Skip to main content
  • EN

Hi All,

 

With the latest release of the Linux appliance for Veeam Backup: KB4738: Release Information for Veeam Backup & Replication 13 Virtual Appliance can we install some of the management agent to perform:

 

  1. EDR - Endpoint Detection and Response (for anti malware or detecting malicious activity)
  2. Infra monitoring (DiskSpace, Utilization and Uptime).
  3. Software deployment and Vulnerability or patching agent.

 

Is this possible without affecting the software’s supportability?

I think you will have a hard time installing agents on the appliance due to how locked down it is, but I am sure there might be a way or possible KB eventually on this.  Keep in mind it is just new so I am sure there are kinks to be worked out.

@vAdmin -

I haven’t tried with the newest build, but in previous BETAs I was not able to install anything. I would either provide a feature request for this over on the Forums, or reach out to support to see if there is a way to do so.

Best.

The purpose of the pre-hardened appliance is to switch the responsibility for the OS (including updates etc.) to Veeam so I assume that this won’t be possible at all. There might be some way involving Veeam Support but that would be nice to know.

 

Please keep us updated whenever you get an official response.

 

Lukas

Not possible and even if it's possible, it's not supported.
It works the same way for the Public Cloud appliances. In those appliances it's possible to access the Linux with sudo permissions, but anything installed there that is not the default it's not supported.

Haven’t seen it written anywhere, but highly likely that it won’t be supported, as it is not supported for their other ISO for VHR: https://helpcenter.veeam.com/docs/backup/vsphere/hardened_iso_requirements.html?ver=120

“To be eligible for support, you must use an unmodified version of the Veeam Hardened Repository ISO on a machine that meets all the system requirements.” and “Third-party security software must not be installed on the server.”

Yeah, that’s what I have thought so as well, ​@coolsport00 , ​@Chris.Childerhose 

This is to comply with the CMDB object policy to have those agents installed as the standard deployment.

otherwise, how can we monitor those aspect, especially with the disk space, uptime or some security events and incident response?  

 

Sure ​@lukas.k  and ​@wesmrt  when the support team has response, I’ll share it here.

But it is most likely they are referring to the same KB as posted by ​@kira.bezhanova .

Thank you all for sharing some thoughts and comments here.

Yeah, that’s what I have thought so as well, ​@coolsport00 , ​@Chris.Childerhose 

This is to comply with the CMDB object policy to have those agents installed as the standard deployment.

otherwise, how can we monitor those aspect, especially with the disk space, uptime or some security events and incident response?  

 

I get that it is policy but with the way the appliance is hardened it might be hard to do.  It is better to ask this in the forums - https://forums.veeam.com where you can get a better answer or via support.

@vAdmin - some of those items I’m sure are in VeeamONE...assuming you have at least the Advanced or Premium edition to do so. But for 3rd party monitoring, I recommend as I suggested above and submit a feature request or at least ping Veeam Product Managers to see where they stand on that functionality.

Best.

Comment


Terms & Conditions