Backup and Recover Microsoft SQL Cluster Using Veeam Plug-in for MS SQL

Backup and Recover Microsoft SQL Cluster Using Veeam Agent

Perform Backup Verification Physical and Veeam With Veeam V12

Backup and Recover Nutanix AHV Using Veeam V12

Veeam One V12

Vembu BDRSuite v5.6.0 U1 is available now!

Veambu new version with new features & bug fixes.

Download link: https://www.bdrsuite.com/vembu-bdr-suite-download/ 

Release Notes: https://www.bdrsuite.com/vembu-bdr-suite-release-notes/ 

Release Blog: https://www.bdrsuite.com/blog/bdrsuite-v5-6-0-update-1-is-generally-available-now/ Upgrade Guide: https://www.bdrsuite.com/pdf/release-notes/vembu-bdr-automatic-software-update.pdf

MVP Allumi awarded

What's New Veeam Backup for Microsoft 365 v7

Veeam V12 Backup Microsoft SQL Standalone Using Veeam Plug In

Veeam V12 Backup MacOS Data Using Veeam

Backup and Recover Nutanix AHV VM Using Veeam V12

ESI® Benchmark Report

An evaluation of over 1.7 million simulated spear phishing attacks on employees.

 

 

In today's world, employee security awareness is more important than ever. The number of fraud attempts through malicious emails is reaching a record high. Hackers using phishing techniques are increasingly targeting companies, as this is where the greatest financial gains can be expected.

Hornetsecurity's ESI® Benchmark Report highlights the risks of phishing and suggests defence strategies that focus on security awareness. The report uses the Employee Security Index (ESI®), a science-based benchmark for measuring and monitoring security awareness, to analyse over 1.7 million simulated spear phishing attacks on employees in companies of all industries and sizes.

Learn about global fraud gangs, the average time for companies to reach an acceptable level of security, the impact of interrupting security awareness training, and best practices for optimizing employee security awareness.

Find out more about the steps you can take to safeguard your business from cyber threats and download the ESI® Benchmark Report Edition 2023 now. Download the Report Now! 

Virus Found! | Clean DR Capabilities on Veeam Recovery Orchestrator

Agent DR to Microsoft Azure Using Veeam Recovery Orchestrator

Orchestrate Recovery Plan Using Veeam Recovery Orchestrator

Let's learn how to do orchestration for your recovery plan to DR Data Center by using Veeam Recovery Orchestrator

The Importance of IT Compliance in Modern Business

IT compliance is a critical aspect of modern business as it refers to the adherence to policies, regulations, and government laws protecting IT systems and processes. IT compliance ensures businesses and organizations operate under strict security requirements, guidelines, and industry best practices for data protection and governance.

IT business leaders, CIOs/CTOs/CISOs, MSPs, system administrators, and other roles within IT must understand the importance of implementing stricter compliance requirements to protect valuable data.

Here are a few reasons why modern businesses and organizations must become IT-compliant:

Ensuring Data Privacy and Security

Businesses that handle sensitive information, such as customer data and financial and medical information, must comply with industry-specific frameworks like HIPAA, PCI-DSS, GDPR, and others. These frameworks provide guidelines for protecting the most sensitive of information a business handles, including data encryption, access controls, and vulnerability assessments.

Mitigating Security Risks

IT Compliance standards, such as ISO 27001, NIST, and CIS, provide guidelines for identifying, assessing, and mitigating security risks. These standards enable businesses to implement best practices for security and ensure that their IT infrastructure is secure against cyber threats.

Avoiding Legal and Financial Fines

IT compliance can help businesses avoid legal and financial penalties. However, non-compliance with industry-specific regulations can result in hefty fines, legal suits, and loss of reputation in case of data breaches and general loss of sensitive information.

Providing Competitive Advantage

Compliance with industry-specific regulations demonstrates to customers the willingness and seriousness businesses take toward data privacy and information security. Compliance can also help businesses improve their reputation, build customer trust, and enhance brand value.

Take the Hornetsecurity IT Compliance Survey now!

VeeamOn 2023 Virtual / Physical Event

 

Date: May 22-25 2023

Entry: FREE

Virtual Event registration is still available. To attend online, please register - click here

Referral : Lai Yoong Seng

Content: Learn the latest Veeam technology.

Attendee which has registered, you can view on-demand video - click here

Add Kasten Helm Repo

 To install the Kasten Helm chart, follow this step

[[email protected] ~]# helm repo add kasten https://charts.kasten.io/

"kasten" has been added to your repositories

Lastly, run 

helm repo update

Error: WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/ocp-install/auth/kubeconfig Error: no repositories found. You must add one before updating

 Error message when execute command helm version

WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /root/ocp-install/auth/kubeconfig

Error: no repositories found. You must add one before updating

Solution: Remove the permission

chmod o-r ~/ocp-install/auth/kubeconfig

chmod g-r ~/ocp-install/auth/kubeconfig

Once done, execute helm version again

[[email protected] ~]# helm version

version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"clean", GoVersion:"go1.15.11"}

More detail, please refer to https://github.com/helm/helm/issues/9115 

Access Denied ADMIN$

 Your machine is on workgroup and you would like to access the machine via share/credential.

Example:

\\computername\share

\\computername\ADMIN$

and has key-in computername\username but failed to gain access. The password is correct yet unable to access via Share. 

If you've encountered the same scenario, you can try this on the machine and put these registry key

Open Registry Editor

1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
2. On the Edit menu, point to New, and then click DWORD (32-bit) Value.
3. Type LocalAccountTokenFilterPolicy to name the new entry, and then press Enter.
4. Right-click LocalAccountTokenFilterPolicy, and then click Modify.
5. In the Value data box, type 1, and then click OK.
6. Exit Registry Editor.

This should do the trick and solve the problem

Create Vcenter SSH Public Key

 To use SSH public key on vcenter, you need to perform this steps:

1. Create Key using puttygen (download putty to use this tool)

a) click on generate

b) move your mouse cursor to generate

c) Save the public key

d) Save the private key

2. Use putty to SSH into vcenter

To enable and start the Bash shell, type

> shell.set --enabled True

> shell

3. Edit authorized_keys

> sudo vi ~/.ssh/authorized_keys

a) Insert the public key. Example that you have created

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw7K7657C3KVD8uEtuBxvEjPui4lD+xZqw0+k95mCH19/xOEWhY6UJREPVRTIw8sgIa2PvlUjuCh+m7ZUqHdheChFE55qxjvZLhGJrAU2MvpAv6ltL5ePUYo1iQYRD/PdMMJKY9EcOE7MOBFkSKKI9IYnLyGr3+6QDfSbeuLc42qNcxUQVTPhRAn6gbxj3ISTxOrf1PdwixbM5GGlyIPmYxzcRX91QFVuhsPfXPdOeWczm+0cBkqIPraRjBwmu3B5dTZz12EFQtQbZxc6fpxhyj0eIMsu8bFjk49IZkat1hLdP00unYOfyTrkAnF5XdtglNcw40ot5MwW4mRCKfGCZ rsa-key-20230406

b) save it and exit

4. To activate key authentication, you have to make sure /etc/ssh/sshd_config: has the following line

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Error "No suitable authentication method is supported. Supported method "publickey"

Error message when adding Linux credential on Veeam Console

Error "No suitable authentication method is supported. Supported method "publickey" 

Note: Below is for AWS EC2 VM access. We would like to use a password instead of using pem key.

#cd /etc/ssh

#vi sshd_config

Locate PasswordAuthentication no

Change to

PasswordAuthentication yes

Save it.

Restart the ssh service

#systemctl restart ssh

Create a new linux account and add into Veeam Console

Linux - Create another user with root right

Create another user & assign it as root right

# more /etc/passwd

ubuntu user is a root admin on the Linux VM

#-id -a ubuntu

Create another user "veeamadmin" & assign same right as ubuntu user.

#useradd -u 1001 -g 1000 -m -d /export/home/veeamadmin veeamadmin

Check veeamadmin

#id -a veeamadmin

#visudo

Go to #User privilege specification, after root entry, key in

veeamadmin ALL=(ALL:ALL) ALL

Save the file

Assign password to veeamadmin

# passwd veeamadmin

Key in your password

To verify, type

su - veeamadmin

Veeam V12 - Backup and Recovery Oracle Using RMAN

 Prior to v12, deployment of oracle rman and configuration is a tedious and manual process. With v12, it is a game changer. You can now deploy the plug-in & configure the backup job centrally from Veeam Console. View the below video in action

Veeam V12 - HPE Storeonce Immutability with Veeam

 Let's view immutability enhancement on Veeam v12 and HPE Storeonce

Veeam V12 - Object Storage Enhancement

 Let's move on to the next Veeam V12 next enhancement. The video below exploring on object storage

Deploy Veeam Linux Hardened Repository in 10 Minutes

 Having a hard time deploying Linux Repository?

Well, you need to have Linux knowledge to do so. However, you can refer to the below guide to learn how to setup within less than 10 minutes.

Veeam V12 - NAS Recovery Enhancement

We have performed NAS backup using Veeam V12, and it's time for us to look at NAS recovery. Click on the below video:

This World Backup Day, WIN with Hornetsecurity!

Did you know that throughout the years big data breaches and ransomware attacks have been increasing rapidly? With World Backup Day right around the corner, let’s take a moment to think about the data loss incidents – and remember how relieved we were to have a proper backup and security strategy in place! 

If you use Hyper-V or VMware, celebrate with Hornetsecurity. Take a chance and sign up for a 30-day free trial of VM Backup V9. 

HOW CAN YOU WIN?

1.     Sign up for a 30-day free trial of VM Backup V9

2.     Download & set up your backup in 3 Easy Steps using the Backup Wizard

3.     Send us an email at [email protected] with a screenshot of the VM Backup Dashboard showing us your first backup taken – this must show at least 1 backed up VM!

 

What are you waiting for? Sign up Now!

Enable Application Aware on Veeam Backup for AWS

 Before enabling application-aware processing backup on EC2 instance, follow below steps. 

Here are a few guidelines and steps for ensuring the VSS-enabled snapshots complete successfully.

https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/application-consistent-snapshots-getting-started.html#run-command-vss-role

1. The Windows instance must have the SSM agent installed and running. For system requirements and installation instructions for the SSM agent, visit the AWS Systems Manager documentation, https://docs.aws.amazon.com/systems-man ... l-win.html
2. The Windows instance must have an IAM instance profile attached that:
   * Allows Systems Manager to interact with the instance
   * Allows Systems Manager to create VSS-enabled snapshots
   For information on instance profiles and IAM policies required to create VSS-enabled snapshots, visit the AWS EC2 User Guide for Windows Instances, https://docs.aws.amazon.com/AWSEC2/late ... shots.html.
3. Ensure the IAM instance profile has the "AmazonSSMManagedInstanceCore" role attached.
4. Ensure the IAM instance profile has an IAM policy attached that allows VSS-enabled snapshots. See the following page for the JSON IAM policy for VSS-enabled snapshots, https://docs.aws.amazon.com/AWSEC2/late ... d-vss-role
5. The Windows instance must have the AWS VSS Components package (AwsVssComponents) installed. Installation instructions for the AWS VSS Components are in the AWS EC2 User Guide for Windows Instances, https://docs.aws.amazon.com/AWSEC2/late ... ss-package

Here are the steps I followed to fix the issue on one Windows 2012r2 EC2 (affected OS version):

1. Uninstalled SSM Agent on EC2 (cleaned %ProgramData% caching);

2. Installed AWS Tools and SDK (msi setup containing Powershell extensions enabler);

3. Installed SSM agent;

4. Distributed AwsVssComponents package (here i think was now the point);

5. Run Command AWSEC2-CreateVssSnapshot and worked

Set Postgresql Limit on Veeam Database

When you make changes to hardware for Veeam Database or want to set limit, you are required to re-run this command

Set-VBRPSQLDatabaseServerLimits

a) VBR + Database on the same server

Run 

Set-VBRPSQLDatabaseServerLimits

b) VBR Database on a different server/ remote server

Example: 16 cores, 30GB RAM

Set-VBRPSQLDatabaseServerLimits -OSType Windows -CPUCount 16 -RamGb 30

Set-VBRPSQLDatabaseServerLimits -OSType Linux -CPUCount 16 -RamGb 30

For more detail, please refer to https://helpcenter.veeam.com/docs/backup/powershell/set-vbrpsqldatabaseserverlimits.html?ver=120

Veeam V12 NAS Backup Enhancement

 View the below video on the latest v12 enhancement on NAS Backup

Enabled MFA on Veeam Backup Console

In v12, Veeam dropped a new security feature. You can now enable MFA for additional security before using the Veeam console. To view it in action, please view below video

AI: Friend or Foe? The Cybersecurity Implications of ChatGPT and AI tools

ChatGPT is an AI tool which has taken the world by storm, from writing full-length research papers to

its ability to write code in just a few seconds. Despite numerous benefits of this cutting-edge AI

technology tool, there are also security concerns which are being addressed by

Hornetsecurity will be hosting a live webinar on March 14 at 4:00pm CET to discuss both the

advantages of ChatGPT in terms of productivity and efficiency, as well as the potential risks

associated with its use.

Topics covered:

 How malicious actors can exploit the tool to write harmful code

 The increasing sophistication of cyberattacks

 Strategies for avoiding security breaches through improved security awareness and the use

of security solutions

 How Hornetsecurity’s AI solutions can help protect users from such threats

Register today to secure your spot and take part in the discussion.

SAVE YOUR SEAT

Error: Unable to connect to the server with MFA-enabled user account. Execution environment cannot be initialized to Remote

 Encountered this error message when using

• VBR v12 - Veeam Backup & Replication
• VRO v6 - Veeam Recovery Orchestrator

Error message:

"Unable to connect to the server with MFA-enabled user account. Execution environment cannot be initialized to Remote"

This happened when trying to add Microsoft Azure Recovery Location.

The problem is when using an account with MFA to connect from VRO to VBR v12.

[Solution]

1. Remove Orchestrator Agent that connects to VBR Server

2. Add a service account [without MFA] to VBR Server. Example: veeamlab\veeamsvc

3. Add the service account that you've used into VBR local administrator

4. Re-deploy the Orchestrator agent using the service account. Example: veeamlab\veeamsvc

Upgrade Veeam V11 to V12

 Veam just launched v12 for their Veeam Backup & Replication.

We do encourage you to 

1. Backup Configuration Catalog

2. Clone the VBR Server & perform a test upgrade on the isolated environment first

3. Identify issues and problems of the upgrade before doing it on the production environment

4. Review the Upgrade checklist :- https://helpcenter.veeam.com/docs/backup/vsphere/upgrade_vbr_byb.html?ver=120 

Don't rush to perform an upgrade to the production environment.

You may view on upgrade video on how the upgrade process looks like

Optional to migrate to Postgresql if you're running SQL Server. However, if you're using SQL Express, you may want to try to migrate the database.

Enjoy and Good luck with upgrading to Veeam V12. 

Stay tuned for daily releases on new enhancement V12 on my youtube channel

Veeam Services Unable to Start Due to Conflict

 After installation of veeam, you may encounter that services were not able to start.

The reason is probably in conflict with an existing application.

Example: 6161 is conflicting with other port

[To verify]

Open PowerShell and execute the command

Get-Process -Id (Get-NetTCPConnection -LocalPort 6161).OwningProcess

[Solution]

Open regedit, find the service port, and change it

Backup and Recover Microsoft SQL Server Running on a Container

 I've set up a lab environment. Scenario is 

MS SQL Server deployed as a container 

Management tool on Windows VM

In this demo, I've shown on how to perform a backup and recover the MS SQL Server database running on a container.

Earth Hour 2023

 

Hornetsecurity: Remote Management Survey Results

Hybrid and fully remote employees are officially mainstream and will definitely be a significant part of the employment landscape for the foreseeable future. The cybersecurity experts at Hornetsecurity wanted to learn more about how companies handle security when it comes to remote employees in 2022 and beyond.

To this effect, they conducted a survey among over 900 I.T. professionals from around the world, from various industries and company sizes, to find out more about their approach to remote management.

Here are the survey results highlights:

● 18% of I.T. professionals believe that remote employees are not working securely, and that company data is at risk. 

● According to 3 out of 4 I.T. professionals, employees are using personal devices to access sensitive company data. The majority of these cases are likely to be users accessing emails and documents on their personal mobile phones while using cloud-based systems office applications. 

● 1 in 3 organizations does not provide cybersecurity awareness training to remote employees. Considering that the main counter for the leading causes of cybersecurity issues is user training, the fact that 1 in 3 organizations does not provide said training to remote users is concerning.

● 1 in 6 organizations has suffered a cybersecurity incident directly related to remote working. 

If you want to learn more about the survey’s findings, you can find the full results and breakdown here.

Increase Kasten Catalog Storage

You may notice that Kasten indicated less than 50% on catalog storage. Less than 50% storage will not allow you to perform further Kasten upgrades. 

The first thing that you need to do is add more storage on the worker node & expand it.

If the problem still persists, then you need to increase the default catalog pv size from 20Gi to 40Gi.

Before you do that, you need to check and make sure your storage class allows you to do so.

Command:

kubectl get storageclass <storageclass> -o jsonpath={'.allowVolumeExpansion'}

Note:- take note of the dot inside the { }

The result must be "true"

Next steap

Run a helm upgrade to increase global.persistence.catalog.size to your desired value (example below sets to 40GB):

helm get values k10 --output yaml --namespace=kasten-io > k10_val.yaml && \
   helm upgrade k10 kasten/k10 --namespace=kasten-io -f k10_val.yaml \
   --set global.persistence.catalog.size=40Gi

You storageclass pv has increased to 40Gi

Kasten side: