The highly flexible nature of Linux as an open-source system allows everyone to use it in their own unique way. This flexibility often creates compatibility challenges for backup software that depends deeply on the operating system. Even minor changes can cause backup failures, which is why backup software typically maintains a compatibility list—systems not on this list usually won’t work properly.

These issues are common throughout the open-source world. While there’s no single solution to solve everything at once, addressing the majority of cases would be a significant improvement, wouldn’t it?

In my previous post, I introduced Veeam’s Managed Hardened Repository community preview. Today, I’ll walk you through the complete installation and configuration process step by step.

For this deployment, I used a VMware virtual machine for convenience. If you have dedicated hardware available, you can deploy on physical servers instead. Should you encounter any issues during deployment, please reach out with your feedback - it helps improve the community preview.

Since Veeam v11, Veeam introduced the Hardened Backup Repository, which has been widely adopted by Veeam customers worldwide. Many customers have built their own hardened repositories using Linux systems, providing Veeam with secure and reliable data storage that has successfully resisted various ransomware attacks.

Over the past few years, to help everyone configure hardened repositories more conveniently, I’ve created several scripts and tools:

• Using This Method, Your Backup Data Will No Longer Fear Ransomware
• Veeam Hardened Linux Repository Configurator
• Further Security Hardening of Ubuntu Systems for Veeam Hardened Repositories

On September 30th, the Veeam R&D team officially released another deployment method for the Hardened Repository - a Linux ISO for building systems “from scratch.” Administrators can use this Veeam-packaged ISO to quickly deploy bare-metal servers, install the Hardened Repository operating system, and once installation is complete, the system will have already deployed a series of Veeam Hardened Repository best practices. Administrators can then perform subsequent configuration and management in VBR.

In our rapidly evolving digital world, staying ahead isn’t just an advantage—it’s essential. VMware Explore 2024 serves as a premier platform that brings together global IT professionals, showcases cutting-edge technology achievements, and explores future innovation trends. This year, the event takes place in the beautiful city of Barcelona from November 4th to 7th, promising an inspiring and enlightening technical feast for all attendees.

Whether you’re a seasoned IT professional or just beginning your journey in technology, VMware Explore offers invaluable learning opportunities and industry insights for everyone. Attendees will have the chance to experience the latest technological innovations firsthand, gain insights from industry leaders, connect with peers from around the world, and draw inspiration to expand their thinking.

In VDP v12.1, not only have security scanning capabilities been added during and after backup processes, but significant enhancements have also been made to monitoring and compliance management. To better help administrators improve backup system security, VBR has introduced a fully automated security compliance checking capability called Security & Compliance Analyzer. Additionally, in the Enterprise Edition, a completely new Threat Center dashboard has been launched.

Security & Compliance Analyzer

This component actually existed in v12, where it was called Best Practices Analyzer, but the first version’s functionality wasn’t quite comprehensive and its detection capabilities were somewhat limited. In the new version, Best Practices Analyzer has been renamed to Security & Compliance Analyzer, and its capabilities have been significantly enhanced.

Following up on yesterday’s post, let’s dive into the second major update: YARA Scan and Antivirus Scan.

Beyond its ability to perform online scanning of backup data streams, Veeam Backup & Replication (VBR) now supports secondary scanning of already backed-up data. Version 12.1 introduces two powerful scanning engines: one that leverages antivirus software installed on the Mount Server, and another that utilizes YARA as the scanning engine.

Understanding YARA

YARA (which stands for Yet Another Recursive Acronym) is a tool primarily used by security experts and researchers to identify and classify malware. You can find the official documentation at https://yara.readthedocs.io/en/latest/ and the GitHub repository at https://github.com/virustotal/yara.