Blogs and Podcasts

 Today, March 31, is World Backup Day. This date exists because, even today, I still see many companies continuing to lose critical data. In the vast majority of cases, these losses are not related to a lack of technology, but rather to strategy and process failures, and especially to an underestimation of risk.And these risks are not limited to lost files or servers with software issues. They involve systemic failures in operations, security, and even architecture. Real CaseI will cover a real case I went through recently, where I will share more details not only about the problem, but also about how it was possible to recover from the disaster. The Scenario

It started as a routine alert—unusual login activity flagged by our monitoring system. Within minutes, multiple backup jobs began failing, and that’s when we knew: this wasn’t random—it was targeted.The attacker had gained access using compromised credentials and was attempting something we’ve all seen becoming more common—destroy the backups first before encrypting production systems.But this time, things didn’t go as planned.Our backup environment was built with immutability and zero-trust principles using Veeam Backup & Replication integrated with hardened repositories. Even though the attacker had access to certain systems, they couldn’t modify or delete backup data due to immutable storage policies.While the security team contained the breach, we verified the backup integrity.Everything was intact.A few production workloads were still impacted—some files were encrypted before contain

This blog post was inspired by an excellent article that explores recovery scenarios beyond the typical restoration approaches often covered.In-place upgrades represent the standard and vendor-recommended approach for advancing Veeam Backup & Replication (VBR) to newer releases, ensuring continuity of configuration, and retention of job etc without requiring a full reinstallation. But without a test lab, you are essentially performing a high-wire act. While everyone talks about restoring data during “World Backup Day”, few share stories of how protecting the protector. Veeam’s own configuration backup can literally rescue your Veeam Backup and Replication (VBR) when an upgrade goes sideways. You can take a look at this

This is the English version of a selected article from Climb Japan Engineer Blog series. When you use Veeam Backup & Replication to process a backup or backup copy to be saved in the object storage such as Amazon S3, there might be a case where you receive the alert message below.Subject: [Warning] Background checkpoint removal. Backup server: <your Veeam server name>Body text: Failed to remove checkpoints from the backup repository <your repository name>This alert is issued when obsolete checkpoint (i.e. restore point) removal process on the object storage where backup data are stored has been failed.Removal of such checkpoints has been a part of the backup job in

 1. Why Job Design Matters Anybody can create a backup job. Open the wizard, add VMs, pick a repository, set a schedule, click finish. The job runs. The question is whether it runs well at scale, whether it makes SureBackup testing practical, whether it handles application consistency correctly, and whether it does not create operational headaches six months from now when the environment has grown.Job design is the difference between a backup environment that runs itself and one that requires constant intervention. Bad job design produces jobs that run too long, compete for proxy and repository resources, break application log chains, make restore operations slow, and make SureBackup configurations a nightmare. This article covers the patterns that work and the anti-patterns that do not. 2. Per-VM Backup Chains vs Per-Job Chains VBR offers two backup file l

Immutable backups are one of the best things to happen to data protection.They’ve become the go-to answer for ransomware resilience—and for good reason:Backups can’t be deleted They can’t be modified Attackers can’t encrypt themThat’s a huge win.But here’s the part that doesn’t get said enough:    Immutability is a layer of protection—not a complete strategy.I’ve seen environments check the “immutable” box and assume they’re covered.They’re not.Because when something actually goes wrong, immutability alone doesn’t guarantee you can recover cleanly, quickly, or safely.Let’s talk about what else you actually need. 1. Recovery Testing (Because “Protected” Doesn’t Mean “Recoverable”)You can have perfectly immutable backups that are:Corrupted Incomplete Misconfigured Or just… not usable the way you expect

As a follow-up to my previous blog on the VSA HA Clustering setup, I decided to do a companion blog about using Veeam ONE for monitoring.  Check it out below and link to my blog.Monitoring Your Veeam VSA HA Cluster with Veeam ONE Monitoring Your Veeam VSA HA Cluster with Veeam ONE Getting visibility into your Veeam VSA High Availability (HA) Cluster is critical for ensuring backup continuity. Veeam ONE provides the dashboards, alarms, and reporting you need to stay ahead of issues before they impact your recovery objectives. This post walks through configuring Veeam ONE to effectively monitor your VSA HA Cluster — from initial connection through tuning alarm thresholds and automating the whole thing with PowerShell via the Veeam ONE REST API.What Is the Veeam VSA HA Cluster?The

  World Backup Day is often treated as a reminder—a checklist item to verify that backups exist, are recent, and are recoverable. But for those of us working in infrastructure and disaster recovery, it represents something much more concrete: the difference between operational continuity and complete outage. This is not a theoretical discussion. This is a real incident.This is my experienceThe Incident: Ransomware at ScaleRecently, I was involved in managing a critical ransomware attack that impacted a large virtualized environment. After an initial assessment, it became clear that we were dealing with a full-scale ransomware infection.Roughly “150 virtual machines” in a VMware environment were affected. The situation escalated quickly, requiring immediate containmen

This is the English version of a selected article from Climb Japan Engineer Blog series.-----Veeam Backup & Replication enables the agentless protection of Hyper-V virtual machines. In order to maintain the data integrity of Hyper-V VMs, when you process a Veeam backup, a temporary Hyper-V checkpoint is automatically created and it is then deleted when the data capture is completed.However, in some exceptional situations, e.g. as a result of antivirus software interference, the checkpoint may remain on the protected VM. In that case, you might see the remaining checkpoint named “Veeam Recovery Checkpoint (XXXX)” on the Hyper-V Manager screen as below. The red marked section shows the remaining checkpoint. Note the UI is in Japanese.The Hyper-V checkpoint size may increase as time goes by, because it will reflect the p

While working in a lab with multiple silos, minimal change control, and backup processes in place, not everyone informs the backup administrator of new servers or devices added to the infrastructure that require backups. As the backup administrator, it's my responsibility to ensure that all servers have a reliable backup and can be restored in the event of a disaster. I make that extra effort so that, in situations like the one below, we can get everything back online in a timely manner.It was an early normal Monday morning, and I was reviewing the weekend backups when a Teams call came in from our Network Lead for the lab.When the Network Goes QuietAt first, a few users reported they couldn’t access shared drives.Then applications started timing out.Then monitoring lit up.Within minutes, it was clear:    We weren’t dealing with a slow network.    We were dealing with a broken one.

Was working today doing some tape stuff and when testing my PowerShell script to create GFS pools noticed that when you go into the Advanced settings for the Daily, Weekly, etc. section of the pool properties you see two monthly and no quarterly.I have logged this on the Forums as a potential bug but wanted to give a heads-up as it is just cosmetic, mainly the main page for the retention options shows Quarterly proper (which I thought they were removing?). 

Hi all, I wanted to share the new Veeam Ports MCP server with the community. This gives you the ability to interact with the Veeam Ports underlying database to create rich designs using LLM clients that support MCP, like Claude and VS Code.https://github.com/shapedthought/veeam-ports-mcpTo install in Claude:Install Python Install UV Run: claude mcp add veeam-ports -- uvx veeam-ports-mcp Update your Claude desktop configuration file:

 The VBR REST API matters because it gives you direct access to the backup server itself without going through Enterprise Manager. Start with what it actually is The VBR REST API runs over HTTPS on port 9419.It uses OAuth 2.0 bearer tokens, returns JSON, and publishes an OpenAPI specification. The backup server exposes Swagger directly, which makes it easy to inspect the available endpoints without digging through scattered examples first. That part is genuinely helpful, because the API is large enough now that guessing your way through it is a waste of time.The practical reason to use it instead of the PowerShell module comes down to three things:• it is language-agnostic• it works remotely without needing the Veeam PowerShell module installed on the caller• it fits better into multi-serv

Last week I attended RSAC and as stated in a previous post had a great time.However, nothing in life is perfect and I had one conversation that got me worried. The person in question is much more “in the know” than I am when it comes to the IT industry. He claimed that blogging is basically dead now. It has been washed away by a tidal wave of AI generated content and has permanently removed the need for real bloggers. “No one believes that anyone actually writes anything anymore”. Along with that IT communities are under threat, if you don’t need bloggers and content creators then why have these groups of people? The can be easily and cheaply replaced by AI Agents. I wanted to ask everyone here what they thought and if there is anything we can do to save our brands?For my part I have decided to always try and post a video along with any written content that I create. The BVLOG!! If you can pronounce that you should win an award right off the bat!

My belated contribution to World Backup Day."Man kütt ja zu nix" - as they say in the Rhineland ( You Never Get Around To It ). I learned the value of backups very early in my professional life.As a dual-study student during my first practical phase, I accidentally deleted the root directory of a server - specifically, the server that managed access control for all branches in western Germany.Luckily, my colleagues didn't behead their panicked young employee, but remained calm and restored the deleted data from a backup. At that time, it wasn't a Veeam backup; it must have been either a late ADSM version or an early TSM version.In any case, this experience has shaped me ever since: Firstly: It was great to have had such colleagues at that time. And secondly: Always have a backup of your data and systems! Many years later, data backup is my main professional task.Thanks to Veeam, regular system and data ba

IntroIn a previous article I wrote about the type of storage a customer can use and write their backup to.Some days ago, a user in the Veeam Community asked why, according to Veeam's calculator, S3 object storage is no longer more efficient in terms of space (with immutability and GFS) than storage using XFS/ReFS technology.After answering, I decided to explore the topic further by putting myself in the shoes of a customer who has to make a choice in terms of the costs associated with the space used. That's why I want to tell you what happened with a customer.When I start a new backup infrastructure project, there always comes a time when I have to decide what type of storage repository to use. When I submit a plan to the customer, I often hear them say: Why should I spend more an

How NTP Architecture Impacts MFA in Veeam Software Appliances — And What Happens When Clocks DriftMulti‑Factor Authentication (MFA) in Veeam’s software appliances relies heavily on accurate system time. This is because MFA one‑time passwords (TOTPs) are time‑based. If the appliance clock drifts even slightly, MFA will break — often in confusing ways.In this post, we break down:What NTP is doing inside the Veeam Software Appliance Why MFA fails when clocks drift How time desynchronization can escalate Worst‑case recovery when you’re completely locked outWhat NTP Architecture Is Doing Inside Veeam Software AppliancesVeeam Software Appliances use chrony (the NTP client on Rocky Linux) to synchronize system time with configured NTP servers. This ensures that all time‑dependent security function

Yet another opportunity to highlight the importance of backing up data – whether business or personal – is that the backup system must be an integral part of the IT infrastructure, not just an afterthought.I have written this post in Italian to raise awareness among Italian companies once again.https://blog.luvisi.it/world-backup-day-5d09dc597519 ​@Madi.Cristil ​@safiya 

This article is geared towards the "backup admin" and how no one really wants that job, but someone has to do it. In my current role, in addition to my other responsibilities, I serve as the backup admin in our lab environment. Although it's not as stressful as past backup admin positions, I still need to standardize and have things in order in the event of a restore or server outage.Let’s be honest—nobody gets into backup and recovery because they’re chasing excitement.But somehow, backup environments still manage to create plenty of it:Failed jobs at 2AM Storage filling up unexpectedly Restore requests turning into investigations That one job that’s been “warning” for… way too long That’s not the kind of excitement you want. In Day 2 operations, the goal shifts. You’re no longer just getting backups running—you’re trying to make the entire system predictable, repeatable, and honestly… bo

31.3 is “Backup Day” Why?Because next day is first of April? 😊 So, tidying up could resolve into unwanted deletion of your data, which could lead into surprise, after you find out that and this is not just as a joke😊It’s nightmare …In nowadays we are trying to keep our platforms, environments most resilient as possible from ransomware attacks.BUTWhat is worse than ransomware attack?Are you really prepared to cover all scenarios?Sometimes it could be even bug of your nightmare in vendors software/firmware, which is not the thing that you never think about.ANDCombination with ransomware attack? Admins have no clue what is correct.What happened?Customer found out that has infected VMs – all Windows and Linux/Unix Systems. Production was stopped. It did not take lon

  As long as backups are running, logs are about as popular as a dashcam: you see them, you know they’re there—and you hope you’ll never really need them. But the moment a job fails, a service stops unexpectedly, or the software “just starts acting weird,” logs become the only reliable witness. They show what happened, when it happened, how other components reacted — and often why something was triggered in the first place. In troubleshooting, a complete and properly retained log history often determines whether you can narrow down an outage or error within minutes— or whether you end up relying on assumptions, screenshots, and “it didn’t feel like it was like this before” statements. That’s why in this article we’ll look at: how to collect Veeam logs correctly (suppo

Recently, ​@Madi.Cristil created a post asking members of the Veeam Community who have been "heroes" in performing their backup duties to share their stories. If you haven't yet seen her post, you can read it below:https://community.veeam.com/discussion-boards-66/backup-heroes-wanted-join-the-world-backup-day-contest-2026-12918?postid=90737#post90737World Backup Day is coming and, like they've done the past few years, Veeam is asking for the Community to share posts about how Veeam Data Platform has been used to meet a need at your organization, or even home!  My story isn't too extravagant, but it did meet a crucial need at my organization.We had an employee get terminated a while back for potentially suspect activity with a vendor. Upon being informed of this activity, senior administrators were tasked to look into any network accounts which could have access to our environment. After meticulously ski

  Three management modes at a glance.  Mode Managed In Best Fit Reality Check Standalone Local server Isolated hosts or segments without VBR reachability Easy to forget until restore day VBR-managed VBR console Most internal infrastructure teams Best default when central

Last week I attended my first RSAC in San Francisco. To say it was a great experience would be the understatement of the year.The conference is enormous, and you can tell just by walking around downtown as the streets were filled with people sporting their RSAC badges. I quietly slipped mine off whenever I ventured outside the convention center. Wearing it felt like broadcasting to the city: "I'm from out of town — please rob, scam, or at least aggressively inconvenience me." Better to blend in with the local hipster cyclists. More on that later.AI Everywhere (And I Mean Everywhere)AI dominated the conference floor. Nearly every booth referenced it, the street advertisements were themed around it, and by day two I half-expected to find an AI-powered fixture in the restroom. (In some parts of North America they call it a "restroom" — in Toronto we say "washroom." My theory is that in some locations companies work their employees so hard that the

I recently wrote a blog about VSA HA Clustering, which you can find below (link to my site is below as well).Veeam VSA HA Cluster Setup With the release of Veeam Backup & Replication 13 there is a new feature that you can use to set up two nodes in an HA Cluster configuration for high availability.  I am going to outline the process below and keep in mind that you will need to have a VDP Premium license in order to do this as that is a hard requirement.  Now let’s look at HA Clustering with Veeam VSA.Configuring a Veeam VSA HA ClusterThe HA cluster configuration process involves two major phases: enabling the HA feature on both nodes via the Host Management Console, and then assembling the cluster through the Veeam Backup & Replication Console.