11/13/2023 0 Comments Hpe storeonce backup![]() VBM using (home → backups) if your datetime is correct on both devices.īut if the datetime of your StoreOnce is somehow in the future it seems to delete it. We are also able to delete this file in the catalyst store directly or through (files → storeonce), whereas the. P20230223: We tested the HPe StoreOnce and its behavior as well and found out that the .VBM file is indeed not immutable. VBM file deletions,ĭid you manage to get more info and can you share the link? I couldn’t find the forum post that you mentioned in your topic about. monitor the immutability setting in Veeam: If an attacker can’t delete your backups, he might just alter or completely disable immutability in Veeam.keep the iLO Interface secure or even disconnected: all StoreOnce security measurements won’t help if someone physically wipes the device remotely via iLO.I would even go as far and say that you print them out and stick them physically on the StoreOnce.an attacker will be able to circumvent the immutability if he gets access to those credentials.keep the Security Officer’s credentials secret.Therefore I will just quote my recommendations from my first post: But it doesn’t offer 100% security (nothing does) and is only a part of the complete backup solution. Immutability on a HPE StoreOnce system is a great addition for the security of your backup files and I recommend that you enable it by default. In addition, be aware that wiping the store is also possible via Remote Management (iLO) of your physical StoreOnce, or via the hypervisor of the virtual appliance. Just like in the last scenario, if an attacker gets access to both the administrator and security officer credentials, there’s nothing which prevents him from wiping all backups. The danger is, that an attacker deletes the whole StoreOnce Catalyst store from within the StoreOnce management GUI.Īs Dual Authorization is enabled, the Security Officer needs to approve the deletion of the Catalyst store.Īfterwards, the Store and all of it’s content is gone. The backup files itself are protected by immutability and cannot be deleted from inside Veeam. So it’s essential to keep the credentials of this user secret. ![]() And as expected, it was possible to delete the backup file.Ĭhanging the date on the StoreOnce requires an approval of the Security Officer. Then I changed the date on the VBR server and the Storeonce, and deleted the backup from the VBR console. Now I was interested in finding out what would happen if we change the date on both VBR and StoreOnce. I’ve posted this behaviour in the R&D forums and will update my post on how to make such files available again. On the other hand it cleaned up the VBM and the entry in the configuration database. This means, Veeam isn’t able to delete the file because of it’s immutability. I was glad to still see the backup file via the StoreOnce Web GUI. Also a rescan didn’t re-import the backups. Trying to delete the backup files ended with a warning.ĭespite the warning, the job/restore point was no longer displayed in the Veeam console neither under Disk, nor as imported or orphaned. So I changed the date of my VBR server and afterwards the backup file was marked as expired. I would expect that changing the time/date on the VBR servers doesn’t affect the immutability of the backup files. All other files keep their last immutable timestamp. Disabling immutabilityĪlso disabling immutability only affects newly created backup files. For existing files/chains, the previous value is remained. Decreasing immutabilityĭecreasing the immutability only affects newly created backup files. As expected only the current chain gets the update, all other chains will keep their previous configuration. Next I wanted to find out what happens if I increase the immutability. So keep in mind, that your historical or GFS restore points won’t be protected, if you enable immutability. After enabling immutability, the current chain is made immutable, while all other backup files aren’t.Īfterwards I tried to remove all restore points via the Veeam Console, and not surprisingly all restore points except the 2 immutable ones were deleted. This is also exactly what I could reproduce in my lab environment. All other existing backup chains won’t be touched and therefore stay mutable. So, after you configure immutability, the current or new backup chain will be made immutable. Note that if you enable immutability and Veeam Backup & Replication does not start a new backup chain and still continues the chain, the whole backup chain is marked as immutable. Let’s take a look at the Veeam helpcenter: If you have existing Catalyst stores, the good news is that it’s possible to enable immutability for them. Enable immutability for existing Catalyst stores In this post I want to focus on how immutability behaves in different scenarios. ![]() ![]() In my last post I covered the requirements and necessary steps to configure immutability for HPE StoreOnce with Veeam V12.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |