Should You Upgrade with Veeam’s 23H2 Release
Veeam has recently announced the 23H2 release of its Data Platform including Veeam Backup & Replication™ v12.1, as well as Veeam ONE v12.1 and Veeam Recovery Orchestrator v7. Though this is considered a minor patch release, there are some exciting new features that can greatly improve your company’s data protection and security posture. As a leader in data protection, VBR 12.1 reinforces Veeam’s commitment to protecting your data by introducing these new features.
With AI being the new rage, Veeam chose to implement an AI-powered inline malware detection during backups. This new feature gives you the ability to identify suspicious files on a guest OS file system. This gives your team a low-impact analysis of your data during backup processing, automatically detecting and identifying new threats for you. While this doesn’t replace EDR/XDR software it adds a complimentary tool in your toolbox, providing another method of alerting for security threats.
Along these same lines, there is also a new API integration with your EDR/MDR/XDR platform to automate backup checkpoint health during a security event. For example, if your EDR or XDR software identifies an attack or malicious behavior in a customer environment it can alert Veeam of this behavior and mark all subsequent restore points as infected to help identify which backups could be safe to restore from, and which are potentially infected.
Additionally, VBR 12.1 also adds the ability to scan your backups via YARA rules (Yara rules identify and classify malware). Once an infection or malicious files have been identified in a customer environment, YARA rules can be used to scan through backups to identify if a restore point is clean and safe to restore to help prevent reintroducing malware into an environment during a recovery event.
Lets talk about upgrades, the upgrade process is relatively straightforward and certainly quicker than the v11 to v12 upgrade. If you are going to tackle the upgrade with your team and you are using local immutable Linux repos, you will need to enable SSH and provide root credentials for the upgrade. (for the time being, enabling SSH on a hardened Linux repo is a requirement for the 12.1 patch to be successfully installed. This is a bit of a change from the v12 upgrade which removed the dependency for SSH and root credentials being used to help with repo security and access over the network). Veeam has indicated that this requirement will be fixed in a coming patch for 12.1. If you are not able to safely re-enable SSH, you may want to follow Veeam’s advice and wait for the patch where this requirement is removed.
Overall we believe this patch is worth the upgrade to your existing Veeam environment (from versions 10, 11 and 12) because of the ability to backup object storage directly, stronger backup encryption, more flexible data management and faster recovery. Comport can help get you upgraded and ensure your data protection strategies are being met. Contact our experts today.
Written by Adam Lion
