For the past twenty-five years, I’ve worked in the IT field. In recent years, I’ve unfortunately found myself with a lot of free time due to hobbies I can no longer pursue, so I’ve decided to have some fun managing a small portfolio of stock investments on my own. I primarily invest in ICT-related stocks on the NASDAQ market.
I’ll be sharing some personal insights on my blog.
I’ve bumped into this really sad story
Certainly, this is an extreme case, and** I assum**e it has been resolved in some way. However, to sleep soundly and avoid unpleasant surprises in the event of programming or backup chain management errors, I always recommend relying on cloud storage services that charge only based on the space used, not on operations. Errors in operation-based services could inadvertently cause costs to skyrocket.
A little gem I recently discovered is vHC, also known as Veeam Health Check. It’s a super simple tool that generates a health status report for your VBR server.
It’s incredibly easy to use: just extract it and run it. The tool can generate either full reports or anonymized ones.
You can find it directly on the VeeamHub site. It’s open-source but comes with no guarantees, so you’ll be using it “at your own risk.” That said, considering it only performs reporting — essentially running SELECT queries on the database — it should be reasonably safe to use.
For some time now, the Veeam console has included a “Best Practices Analyzer” that helps us identify basic improvements that can be made to the operating system and software configuration to enhance server security.
An official script is also available to help implement the desired changes quickly, and it can be found here.
Script to Automate Implementation of Security & Compliance Analyzer Recommendations
If desired, necessary, or feasible, you can take things further. A publicly available tool is also provided to help strengthen your server. This tool is an open, voluntary, and free contribution; it is tested only on Windows Server 2022 and, naturally, comes with no guarantees or official support.
Big news dropped today about the upcoming Veeam v13 — the first version you’ll be able to install on Linux! 🎉
First off, don’t panic: the current v12 will be supported at least through 2025 and 2026. You have a lot of time in case of troubles, but sure you will be excited about trying it and you won’t be waiting so long, I’m sure.
Is it okay to enable vCPU Hot Add on VMs (especially Windows ones)? Will it cause issues?
After diving into a discussion on the topic, I came across two articles: one a bit older:
https://frankdenneman.nl/2017/04/14/impact-cpu-hot-add-numa-scheduling/
and another more recent:
https://blogs.vmware.com/apps/2021/06/cpu-hotadd-for-windows-vms-how-badly-do-you-want-it.html
Piecing together the insights from both, it seems fair to say that CPU Hot Add won’t cause problems if the following two rules are met:
It’s not exactly news, but it’s easy to overlook: since Veeam version 12, physical machines (yes, physical, obviously) acting as Linux Hardened Repositories can also take on the role of Proxy! The only catch is that the transport method is limited to Network mode. This means the repo machine must be able to reach the management interfaces of your ESXi hosts. And, of course, it’s way better if those connections are 10Gbit/s or faster.
Happy New Year, everyone! Here’s a handy tip that might have slipped under your radar — it certainly did for me. By default, there’s a policy in place for accounts created in the vsphere.local domain of your vCenter. One key impact of this is that passwords expire every 90 days.
The good news? You can easily adjust this setting to extend the expiration period or even disable it entirely. According to the documentation, setting the expiration period to 0 days effectively turns off the automatic password expiration.
With the last versions of Veeam (since 12.2 if I remember well) this warning is seen injobs involving *nix VMs
this is the very same warning you get when you connect in ssh to a new VM
it means “this machine is unknown, maybe you think you’re connecting to the desidered machine, but maybe a Man-In-The-Middle attack is ongoing and you risk to give the access credentials to a bad guy.
one of the most interesting feature is the “antivirus engine” Veeam Threat Hunter
it’s explained in the official documentation here
I wanted to update my previous post because the location of the log files where we can see the scan result is different. And it’s no longer mentioned in the VBR console:
the new location is
C:\ProgramData\Veeam\Backup\FLRSessions\Windows\FLR___\Antivirus
in the **mount server **(the VBR server in simple installations) used for the restore. The FLR keyword let us understand it’s a kind of a File Level Restore. (What’s the mount server? read here)
