I was alerted to the CVE in some Slack RSS feeds. I figured why not get the new patch that was released and installed it. Quite simple and straight forward, which is usually the case with Veeam.
I did a bit of digging into the KB and was quite excited to see that they included more features into this than I was expecting. I figured this was mostly to fix the CVE’s.
New Features and Enhancements
Platform Support
- AlmaLinux 9.3 and Rocky 9.3 supported for use as Linux-based backup repositories and backup proxies.
- Microsoft Azure Stack HCI 23H2 (March 2024 build) support.
- Microsoft SharePoint Subscription Edition 24 H1 support for application-aware image processing.
General
- Improved VMware NBD (Network Transport Mode) transport mode performance by up to 2x.
- Backup Copy jobs now support using other backup copy jobs as a source for VMware, Cloud Director, and Hyper-V workloads.
- Reduced the performance impact of disk fragmentation on ReFS repositories with Integrity Streams disabled by removing the unneeded low-level file system call.
- Improved Veeam Backup Enterprise Manager data collection performance.
- Veeam AI Assistant window now leverages Markdown markup language for prettier output.
- Windows and Syslog events now contain the backup server’s build number.
- ZFS Block Cloning technology preview. This preview aims to allow Veeam enthusiasts to test the long-term stability and performance of this new ZFS capability. This functionality is currently not supported for production use (not even under Experimental Support terms) and, therefore, should only be used in test labs. For more information, please refer to this Veeam R&D Forum thread.
Malware Detection
- Added the ability to exclude specific file paths from suspicious file system activity analysis.
- Bulk Rename events will now create detailed logs with the list of affected files in the following location: C:\ProgramData\Veeam\Backup\Malware_Detection_Logs\
- Malware detection-related Windows events and Syslog events now provide additional information such as object names, restore point timestamps, and backup server version.
- To reduce the number of false positives from the suspicious file system activity analysis engine, the threshold for the minimum number of modified or deleted files has been increased.
- The sensitivity settings of the proprietary ML malware detection model have been tuned to reduce false positives coming from the inline detection engine.
- To reduce confusion, the “Ransomware Note” malware detection event has been renamed to “Onion Links.”
- Onion links are now detected even in files that are 900 bytes or smaller in size, which NTFS stores directly in the MFT partition.
- Malware detection logs are now archived every week into dedicated zip packages.
Enterprise Applications
- Added support for network traffic encryption (configured in the Global Network Traffic rules dialog) for all application plug-ins.
- Veeam Plug-in for Oracle RMAN: multiple Oracle RAC and Oracle Exadata deployment scenario specific enhancements in response to real-world customer feedback.
- To simplify disaster recovery scenarios, the Db2 plug-in configuration tool now includes a command to get the list of available restore points with timestamps from Veeam Backup & Replication.
- The Microsoft SQL Server plug-in will now intercept errors during backup and recovery command execution and return these error codes to the SQL Server to ensure that the SQL Agent Jobs does not report false-successful results.
- Microsoft SQL Server plug-in will now use the latest version of the ODBC driver present in the system in cases when ODBC driver v17 is not present. You can also force the specific version usage through veeam_config.xml.
- Veeam Plug-in for SAP on Oracle: added support for Oracle Linux 8.
Object Storage
- Veeam Data Cloud Vault, a fully managed secure cloud object storage by Veeam, is now integrated directly into the user interface.
- Scale-out backup repositories now support multiple Performance Tier and Capacity Tier extents backed by Smart Object Storage API (SOSAPI) enabled object storage.
- AWS S3 and IBM Cloud Storage: The default generation period value was increased for AWS S3 and IBM Cloud Storage object storage repositories to minimize the number of API calls and reduce the total storage cost.
- Added support for the new AWS region: Canada West (Calgary).
- Lowered CPU consumption on the backup server during the checkpoint removal process.
Primary Storage
- IBM SVC: Default grainsize and rsize parameter values for creating IBM FlashCopy snapshots were changed to the values recommended by the vendor to improve backup from storage snapshots job performance.
Secondary Storage
- Dell Data Domain: The default DDBoost connection cache value was increased, and the cache itself was optimized to reduce the number of active connections significantly; improved backup performance to Scale-Out Backup Repository with a large number of Data Domain extents.
Security & Compliance Analyzer
- A new backup infrastructure check was added to ensure that the PostgreSQL instance hosting the configuration database has been configured with the recommended settings. These settings can be applied with the Set-VBRPSQLDatabaseServerLimits cmdlet.
- All service status validations now also check whether the checked services are running instead of only verifying their startup type.
- Improved the “Host to Proxy traffic encryption” test to cover additional backup proxy deployment scenarios.