Seit heute früh ist Version 12.3 der Veeam Data Platform released. Im Rahmen des V100-Programms hatten wir bereits die Gelegenheit, erste Erfahrungen mit ein paar Features zu sammeln.
Ich habe Euch direkt entsprechende What’s New Artikel bei Veeam verknüpft. Diese findet Ihr anbei:
Veeam Backup & Replication v12.3 – What’s new
Veeam ONE – What’s new
Wie üblich, bitte die Release Notes sorgfältig lesen, die unter Veeam Backup & Replication 12.3 Release Notes und Veeam ONE 12.3 Release Notes verlinkt sind. Beachtet bitte die vorgeschriebene Reihenfolge des Upgrade-Szenarios, wenn ihr ONE, den Enterprise Manager oder den Orchestrator einsetzt.
Für unsere Kunden und mich ein paar nennenswerte Neuerungen oder auch Highlights, anbei kurz aus den oben verlinkten Release Notes selektiert:
Veeam Backup & Replication
Microsoft Entra ID (New Cloud Workload Support)
Microsoft Entra ID is a cloud-based Identity and Access Management (IAM) system that delivers access to your internal and external resources. But Entra ID is much more than just a directory of users and groups, and protecting this data and knowledge is paramount. Entra ID is at the core of nearly every organization and is essential to keep your business running, and Veeam can now give you peace of mind by protecting it. Key highlights of Veeam’s Microsoft Entra ID support include:
- Accelerate change detection — Quickly identify and revert changes created by human error, threat actors, automated attacks, and more when restoring Entra ID data. Bolster your forensic investigations with a point-in-time copy of your IAM data.
- Simplify governance, risk and compliance — Reduce risk and stay compliant through fast, automated backup processes to reduce human error risks, ensuring consistent resiliency practices. Unlock cost effective, long-term audit and sign-in log storage with unlimited retention to be able to easily go back in time during internal investigations of cybersecurity incidents.
- Rapidly restore your business — Bring your business back online in seconds by pinpointing broken or missing app registrations and restoring them in seconds with comprehensive app registration recovery. Using object-level recovery empowers you to choose exactly what data you restore.
- Role-based access for restores — Contrary to alternate solutions, which perform backup and restore operations under a single almighty account, Veeam relies on the native Entra ID permission system to ensure Entra ID administrators are unable to restore and/or overwrite data they do not have privileged access to.
Microsoft Windows Server 2025 (New Data Center Workload Support)
Upgrade to the latest Microsoft releases with confidence thanks to the official support for:
- Microsoft Windows Server 2025 and Microsoft Windows 11 24H2 support — Included as a guest OS of protected machines, for installation of Veeam Backup & Replication components, and for agent based backup with the Veeam Agent for Microsoft Windows 6.3 (included in V12.3).
Cyber Resiliency Enhancements
Indicators of Compromise (IoC) Detection
Stop cyberattacks right in their track with the built-in detection of early indicators of compromise (IoC) on protected machines. V12.3 leverages its file system indexing functionality to detect and report the sudden appearance of utilities from hacker’s toolkit, which are commonly utilized by cybercriminals for lateral movement, data exfiltration, command and control, stored credential access, and more, with the list of tools constantly updated by Veeam.Detecting the appearance of such tools significantly reduces the Mean Time to Detect (MTTD) threats, providing you with an opportunity to react before attackers can inflict significant damage. This lightweight and scalable detection of IoC on all protected machines is meant to draw your attention to potential issues. In cases when an attack is suspected, we recommend performing a more thorough scan of affected machines using the Recon Scanner available from Coveware by Veeam.
Veeam Threat Hunter
Many customers love the idea of using backups to identify potential dormant threats in their environment. Whether through periodic manual spot-checks, continuous scheduled scans (powered by SureBackup), or alert-driven scans, risks can be uncovered without adding overhead to production environments while allowing for a fast response from security teams.However, one of the challenges with searching for threats is knowing what to look for. While YARA scans are fast, they can only search for a strictly defined list of signatures, which can be problematic when proactively looking for unknown threats. Although incredibly useful for a forensic investigation, it is not optimal as a defensive measure. On the other hand, purpose-built antivirus software avoids this issue by having millions of malware signatures in its database, but their speed and performance can be difficult to scale.
V12.3 brings the best of both worlds — the speed of YARA scans and the breadth of malware detection of a classic antivirus — with the new Veeam Threat Hunter. This advanced signature-based malware detection engine is integrated directly into Veeam Backup & Replication data processing engine for significantly faster scanning than with the Bring Your Own Antivirus approach, with the breadth of malware detection that YARA scans cannot touch.
Key benefits of Veeam Threat Hunter include:
- Built directly into Veeam Data Platform to offer highly optimized, accelerated signature-based backup content scans for malware while reducing costs and freeing up your critical IT resources from managing a third-party antivirus scanner on your mount hosts.
- Veeam Threat Hunter employs machine learning (ML) and heuristic analysis to identify advanced threats such as polymorphic malware, which are impossible to detect with YARA rules due to the dynamic nature of signatures of each malware instance.
- Updates to threat signatures and ML models used to detect polymorphic malware are delivered multiple times per day to quickly expand detection to newly developing threats.
Veeam Data Cloud Vault
Access to secure, affordable cloud storage has never been easier! Veeam Data Cloud Vault, our first-party cloud object storage offering, now features a more simplified onboarding experience, providing instant access to ultra-reliable yet competitively priced cloud storage. Key benefits of the updated Vault include:
Uncompromising security and reliability — Safeguard your offsite backups on cloud object storage that is always immutable and always encrypted, now with up to 12 nines of durability.
Unbeatable price and predictability — Choose between two new editions tailored specifically for primary and secondary backup use cases, both fully managed by Veeam with all-inclusive pricing lower than DIY solutions on leading hyperscalers.
Unbelievable ease — Provision and monitor your Vault directly from Veeam Data Platform for a straightforward and seamless cloud storage experience.
Unmatched flexibility — Vault can be used as a backup target in any product edition, including in the Community Edition, which does not normally allow backup to object storage.
Veeam Enterprise Manager
Restore To option — Previously available only in the Backup Browser of the backup console, the “Restore To” option has made its way to the Veeam Backup Enterprise Manager web UI. This feature enables users to specify any Windows-based server in the environment to restore to, enhancing flexibility and operational efficiency.
Restore point selector improvements — The restore point selection control now includes a tooltip with a job name to provide users with additional information to help them make the correct selection and reduce errors.
Secure LDAP connections support — Connections from Enterprise Manager to domain controllers now support secure LDAP for added security of traffic encryption.
Veeam ONE – Major new Features
Veeam Intelligence
Proactive Intelligence at Your FingertipsIntroducing Veeam Intelligence, our next generation AI-driven insights directly within Veeam Data Platform. Intuitive, in-product assistance enables admins to optimize backup performance, proactively address potential risks, and make data-driven decisions quickly, improving efficiency and reducing the burden on IT resources.
Veeam Intelligence Benefits:
- Provides actionable insights and recommendations that enable the IT teams to operate more efficiently and focus on higher-level strategic initiatives.
- Help streamlining backup processes from small to medium-sized businesses with limited time, resources, or expertise. Veeam Intelligence helps these businesses to enhance their security posture, and the need to make informed decisions quickly, without requiring additional skillsets.
- Reduce the burden of governance, risk, compliance by unlocking immediate insights into your current protection status and infrastructure.
In v12.3, Veeam Intelligence is shipping with three different modes admins can choose from:
- Disabled: Veeam Intelligence is disabled, Veeam ONE administrators cannot ask questions in natural language regarding the environment, or get product help from Help center.
- Basic: Option that is enabled by default after upgrading to 12.3. This Veeam Intelligence mode allows Veeam ONE Administrators to get quick and detailed answers about anything related to Veeam ONE, or any other Veeam products.
- Advanced: The superior and most complete Veeam Intelligence option. Veeam ONE Administrators can get insights about their Data Protection, as Veeam Intelligence queries data that matches the question in natural language, adds context, and provides a comprehensive answer with actionable steps to follow.
Restore Point Objective Observability
Veeam Data Platform is the cornerstone of a Resilient Data Protection strategy. Starting with Veeam ONE v12.3, we are expanding real-time notifications for those critical workloads that should not be missing an RPO window.
- New VM Backup RPO Alarm (Nutanix AHV, Proxmox VE, and KVM): A dedicated alarm is now available, so business can create alarms assigned to these workloads, and receive notifications when the RPO has been reached.
- New Cloud Instance RPO Alarm: A dedicated alarm is now available across various Hyperscalers, and the different workloads Veeam supports. This alarm includes the required granularity to provide specific alarms based on: desired RPO, platform type, workload type, workload name, and protection type.
Veeam Cyber Resilience Observability
Support for new Veeam Threat Hunter, and Veeam Indicators of CompromiseVeeam ONE v12.3 elevates customers cyber resilience strategy by integrating support for the new Veeam Threat Hunter and Indicators of Compromise (IoC) Detection included within Veeam Backup & Replication v12.3. These enhancements are supported out-of-the box across the Veeam ONE functionality, including:
- Threat Center: Introducing Veeam Threat Hunter and IoC detections to our visually engaging “Malware Detections” world map. This interactive map provides a global view of detected threats within your environment, allowing you to quickly identify and assess potential security risks across different locations.
- Reporting: Enhanced the report “Malware Detection” report offering in-depth insights into any malware or IoCs identified by Veeam Threat Hunter or IoC. This report helps you understand the scope and impact of potential threats, aiding in compliance and audit requirements.
- Alarms: Enhanced the “Potential infrastructure malware activity” alarm. This alarms immediately notifies when potential threats are identified by Veeam Threat Hunter or IoC Detection. With the capability to forward these alerts to Syslog, creating incidents to ServiceNow, SNMP, or email, you can integrate them seamlessly into your existing incident response workflows for swift action
Viel Spaß beim lesen der Release Notes und natürlich mit den neuen Features. Die erste Installation im Lab ist bereits erfolgreich aktualisiert worden 😉💚 Interessant auch der Hinweis zum neuen Threat Hunter, siehe Screenshots.