VeeamOn 2017: Recap

I just got back from my first VeeamOn event in New Orleans, LA. Was by far one of the best events I have ever attended from a technical AND personal perspective. I think the volume of people and partners in attendance (3000+) speak to how successful Veeam has been at not only creating a great product but also a great ecosystem. This event also unveiled a LOT of new features/functionality that were direct results of customer/partner feedback to Veeam. In my own experience, I have consistently seen suggested features make their way into the products so it’s clear Veeam is listening. Also as a customer the level of innovation/R&D is impressive, Veeam is constantly pushing itself and consequently the backup industry to move forward fast, some of the features presented are so impressive that literally no one in backup world is doing yet.

Some of the existing features discussed during Gostev’s v10 (Coming Soon ) presentation:

  • New Veeam Agents (Lin/Win). This is very exciting as this gives cloud/hybrid/on-prem solutions for any environment, running anywhere. We have been Veeam customers for quite a long time and I can still recall when Veeam was smaller them saying ‘we will never do agents’, glad to see they wisely reversed course on that attitude.
  • Veeam CDP (Continuous Data Protection). This one is a biggie, with the addition by VMware of the IO Filtering APIs Veeam can now grab data continuously WITHOUT snapshots! This will be huge for many of our mission critical apps that don’t respond well to snapshotting especially for the quantity of restore points we want per app.
  • Veeam and N2WS Partnership allowing backup of Amazon EC2 instances. This will help address a large gap in most public cloud providers: Backup of entire VM/instances not just in-VM agents!
  • Scale-Out Repository With Archive Tier. This was very slick, they have now added an archive tier that can go to older/slower storage and/or also out to public cloud providers for long-term retention such as AWS S3 or Glacier, Azure, etc. The best part, this is all native in the console and couple clicks activates it! I think this feature will remove excuses for anyone not to have affordable long-term retention of data.
  • NAS SMB/NFS Backups. This is another slick solution allowing Veeam to directly backup SMB/NFS shares, preserving perms/file versions, etc. Best part is it can restore to original location OR other locations which has some secondary uses for file migrations as well!
  • Veeam Cloud Connect. There were a number of vendors now providing the Veeam Cloud Connect services. Many of them have dramatically expanded the offering to allow emergency environments during a disaster, secured replica seeding and other key features. For many business’ this could allow them to get rid of their DR sites and utilize these vendors saving time/money.

Of course there are MANY, MANY more items released or coming, for a better listing see here: https://www.veeam.com/blog

The conference had a good variety of sessions to attend in addition to the General Sessions. A few of my favorites….

Ransomware Session: It is clear by how full this event was, that everyone is interested in what we can do to protect. Lot of good best practices here, some of the top:

  • Filter/limit untrusted sites, Skype file exchanges, Office exe/vbs/plugins execution.
  • Don’t rely fully on AntiVirus to stop all threats (defense in layers)
  • Use different credentials for Veeam environment
  • Use SureBackup to ensure backups work if needed
  • VLAN Segmentation to keep client devices separate from servers, helps reduce spread of issues.
  • Airgap backups, with the ability of some of these wares to easily spread its important to have copies that are not network-accessible. This is where tape, offsite Cloud Connect or even Archive to AWS/Azure would be helpful.
  • User Education to ensure they aren’t falling for attacks or providing access if threats are able to bypass security layers.
  • Keep Veeam And Backup Stores separate via different credentials, VLANs, etc.
  • Have good monitoring in place to detect anomalies.
  • Use “least privilege” model for permissions.
  • One not covered at the event but one I think is super helpful is Software Restriction Policies (a native Group Policy option) running in whitelist mode. This will basically immediately block all threats from running unless they are whitelisted or trusted Windows services. In my experience this helps stop a LOT of these ransomware attacks as they would be prevented from executing in the first place. It does take some time to setup/test the policies but it pays dividends later.

Microsoft Office365 Whats Next

This was a MUST attend for me as our use of Office365 continues to skyrocket and being able to protect data/assets is critical. Microsoft does a poor if non-existent job of this currently so the need for external backup is critical. There are some exciting things coming in the Office365 suite, in 2 separate phases. Version 1.5 which hopefully is coming in June/Aug of this year will breakout the roles (proxy/server) to allow flexibility and scalability for larger environments, add PowerShell/Restful API support and other improvements. Version 2.0 which hopefully will be before year end is the most exciting as it will include backup for Sharepoint/Onedrive. THIS IS THE CRITICAL FEATURE WE NEED MOST! If you are wondering does Veeam listen to customers, answer is a YES, check out the forums, lots of folks wanting this and it is on the list: https://forums.veeam.com/veeam-backup-for-microsoft-office-365-f47/

These improvements will make it easy to recommend we purchase this product once our 1 year free license expires.

Other Thoughts/Comments…

  • One thing I really appreciate about Veeam is how open and transparent it is. A large number of these sessions were hosted not by sales people but by Veeam engineers or managers that actually work the product so deep technical was possible as well as honest conversations about roadmap, why did you do it that way, etc. Being able to ask the Product Managers direct questions is really cool and helps when roadmap planning internally.
  • Veeam also allows customers to get up and present, saw some cool sessions from the University of British Columbia and others that were deep technical and not just sales events. Also covered some good best practices and thoughts/comments about what works and what doesn’t.
  • I saw a lot of innovation/R&D work on display at this event. Many features were direct out of customer conversations or forum posts.
  • Networking potential at this event was HUGE! There were literally people from every corner of the planet, I met some folks from Canada, Germany, Russia, Mexico and China.
  • Veeam had a strong partner ecosystem on display as well, see the floor Expo below, tons of vendors offering complementary solutions to Veeam and all the big names: Dell, HPE, Cisco, etc.
  • Tons of great swag/giveaways at this event. Even the basic conference bag that everyone got was good, combo backpack/carry bag and good build, spots for water and snacks.
  • New Orleans is a great city, lots of cool stuff to see/experience and a great location for VeeamOn! I didn’t have a ton of time or energy to do too much exploring but did look around, some pics:


  • Veeam knows how to throw a conference and a party! I was surprised by the quality and quantity of the food and parties. Almost every night there was some kind of event or thing to do, got to see a lot of NOLA places in a short period of time!





Overall was a very good conference, learned a lot, met/networked with a lot of great people and got a good feel for the Veeam 2017 roadmap, was most excited to see it aligned with the directions we need for our use cases! Next year’s VeeamOn will be in Chicago which is even closer for me so hoping, schedule allowing, I will be able to attend again.

Advertisements

My Workspace 2017

Thought I would change pace from usual deep-technical stuff and showcase my current workspace at work. I like a minimal-type approach to things so I can stay focused on my work. My 2 “daily driver” devices are a Microsoft Surface 3 on the Microsoft docking station and an HP T520 Win10 Thin Client, both of these devices I have hidden in my office cabinets so my workspace is neat and tidy. Below is my current workspace and some notes about it:

kensiltra-workspace-2017

Monitors
HP V242H 24″ monitors
The thing I like about these units is that they have VGA/HDMI/DVI inputs so I can easily toggle between different devices, I also have some video feeds of items like our monitoring wallboard (PRTG Map), security cameras, etc. Gives me a lot of flexibility in customizing my workspace without touching cables or spending a lot of time. At some point I could probably invest in a video switcher or KVM but for now this is working well. These are pretty basic LED 1080p displays, nothing fancy but they produce a nice image. I don’t do much video/graphic editing so they work great.

Monitor Mount
Mount-It! Dual Monitor
Not the fanciest mount in the world, I got it on sale for around $30 from Amazon, it has cable management and is pretty flexible. Only bummer is the monitors side-by-side are slightly off alignment due to how the arms mount, there is some “give” in the bracket. For the price though it is a decent unit and I’ve been happy with it.

Photo Frame
This is a PanDigital digital photo frame. It is cheap and runs a bunch of personal pics of the kids, wife, vacations, etc. from a USB drive. Can schedule it to turn on when I get in and shut off automatically so accomplishes the need.

iPhone Dock/iPhone
I have an iPhone 6s that I dock on a standard iPhone Lightning Dock
H
as the option to also plugin my headphones if I am on a conference call or want to listen to music during the day plus charges my phone.

Keyboard/Mouse
I don’t do a ton of “fancy” work so a simple keyboard and optical mouse are fine. I use the standard ones HP ships with their thin clients. So far working good. My mousepads are a combo collection I have had for years of a Dell one on top and a consulting house’s pad on the bottom, don’t ask me why but they have stuck with me through 3 different employers now.

Water Bottle
We don’t have filtered water at my work so I just use this guy, its a Brita Filtered Bottle. It will filter your water as you drink, does have some reduced flow though but a nice bottle overall for the work day.

That is pretty much it for my day-to-day work environment. I like to keep things simple and reliable so I can remain focused day to day. I keep dreaming of the day I can get rid of both my current devices (Surface 3 and HP Thin Client) and just use an iPad Pro but the current lack of mouse support really kills this dream, especially since Apple advertises this as a “PC Killer” type device. I got some inspiration for this post from the following sites, thought I would link them to say thanks. Keep watch for another post on my EDC (Every Day Carrier) bag and some of the items I use daily!

Mac Setups From OSXDaily

Brent Ozar: SQL Guru’s Workspace