Veeam Threat Hunter behind HTTP proxy

28 days ago
February 19, 2025
7 comments
205 views

gordon
Not a newbie anymore
1 comment

Just information for the Veeam community members.

If your Scan Backup Job with Veeam Threat Hunter ends with the error "Unable to perform scan: threat signatures database is missing" and your Veeam Mount server is behind an internet HTTP proxy, wait for the next minor version of VBR, or contact support, they have a temporary workaround.

Statement from support

At the moment, signature updates do not work properly when an HTTP proxy is used - this is a confirmed issue that was found recently, and it is planned to be addressed in the next minor patch 12.3.1.

+21

Chris.Childerhose
Veeam Legend, Veeam Vanguard
8427 comments
28 days ago
February 19, 2025

That issue is interesting and nice to see that they will fix it in the next patch. Thanks for sharing this with the community.

dloseke
Veeam Vanguard
1447 comments
28 days ago
February 19, 2025

Good to know...thanks!

+10

lukas.k
Veeam Vanguard
191 comments
28 days ago
February 19, 2025

Maybe I ran into this issue multiple times with some customers. I’m afraid this is not only the case with HTTP proxies but support is still investigating on this.

Nice to see this addressed. :)

LK | Veeam Vanguard | VUG Leader - Cyber Security Space | Security Specialist

Thore Mangels
New Here
2 comments
12 days ago
March 7, 2025

The mentioned temporary workaround:
(quote Veeam support)

Manually downloaded threat signatures from below link:
https://storage2.veeam.com/v1/support?name=File_07597667_12ac6b1a87.zip
Place them under C:\ProgramData\Veeam\Threat Hunter\Engines and then restart Veeam Threat Hunter service. Post this, backup scan should work.
Certain cases, scan may fail because there were no successful automatic database updates for the last 14 days. To work around this, please create this registry value:
Key: VTHUpdateFailureToleranceDays
Location: HKEY LOCAL MACHINE\SOFTWARE\Veeam\Veeam Threat Hunter
Type: DWORD
Value: 1000

For now, as long as automatic updates are not working, there will be a yellow warning in the scan session: "Failed to update signatures". But scan will work, and the session will end in green status.
The proxy interoperability issue is going to be fixed in v12.3.1. So, once upgraded to v12.3.1, feel free to delete VTHUpdateFailureToleranceDays from the registry.

Egor Yakovlev
Comes here often
98 comments
9 days ago
March 10, 2025

Hi all.

Please, do not share support links from your cases in public - each case is individual and files working for one installation can render another installation corrupt. Additionally, that makes case tracking and fix prioritization much harder for us. Support team is ready to handle each case with utmost care and will provide a solution for each request.

Thore Mangels
New Here
2 comments
8 days ago
March 11, 2025

Egor Yakovlev wrote:

Hi all.

Sorry about that. I will keep this in mind in the future.

+14

regnor
Veeam MVP
1349 comments
17 hours ago
March 19, 2025

The latest update from today, 12.3.1.1139 includes the fix and also a registry key to add a custom proxy.

https://www.veeam.com/kb4696

Max M. | Systems Engineer @Veeam | VMCE/VMCA | VeeaMVP 2023 | former Legend & Vanguard

Comment

Related topics

Veeam Threat Hunter - force update?icon

K10 GCS Location Profile cannot reach, Kubernetes Cluster behind http proxyicon

kasten behind http proxyicon

Veeam Windows Hardening Script - one-click hardening with CIS contents

Cannot install VBR 12.2 CE on Windows Server 2022icon

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded