Hello guys,
I was looking the new Security and Compliance feature.
In my lab the following recommendations are marked as passed :
For the first one if I look in the configuration of my proxies the NBDSSL is not checked
For the second, I don’t have configure encryption for the LAN backup network
So I don’t know why by default Veeam mention them as passed. Any idea?
If I am not mistaken the NBDSSL does not apply unless the transport mode is set to Network mode and yours is Automatic, so Veeam selects the best mode and many of them are encrypted by default. This I believe then ties to the second option that passed for network traffic encryption.
However, these pages seem to contradict my theory and it looks like you should have a network rule for your LAN to encrypt traffic -
Enabling Traffic Encryption - User Guide for VMware vSphere (veeam.com) -- this does mention encryption within the job.
Network Transport Encryption | Veeam Backup & Replication Best Practice Guide
So, it will be nice to find out what constitutes these as passing if those are not the options that it looks at when running the Analyzer.
Maybe
If I am not mistaken the NBDSSL does not apply unless the transport mode is set to Network mode and yours is Automatic, so Veeam selects the best mode and many of them are encrypted by default. This I believe then ties to the second option that passed for network traffic encryption.
However, these pages seem to contradict my theory and it looks like you should have a network rule for your LAN to encrypt traffic -
Enabling Traffic Encryption - User Guide for VMware vSphere (veeam.com) -- this does mention encryption within the job.
Network Transport Encryption | Veeam Backup & Replication Best Practice Guide
So, it will be nice to find out what constitutes these as passing if those are not the options that it looks at when running the Analyzer.
That sounds right. It should apply when set to Network Mode. If Automatic is selected and Veeam selects Network Mode, it should encrypt the data.
Paging
Hi
Thank you for bringing this to our awareness.
That sounds right. It should apply when set to Network Mode. If Automatic is selected and Veeam selects Network Mode, it should encrypt the data.
Paging
Thanks Dips for paging me. Discussed with the team and QA.
Currently it’s green when you choose Automatic.
In an upcoming patch, we'll ensure it's marked as "not implemented" when NBD SSL is disabled, even if the Automatic option is selected.
Best,
Fabian
Thanks
Good to know about this getting fixed in a future build. 
Hi
Thank you for bringing this to our awareness.
That sounds right. It should apply when set to Network Mode. If Automatic is selected and Veeam selects Network Mode, it should encrypt the data.
Paging
Thanks Dips for paging me. Discussed with the team and QA.
Currently it’s green when you choose Automatic.
In an upcoming patch, we'll ensure it's marked as "not implemented" when NBD SSL is disabled, even if the Automatic option is selected.
Best,
Fabian
Thank
Good clarification. Thanks Fabian!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
