I just got back from my first VeeamOn event in New Orleans, LA. Was by far one of the best events I have ever attended from a technical AND personal perspective. I think the volume of people and partners in attendance (3000+) speak to how successful Veeam has been at not only creating a great product but also a great ecosystem. This event also unveiled a LOT of new features/functionality that were direct results of customer/partner feedback to Veeam. In my own experience, I have consistently seen suggested features make their way into the products so it’s clear Veeam is listening. Also as a customer the level of innovation/R&D is impressive, Veeam is constantly pushing itself and consequently the backup industry to move forward fast, some of the features presented are so impressive that literally no one in backup world is doing yet.
Some of the existing features discussed during Gostev’s v10 (Coming Soon ) presentation:
- New Veeam Agents (Lin/Win). This is very exciting as this gives cloud/hybrid/on-prem solutions for any environment, running anywhere. We have been Veeam customers for quite a long time and I can still recall when Veeam was smaller them saying ‘we will never do agents’, glad to see they wisely reversed course on that attitude.
- Veeam CDP (Continuous Data Protection). This one is a biggie, with the addition by VMware of the IO Filtering APIs Veeam can now grab data continuously WITHOUT snapshots! This will be huge for many of our mission critical apps that don’t respond well to snapshotting especially for the quantity of restore points we want per app.
- Veeam and N2WS Partnership allowing backup of Amazon EC2 instances. This will help address a large gap in most public cloud providers: Backup of entire VM/instances not just in-VM agents!
- Scale-Out Repository With Archive Tier. This was very slick, they have now added an archive tier that can go to older/slower storage and/or also out to public cloud providers for long-term retention such as AWS S3 or Glacier, Azure, etc. The best part, this is all native in the console and couple clicks activates it! I think this feature will remove excuses for anyone not to have affordable long-term retention of data.
- NAS SMB/NFS Backups. This is another slick solution allowing Veeam to directly backup SMB/NFS shares, preserving perms/file versions, etc. Best part is it can restore to original location OR other locations which has some secondary uses for file migrations as well!
- Veeam Cloud Connect. There were a number of vendors now providing the Veeam Cloud Connect services. Many of them have dramatically expanded the offering to allow emergency environments during a disaster, secured replica seeding and other key features. For many business’ this could allow them to get rid of their DR sites and utilize these vendors saving time/money.
Of course there are MANY, MANY more items released or coming, for a better listing see here: https://www.veeam.com/blog
The conference had a good variety of sessions to attend in addition to the General Sessions. A few of my favorites….
Ransomware Session: It is clear by how full this event was, that everyone is interested in what we can do to protect. Lot of good best practices here, some of the top:
- Filter/limit untrusted sites, Skype file exchanges, Office exe/vbs/plugins execution.
- Don’t rely fully on AntiVirus to stop all threats (defense in layers)
- Use different credentials for Veeam environment
- Use SureBackup to ensure backups work if needed
- VLAN Segmentation to keep client devices separate from servers, helps reduce spread of issues.
- Airgap backups, with the ability of some of these wares to easily spread its important to have copies that are not network-accessible. This is where tape, offsite Cloud Connect or even Archive to AWS/Azure would be helpful.
- User Education to ensure they aren’t falling for attacks or providing access if threats are able to bypass security layers.
- Keep Veeam And Backup Stores separate via different credentials, VLANs, etc.
- Have good monitoring in place to detect anomalies.
- Use “least privilege” model for permissions.
- One not covered at the event but one I think is super helpful is Software Restriction Policies (a native Group Policy option) running in whitelist mode. This will basically immediately block all threats from running unless they are whitelisted or trusted Windows services. In my experience this helps stop a LOT of these ransomware attacks as they would be prevented from executing in the first place. It does take some time to setup/test the policies but it pays dividends later.
Microsoft Office365 Whats Next
This was a MUST attend for me as our use of Office365 continues to skyrocket and being able to protect data/assets is critical. Microsoft does a poor if non-existent job of this currently so the need for external backup is critical. There are some exciting things coming in the Office365 suite, in 2 separate phases. Version 1.5 which hopefully is coming in June/Aug of this year will breakout the roles (proxy/server) to allow flexibility and scalability for larger environments, add PowerShell/Restful API support and other improvements. Version 2.0 which hopefully will be before year end is the most exciting as it will include backup for Sharepoint/Onedrive. THIS IS THE CRITICAL FEATURE WE NEED MOST! If you are wondering does Veeam listen to customers, answer is a YES, check out the forums, lots of folks wanting this and it is on the list: https://forums.veeam.com/veeam-backup-for-microsoft-office-365-f47/
These improvements will make it easy to recommend we purchase this product once our 1 year free license expires.
- One thing I really appreciate about Veeam is how open and transparent it is. A large number of these sessions were hosted not by sales people but by Veeam engineers or managers that actually work the product so deep technical was possible as well as honest conversations about roadmap, why did you do it that way, etc. Being able to ask the Product Managers direct questions is really cool and helps when roadmap planning internally.
- Veeam also allows customers to get up and present, saw some cool sessions from the University of British Columbia and others that were deep technical and not just sales events. Also covered some good best practices and thoughts/comments about what works and what doesn’t.
- I saw a lot of innovation/R&D work on display at this event. Many features were direct out of customer conversations or forum posts.
- Networking potential at this event was HUGE! There were literally people from every corner of the planet, I met some folks from Canada, Germany, Russia, Mexico and China.
- Veeam had a strong partner ecosystem on display as well, see the floor Expo below, tons of vendors offering complementary solutions to Veeam and all the big names: Dell, HPE, Cisco, etc.
- Tons of great swag/giveaways at this event. Even the basic conference bag that everyone got was good, combo backpack/carry bag and good build, spots for water and snacks.
- New Orleans is a great city, lots of cool stuff to see/experience and a great location for VeeamOn! I didn’t have a ton of time or energy to do too much exploring but did look around, some pics:
- Veeam knows how to throw a conference and a party! I was surprised by the quality and quantity of the food and parties. Almost every night there was some kind of event or thing to do, got to see a lot of NOLA places in a short period of time!
Overall was a very good conference, learned a lot, met/networked with a lot of great people and got a good feel for the Veeam 2017 roadmap, was most excited to see it aligned with the directions we need for our use cases! Next year’s VeeamOn will be in Chicago which is even closer for me so hoping, schedule allowing, I will be able to attend again.