
  • SOBR Improvement
    • Rebalance for all extents
    • All extent in maintenance mode during rebalancing
    • Export full backup from object storage
    • Multiple Object Storage bucket in performance and Capacity Tier
      • 50TB per bucket for most vendor
      • Object storage of the same type (S3 != S2 compatible)
      • Object storage cannot be mixed with non-object storage
  • Amazon S3 or Azure Blob as Performance Tier
    • optional capacity tier 
    • Archive Tier: Amazon Glacier / Azure Archive
  • More Better Performance for compression
    • Default: Optional. Best setting- same no changes
    • High compression - 3x faster backup, 20% better compression, restore 2x faster
    • Exterme compression- 40% faster backup, 15% better compression, 2x faster restore
  • New Roles and Features on Linux
    • Linux Proxy - backup from storage snapshot for NFS
    • CDP Proxy
    • Tape Server
  • Security
    • Group Managed Service Account for Application-Aware Image Processing (GMSA support)
      • Kerberos environment only
        • Support AAIP Vmware VM, Hyper-V
        • Windows Agent, Linux Agent
        • Storage Plug in
        • NFS 4.1 (repository and source share)
        • SMB 3 (repository and source share)
        • All veeam B & R components

Sunday, June 26, 2022

Note Taking - Veeam v12 Veeam Agent Enhancement

 This is a blog post on note-taking for V12 for Veeam Agent. Total 5 Veeam Agent

1. Veeam Agent for Windows

  • Object storage support directly. License required [paid version]
  • Not needed synthetic full and compact full
  • Installer size decreased from 364MB to 144MB in Beta2. Easier deployment with low bandwidth
  • Efficient file-level backup for changed files. Block-level efficiency with file backup and only captured changed block of the changed file. Transfer only changed blocks.
  • DB changed to SQLite - low resource consumption. Previously use SQL LocalDB

2. Veeam Agent for Linux

  • Direct backup to object storage
  • GFS support
  • Postgres log backup support - only on Linux
  • Snapshot based backup with LVM snapshot - Good for distribution not supported by veeamsnap
  • Non SSH mode for Linux workload. No sudo/root credential on VBR, no need for SSH on Linux, No need for long sudoers list
  • Veeam Explorer for Postgres & Enterprise Manager support

3. Veeam Agent for Mac

  • New UI
  • Backup directly to object storage
  • Backup to different location with multiple jobs
  • resume backup job

4. Veeam Agent for Solaris

  • Bare metal recovery

5. Veeam Agent for AIX

  • Bare metal recovery

6. Cloud Native Agent for AWS & Azure  [New] 

  • For AWS and Azure Platform
  • Application-Aware processing (eg database log shipping)
  • Simplify networking (no VPN/direct connection VM needed)
  • Suitable for customers that lacks permission to run Veeam Backup for Amazon/Azure
  • Automatic discovery via cloud provider API
  • Can use machine selection/Instance ID / tag based
  • Distribution repository: upload agent setup components once, registered object storage repository in AWS/Azure.
  • Not supported Windows Failover Cluster
  • Managed by backup server
General

  • Secure Bare metal recovery with the recovery token
  • for security 
  • valid for 24 hours per default. Will expire automatically

Saturday, June 25, 2022

Note Taking : Veeam Backup for Microsoft 365 Best Practice

This blog post is my note-taking on Veeam Backup for Microsoft 365  Best Practice.

Security & Hardening

Patching 

Latest Windows Operating system patching on all veeam components

Authentication

1. Use Modern app-only authentication

2. Modern authentication with legacy protocols allowed [limited]

Veeam components

1. Workgroup / Join to domain for all veeam components

2. Self-signed certificate might not be allowed by enterprise customers. Prefer PKI (Internal PKI or External (Public) Certificate

Data Separation

1. Backup Copy 

Can put on different cloud provider

Encryption

Additional security with at rest AES 256 encryption for Microsoft 365 data in object storage

Note: Password loss protection is NOT available

Self Service Restore Portal

1. Dedicate administrator to restore administrator 

2. Access Self-Service Restore Portal for recovery. Avoid login to VM


Friday, June 24, 2022

Note Taking: Veeam Backup for Azure Best Practice

 This is my personal blog note-taking for Veeam Backup for Azure Best Practice

Backup Appliance

running Ubuntu

1. B2s (default) (2 vcpu, 4GiB RAM with 32GB Premium SSD data disk) -support 400 workload, 50 workers & up to 20 000 restore point.

2. F8s (medium) (8 vcpu, 16 GB RAM with 64GB premium SSD data disk) - support 1500 workload, 250 workers and 70000 restore point.

3. F16s (large) (16 vcpu, 32 GB RAM with 128 GB premium SSD disk) - support 1500 workload, 500 workers and 70000 restore point.

Maximizing throughput

Workload per policy - 50

Worker per policy and per storage account

Worker speed (F2s_v2 = ~100 Mib/s)

Azure storage account limit (10-60 Gbps depending on the account)

Azure API limits (1200 writes, 12000 reads of ARM API)

Worker per appliance (500 recommended, max 1000 per region)

Memory consumption per policy - 100MiB + 3 MiB per workload in policy: 250 Mib

Repository

Average size of backup data in object storage - 40% - 50%

Object size :

1.Backup data (hot & cool tiers) - 1 MiB compressed (~512 KiB)

2.Backup data (archive tier) - 512 MiB

3. Metadata - 4KiB per GiB of VM source data

Storage account limit on IOPS. Configure one backup repository per storage account


Workers

Leverage on ubuntu image. Deployed in the same resource group and subscription as Veeam Backup for Azure.

1. Creating backup/archive of Azure VM - region with target repository

2. Creating backup/archive for Azure SQL - region with Azure SQL database to be processed

3. Azure VM restore, SQL Restore, Volume level restore - region where restored data will reside

4. File level restore from snapshot - region where snapshot resides

5. File level restore from backup - region where backup repository resides

Worker size

Change the size of the data disk allocated to the worker instance: /etc/veeam/azurebackup/Config.ini

[WorkerVMDeploymentOptions]DataDiskSizeinGB =32 (default)


Recommended worker maximum based on testing

1. Recommended worker for default appliance size - 50

2. Maximum worker per region per appliance - 1000

3. Worker per service bus (two queue per worker, based on default basic tier) - 5000

4. Azure ARM API reads (per tenant/user/hour)* - 12000

5. Azure ARM API (per tenant/user/hour) * - 1200

* Azure Management APU request limit and throttling

Policies

1.Repository per policy -1

2.Worker per repository - 50

3.Appliance memory consumption ~50% RAM + memory used by policies

4.Policy memory consumption - 100 MiB per policy + 3 MiB per workload in


Calculate retention point

-> snapshot per workload for the first day

-> daily backup

-> weekly backup

-> monthly backup

-> yearly backup

Get total restore point per workload X Number of VM, to get a total restore point


Note Taking - Veeam Backup for AWS Best Practice

 My personal blog note about Veeam Backup for AWS Best Practice [24 June 2022]

Backup Appliance Size

1. T3.medium (default 2vcpu, 4 Gib RAM) - support workload 500 - 1000 , 50 Instance per policy

2. T3.2xlarge (medium - 8 vcpu, 32 Gib RAM) - support workload 1000 - 3000. Around 50 - 150 instance per policy

3. C5.9xlarge (large - 36 vcpu, 72 Gib RAM) - support workload 3000 - 4500. Around 50 - 150 instance per policy


Repositories

1. Use a dedicated IAM role (repository role)

2. Support for encryption via password or KMS Integration

3. KMS usage is advised. Password can get lost or forgotten (not recoverable)


Object storage data size

1. Average size of backup data in object storage - 40% - 50%

2. Backup data (S3 tiers) - 1 MiB compressed (~512KiB)

3. Backup data (Glacier tier) - 512 MiB

4. Metadata - 4KiB per GiB of VM source data


Workers

Deployed within the backup account

Worker provision is based on available vcpu count (AWS service quota/per region) 

On average between 10 to 40 workers per region

Different sizes are used for cost-effective protection

Worker is leverage on Ubuntu Image


Placement of worker

1. Creating backup/archive of instance - worker placement at region with target repository

2. Instance Restore/ Volume Level Restore - worker placement at region where restored data will reside

3. File Level Restore from snapshot - worker placement at region where snapshot resides

4. File Level Restore from backup - worker placement at region where backup repository resides


Policy Designing

1. Create specific IAM roles if possible per service

2. Use tag where possible

3. Consider properly your source and target for cost effective design

Policy 

1. 50 -150 workload per policy

2. Appliance memory consumption - 1.5 Gib and 5% RAM free + memory used by policies

3. Policy memory consumption - 100 MiB per policy + 3Mib per workload added

Every policy uses around 225MiB of RAM upon run (even with just 1 instance)

Formula:

Appliance RAM in MB * 0.95 - 1536 MiB - (225 MiB * N of policies + 3MB * N of instances in the policy)


4. Don't start all jobs concurrently unless got sufficient resources.

Security

1. Use cross-account/region - isolate backup

2. Integrate with IAM roles (dedicated)

3. Enable Encryption to  safeguard against internal & external threats

4. Use Amazon KMS to easily control secure access to encrypted backup data

5. Use RBAC to delegate permission to administrate and perform tasks

6. Use MFA to protect access using a second source of validation




Tuesday, June 21, 2022

Webinar : Veeam Backup for Microsoft 365 Technical Deep Dive for VCSP

In the fast-paced world of IT, administrators need to spend less time on non‑critical tasks and focus more on core business needs.

Now the #1 provider of Microsoft 365 backup is empowering IT, administrators, to securely delegate restores of emails, files, and more with the Self‑Service Restore Portal for Microsoft 365 environments.

Join us for this technical deep‑dive webinar for VCSP where we will cover in‑depth:

  1. Self Service Portal in action
  2. Backup Copy to low-cost S3 Glacier or Azure Archive
  3. Integration with Veeam Service Provider Console
  4. And much more!
Later around 1pm - GMT +8, I will be sharing on the above topic. 


If you missed it, no worry. Recording and slide will be available after the session

6 Must-Have Microsoft 365 Security Configurations Every Admin Needs to Know – Free Webinar

Microsoft 365 is now a key platform for a vast number of organizations. It’s also a target for an increasing number of hackers. All admins should know how to properly configure Microsoft 365’s security settings as the default security settings are simply not enough to prevent attacks. You need to actively assess and enable M365 security configurations fit for your organization. But when you’re strapped for time, where do you start and focus?  

An upcoming Altaro/Hornetsecurity webinar, 6 Must-Have Microsoft 365 Security Configurations Every Admin Needs to Know, has been designed to help you prioritize the powerhouse of M365 security controls on offer. Paul Schnackenburg, author of the M365 Security Checklist, and Microsoft MVP Andy Syrewicze will show you the critical security features, as well as some underrated features, that hit hard and provide significant protection for your M365 tenant.  




The hour-long webinar presented live twice (28 & 30 June) is free to join and will cover holistic email security settings, Conditional Access policies, SharePoint external sharing settings and access control, identity management, Microsoft Information Protection, OAuth application, and more! 

And if you have any questions about securing your M365 tenant, you can get them answered by these experts during the webinar Q&A.  

 

See the key webinar details below.  

 

Dates and times: Choose your preferred date 

Tuesday 28 June: 10pm CEST / 4pm EDT / 1pm PDT 

Thursday 30 June: 2pm CEST / 8am EDT / 5am PDT 

 

Learn more and register: 6 Must-Have Microsoft 365 Security Configurations Every Admin Needs to Know 

 

By combining the skills learned in this webinar with the Microsoft 365 Security Checklist, you’ll be armed with the knowledge needed to defend your M365 tenant from attack. 
 
As a bonus, all webinar registrants will receive a free copy of the Microsoft 365 Security Checklist eBook when signed up for this event!  

 

Save your seat for June 28 or June 30!  

Friday, June 17, 2022

Video: Restore M365 from Archive Storage Using Veeam Backup for Microsoft 365

 Let's explore how to restore M365 objects by using Veeam Backup for Microsoft 365. The backup data is from Archive Object Storage.

Thursday, June 16, 2022

Video: Configure Backup Copy to Archive Storage on Veeam Backup For Microsoft 365

 Want to do 3-2-1 copy for Microsoft 365 backup?

Do check out the new capabilities on VB 365 v6 on how to configure Backup Copy Job to Archive Storage.

Saturday, May 14, 2022

Quick List on Components Require for Veeam Backup for Microsoft Azure

 Here is a quick list of things required when using Veeam Backup for Microsoft Azure that you should take note when doing sizing & costing

1. Veeam Backup for Azure Virtual Appliance

Role: to manage backup on Microsoft Azure

Qty : 1

Recommended VM Size:

Standard_B2 with 2 CPU and 4GB RAM or

Standard_B2ms with 2 CPU and 8 GB RAM


2. Worker Instance


Qty : from 1 to N 

Role: will provision and terminate on demand when backup to object storage & recovery. Able to scale worker till N (maximum based on Azure account limit)

Recommended VM Size:

Standard_F2s_v2 with 2 CPUs and 4 GB RAM for standard backup

Standard_E2_v4 with 2 CPUs and 16 GB RAM for archived backup.

Refer to https://helpcenter.veeam.com/docs/vbazure/guide/architecture_overview.html?ver=30#worker_instances 


3. Snapshot 

for short term retention backup

4. Object Storage (Azure Blob storage)

for long term retention backup

Support: Hot, Cool, Archive

5. Network Traffic

If protected Azure workload and target storage reside in different region

6. Transaction

The cost of making API request to Microsoft Azure during data protection operation & tome that worker were active

Tool: Microsoft Azure Pricing Calculator

URL: shorturl.at/tCGPT 

Thursday, May 5, 2022

Microsoft 365 Security Checklist - A practical guide for the time-strapped admin - Free eBook

A few minutes and a credit card and you can have enterprise-grade email and collaboration tools ready to go, with not a thought for security, governance, or best practices. It’s in the cloud so Microsoft secures your data – right? Well, not exactly. 

Proper security is tailored to an infrastructure’s unique requirements and responds to a constantly evolving attack and threat landscape. You can’t just rely on Microsoft default settings. And you need to do more than just ‘set it and forget’. The Microsoft 365 Security Checklist shows you all the security settings and configurations you need to know for each M365 license to properly secure your environment.





Written by veteran IT consultant and trainer Paul Schnackenburg, the free 100+ page eBook from Altaro contains full explanations of all the important security parameters, the step-by-step processes of how to access, how to optimally configure them, and a full checklist to ensure you don’t miss anything! 


This eBook has two intended audiences – a small business owner / IT Pro who is managing their own tenant, and Managed Service Providers (MSPs) who are managing other businesses’ tenants, but a lot of the content will be relevant to pretty much all M365 admins. And it includes Identity, Email, Teams, Applications, SharePoint, Endpoint Manager, Information Protection, Secure Score and Business Premium and Microsoft 365 E5. So, your main bases will be covered. 


Depending on what your business is and what sector you operate, there might a minimum requirement of what should be in place to satisfy insurance policies, global data laws or general compliance. So, make sure you take the time to figure out what your business needs to be compliant and protected. 

Secure your data and business, work through the M365 security checklist today.  

Wednesday, March 30, 2022

Video - Self Service Recovery Portal for Veeam Backup for Microsoft 365 in Action

 Let's have a quick look at how to view the self-service recovery portal in action.

Scenario 1: Normal user perform own recovery

Scenario 2: Use Recovery Operator to assist the user to perform recovery


Thursday, March 17, 2022

This World Backup Day, WIN with Altaro!

Did you know that 29% of data loss cases are caused by accident? As World Backup Day nears, we think back to all the incidents, data loss scares, and near-disasters that we’ve experienced over the years – and how grateful we were to have backup during those times!

If you use Microsoft 365/Office 365, Hyper-V or VMware, celebrate with Altaro. All you have to do is sign up for a 30-day free trial of either Altaro VM Backup or Altaro Office 365 Backup – it’s your choice!

What can you win?

• Receive a guaranteed $20 Amazon voucher when you sign up for and use the trial of Altaro Office 365 Backup or Altaro VM Backup

Get a chance to WIN one of our Grand Prizes when you complete the sentence “You know you’re a SysAdmin when…”

What are you waiting for? Sign up now!

Wednesday, March 2, 2022

Free Educational Tools

[Veeam]

My Youtube Channel - https://www.youtube.com/ericlaiys

Veeam Handon Lab - https://go.veeam.com/webinar-hands-on-lab-experience

Veeam How to Video - https://www.veeam.com/how-to-videos.html 


Veeam Infrastructure Sizing - https://vse.veeambp.com

Veeam Backup Capacity Calculator - https://calculator.veeam.com/vbr/

Veeam MS Office 365 Calculator - https://calculator.veeam.com/vbr/


Veeam Best Practice Guide - https://www.veeambp.com/

Veeam MS Office 365 Best Practice Guide - https://bp.veeam.com/vbo

[Build Number & Versions]

Veeam Backup & Replication - click here
Veeam One - click here
Veeam Disaster Recovery Orchestrator - click here
Veeam Agent for Oracle Solaris - click here
Veeam Agent for IBM AIX - click here
Veeam Agent for Mac - click here
Veeam Agent for Linux - click here
Veeam Backup for AWS - click here
Veeam Backup for MS Azure - click here
Veeam Backup for Google Cloud - click here
Veeam Backup for Microsoft 365 - click here


[Others]

The SysAdmin DOJO Podcast – become a kick-ass system administrator: Our goal is simple. We talk with industry experts to provide you with actionable real-world knowledge that will equip you to become the IT black belt within your organization.

From virtualization and automation to Microsoft 365 and security and lots more, tune in fortnightly for your dose of the SysAdmin DOJO Podcast. Also available on your favorite podcast player and YouTube. Check it out now!



Cyber Threat Report 2021/2022: Cybercrime remains one of the biggest threats worldwide and there has been a number of developments of spam and advanced threats including the different cyberattack methods. But what threats were in those unwanted emails? What are the risks posed by new types of malware and deceptive approaches of cybercriminals? Find out now!

The Backup Bible Complete Edition: The complete guide to protecting your data and an essential reference book for all IT admins and professionals. Download your free copy now. 

PowerCLI: An Aspiring Automator’s Guide, Second Edition: The free eBook that adopts a use-case approach to learning how to automate common vSphere tasks using PowerCLI. Get you eBook now! 

How to Get the Most out of Windows Admin Center, Second Edition: It is one of the most important and powerful tools in a system administrator’s toolbox. So, make sure you don’t get left behind – learn everything Windows Admin Center has to offer and how to use it best with this comprehensive guide: Download your free copy now!

 

Backup & DR Webinar: Learn how to construct a strong and reliable plan based on your unique organizational requirements. Watch this on-demand webinar now! 

PowerCLI Superhero Webinar: Watch this webinar demonstrating 5 powerful real-world applications anyone can deploy to get started with PowerCLI. Watch the free webinar. 

Your 5 Most Critical M365 Vulnerabilities Revealed: Learn how to identify your most critical vulnerabilities and what you need to do to get them safeguarded from attack. Watch the webinar on-demand! 

Free webinar Windows Server Storage: Unlock your storage Potential with these powerful Built-in Windows Server Features. Access the webinar here. 

Windows Server 2022 Webinar: Get a full breakdown of the brand-new OS and get a deep dive into the standout features that will have the biggest impact to organizations looking to upgrade to Windows Server 2022. Watch this webinar now! 

 

How to do sizing for Veeam Backup Repository?

 In this post continue from sizing by using VSE, we will explore sizing for backup repository.

The tool that we are going to use is "Veeam Backup Capacity Calculator"

Tuesday, March 1, 2022

How Azure Stack HCI is forcing changes in your datacenter – free webinar

 As we know hybrid cloud adoption varies across the industry. And whether or not you’re planning to go hybrid or fully to the cloud, Microsoft is slowly nudging sysadmins there with changes in its tech solutions and licensing models anyhow. Some of these being the developments in Microsoft’s core hybrid cloud solution for on-prem, Azure Stack HCI (not to be confused with Azure Stack). By leveraging crucial Windows Server technologies such as Hyper-V, and Storage Spaces Direct, Microsoft has big plans for Azure Stack HCI and, whether you like it or not, it will inevitably shape your hybrid cloud strategy.

The Altaro webinar on 23 March, How Azure Stack HCI is forcing changes in your datacenter, will teach you about the key developments and how they will impact your datacenter management. Microsoft MVP Andy Syrewicze will be joined by fellow MVP and Azure Stack HCI expert Carsten Rachfahl to break down and demo live Azure Stack HCI, and what it means for you and the technologies you use.


The hour-long webinar is free to join and will cover key Azure Stack HCI concepts, changes to storage and networking you should be aware of, how to manage Azure Stack HCI, along with cloud management and Azure integrations.

With Azure Stack HCI, there are operational considerations to keep in mind like the fact that pricing for this deployment option is paid as a monthly service, or the fact that future on-prem features in the Windows Server stack are likely to leverage Azure Stack HCI exclusively. That said, not only will this webinar show you the benefits of Azure Stack HCI, but it will show you how it will fit into your tech stack long-term.  

Andy and Carsten will help you prepare for these major developments, so you'll be ready for what's next.  And if you have any questions about hybrid cloud or Azure Stack HCI, you can get them answered by these experts during the webinar Q&A.

 

Learn more and register: How Azure Stack HCI is forcing changes in your datacenter

 

Don't miss out on this comprehensive lesson on how to navigate and integrate Azure Stack HCI into your datacenter management.

Save your seat for March 23rd!