VMware: Kritieke kwetsbaarheid in VMware vCenter-server actief aangevallen

June 7th, 2021 No comments

Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in VMware vCenter Server en VMware Cloud Foundation waardoor het mogelijk is om kwetsbare systemen op afstand over te nemen. Op 25 mei kwam VMware met beveiligingsupdates, maar er zijn nog altijd ongepatchte servers. Die zijn een aantrekkelijk doelwit voor aanvallers, aldus het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security.

De kwetsbaarheid, CVE-2021-21985, is op een schaal van 1 tot en met 10 wat betreft de impact met een 9,8 beoordeeld. VCenter is een oplossing voor het beheer van virtual machines en gevirtualiseerde servers en wordt standaard geleverd met de vSAN-plug-in. Deze plug-in controleert invoer van gebruikers onvoldoende, waardoor een aanvaller met toegang tot de vCenter-server op afstand willekeurige code kan uitvoeren. Het maakt niet uit of er van vSAN gebruik wordt gemaakt of niet.

Hoewel beveiligingsupdates om het probleem te verhelpen sinds 25 mei beschikbaar zijn maken aanvallers inmiddels actief misbruik van de kwetsbaarheid om systemen over te nemen, waarschuwt het CISA. Ook securitybedrijf Bad Packets meldt dat aanvallers op grote schaal naar kwetsbare servers zoeken. Een exploit om misbruik van het beveiligingslek te maken is inmiddels op internet te vinden. Organisaties wordt dan ook aangeraden om de patches te installeren en wanneer dat niet mogelijk is een workaround toe te passen.

Categories: VMware Tags: , , , ,

Veeam: Veeam User Group (VUG) meeting 11 mei

May 10th, 2021 No comments

Het is zover, op 11 mei a.s. organiseren we onze eerste periodieke VUG-bijeenkomst. Door Corona helaas nog virtueel, maar hopelijk kunnen we de sessies in de nabije toekomst op een mooie locatie in Nederland organiseren. Schrijf je nu in!

Onze eerste meeting is in elk geval zéker de moeite waard, want voor de eerste 20 aanmeldingen staat er een speciale ‘borrelbox’ klaar, zodat er ook nog wat gesnackt kan worden tijdens de sessie. Deze box wordt natuurlijk op voorhand toegezonden. Hiervoor is het wél noodzakelijk om je adresgegevens te delen via het registratieformulier.


14.00 – 14.15 Welkomstwoord (door Maurice Kevenaar)
14.15 – 15.15 V11: Immutability, Instant Recovery en Data Mobility (door Wouter Oltlammers)
15.15 – 15.30 Technical Open Platform – Q&A
15.30 – 17.00 Veeam Labs-as-a-Service* (max. 10 personen)

*Labs-as-a-Service: Veeam biedt prospects/klanten vanaf medio mei 2021 de mogelijkheid om zelf in een virtueel demo-lab, use cases te testen. Er is begeleiding van Veeam stand-by, maar in principe kunnen 10 personen tegelijkertijd zelf scenario’s testen. We bieden de deelnemers van VUG NL exclusief de mogelijkheid om dit te testen. Laat op voorhand weten of je geïnteresseerd bent om de Labs-as-a-Service uit te proberen op 11 mei a.s. (wie het eerst komt, het eerste maalt). Bij grote belangstelling zullen we meer tracks beschikbaar stellen op andere dagen en tijden.

Voor meer informatie: Veeam

Categories: VMware Tags:

Veeam: How does NAS backup in v10 work with VMware vSAN File Services

August 11th, 2020 No comments

How does NAS backup in v10 work with VMware vSAN File Services?

You may recall with v10 NAS backup, Changed File Tracking was implemented, maintaining the footprint of the source file share and is stored in a cache repository. This cache repository keeps track of all objects that have changed between each backup, resulting in super-fast backup processing, including for vSAN File Services!

NAS backup supports the same range of different backup repositories as our image-based backups, including scale-out backup repositories. When focusing on unstructured data, however, safeguarding the ability to tier older file versions onto less expensive storage (e.g. deduplication storage systems or Object Storage) may be even more important. The ability to maintain short-term retention close to the production data set but then comply with regulations and retention demands through the public cloud can enhance longer-term retention capabilities while reducing costs.

Veeam Availability Suite v10 NAS backup also has the ability to store an offsite copy of your NAS data. This can be a completely different retention period (both longer and shorter), with a separate encryption key for added security, and can be used as a disaster recovery option when it comes to recovering your unstructured data.

NAS recovery using VMware vSAN File Services

Yes, the recovery mechanisms that were introduced in v10 also work flawlessly with VMware vSAN File Services.

Restore entire share

A useful option for catastrophic losses or major outages, allowing for a complete restore of the latest version of all files either back to the original location or to an alternate location with security and permissions intact.

Rollback to a point time

When the need arises to use the “last known good configuration,” this option is very useful to roll back any modified files since the last backup of your vSAN instance using File Services.

Restore individual files and folders

Like File-Level Recovery for image-level backups, this restore type provides you with the ability to restore individual files and folders either by overwriting the live system or keeping both copies. Simply choose specific restore points with additional visibility to see all available file versions.

Use cases

Veeam’s enhanced NAS backup capabilities offer you the ability to immediately incorporate VMware vSAN File Services into your backup strategy whether you’re a new or existing customer. As you continue on your Digital Transformation journey, the following use cases may be great places to begin incorporating vSAN File Services and Veeam:

Audio, video, and surveillance data

As the volume of this type of data continues to grow at unprecedented rates, there often is not a defined process in place to categorize or tag data, let alone adequately predict future storage requirements. The flexibility of easily adding a host to a VMware vSAN cluster coupled with Veeam’s support for VMware Storage Policy-Based Management to ensure proper backup policies are applied make this data type a perfect candidate for consideration.

Big data applications (e.g. Hadoop, SAP, Splunk)

Security, scalability and manageability are often cited as challenges to adoption of big data. These infrastructure-related challenges can be alleviated via the security, scalability and performance of VMware vSAN. Additionally, Veeam’s enhanced NAS backup coupled with application-specific capabilities for Oracle and SAP can help create a simple, flexible and reliable infrastructure that is cost-effective for embarking upon such a project.

Categories: VMware Tags:

VMware: The Dell ESXi 7.0 ISO is now available

April 2nd, 2020 No comments

vSphere 7 is finally out!

You can download the Dell Server ISO image by clicking the screenshot below:

Download: VMware

[VEEAM] v10 licensing – what you need to know

February 26th, 2020 No comments

The long-awaited Veeam Availability Suite v10 is here and we’re extremely excited. We’re also honored and grateful that you’ve joined us for this ride. Many of you have also witnessed our journey to licensing portability along the way, and v10 is really the culmination of those benefits from both a product and a licensing perspective. So, what is it that you need to know to make your adoption of version 10 a success?  Let’s dive in.

Veeam license options

The Veeam Universal License (VUL) is our most capable licensing solution and includes the most powerful Enterprise Plus capabilities. VUL is a portable, consumption-based license that is metered per protected workload and is sold in bundles of 10 licensesWith the added portability, VUL literally allows you to protect all Veeam Backup & Replication workload types interchangeably, both on premises and in the cloud.  This helps you meet your ever-changing environment needs in the most flexible way possible.

As many of you know VUL received a major enhancement in October, making it even easier to use, while lowering the price too.   We are pleased with the adoption we’ve seen and appreciate your help in making VUL better.  VUL is transacted as an annual subscription with 1-5 year options, paying upfront or 3-5 year terms if paying annually.

Per-Socket licensing is an option for customers looking to protect only VMware or Hyper-V VMs on premises and is measured per CPU socket and transacted perpetually. Sold in Standard, Enterprise and Enterprise Plus editions, socket licenses offer a wide range of capabilities for protecting VMware and Hyper-V VMs.

For our VCSPs, the Rental Agreementsoffer cloud and managed service providers many of the portability/flexibility benefits of Subscription, but with the added twist of pay-as-you-grow pricing and a dedicated license type that extends usage rights to managed and protect third-party data. With v10, VUL and VCSP Rental Pricing are in total harmony, unified under a simplified points-based structure (included in the license file itself) that covers BaaS and DRaaS for any customer and any workload, across any cloud.

What do you need to know for v10?

If you’re a completely new Veeam customer with v10, welcome to the family! You’re good to go. For the rest of you long-term Veeamers, there are some great changes in v10 that we’d like to highlight.

There are tons of new features and improvements in v10. Arguably the hottest new capability of v10 is our NAS (Network Attached Storage) file protection capability. Support for NAS is a great option for a broad set of customers and is achieved with VUL. With 1 VUL license, you can protect 250GB (4 licenses per TB). If you already have VUL licenses, you can use those to protect NAS today!

If you’re using agent-based jobs to protect Microsoft Windows or Linux servers and workstations today, your license is likely already either VIL or VUL, so no action is required – simply download the updated v10 license file.

Our standalone offering for Nutanix AHV has been a hit, so much so that we’ve pulled that product into Veeam Backup & Replication management umbrella. Now it’s simply referred to as the Veeam Backup & Replication Nutanix AHV backup proxy (coming very soon) and is licensed with VUL. There is no need to purchase unique licensing for protecting Nutanix AHV VMs. VUL is portable and meets the flexibility needs of customers looking to adopt AHV or change hypervisors.

License files at V10

Like with all previous major releases, Veeam Availability Suite v10 does require all users, for both VUL and socket licenses, to update their license file immediately at v10 install. This is simple and can be done in the product or in a license portal.  This is now accomplished easier than ever, in most cases automatically.

Existing subscription customers

If you have VIL Subscription licenses, today may be your lucky day. Effective immediately, those VIL licenses will be upgraded to full-featured VUL licenses at no cost, regardless of edition. That’s right, Standard and Enterprise VIL license holders are now upgraded to fully-featured VUL licenses with Enterprise Plus feature set. There’s no caveats or extra cost associated with this change. When your existing contract is up, you’ll need to renew at market VUL price. The great thing about this is that we’ve reduced our prices for VUL by up to 33% and, most importantly, it costs less than ever to protect ANY server, workstation, cloud workload or enterprise app. Check your portal and these should be upgraded for you and ready to use.

Lastly, some may be aware that protecting the same workloads with both host-based and agent-based jobs previously required using 2 licenses. With v10, that is no longer a requirement, and there is no longer any double charging for protecting the same workload – so long as the protection is managed by the same backup server.

Service providers

There is also a host of new benefits, discounts and more for VCSP Rental users. Check out our VCSP Launch Resource Center for more info.

Existing socket license customers

We love our socket customers and we have some great news on this front. Many of our socket customers see the benefits of our portable VUL licensing and are starting to merge environments with both perpetual socket and subscription VUL licenses. Previously we required the editions to match, but now VUL doesn’t have an edition, it’s fully featured just like Enterprise Plus. We now allow customers to merge sockets and VUL licenses across a variety of products, in a centrally managed environment. However, please note that the Socket license edition still dictates the edition capabilities of the entire environment. If this is an impediment for you, there are two options:

  1. Migrate your sockets to VUL for the cost of your renewal here
  2. Upgrade the edition of your sockets to Enterprise Plus

Protect more with free licenses! For customers who have socket licenses, you may be aware that we’ve provided extra instance licenses, 1 per protected socket, up to 6, for you to try at no cost since 9.5 U4. Well, with v10 those are now VUL licenses, which allows Standard and Enterprise edition customers to protect slightly more workloads than before. We encourage you to experience the benefits of protecting physical, cloud and enterprise app workloads for yourself. As with v10, these can be used for NAS too!

Finally, we’re pleased to announce that with v10, these gifted licenses will no longer expire when you purchase additional instances. They are forever yours, no strings attached. We want you to have your cake and eat it too.

V10 centralized license management and merge updates

When we launched the VUL predecessor in early 2019, hybrid environments required merging socket and instance licenses (VUL) into a single license file. Our customers saw that as an unneeded complication – so based on the feedback, we’re bringing the ability to install and manage socket and VUL license files separately in v10. So if, like most Veeam customers, you have a socket license now, and decide to purchase an additional VUL licenses to protect non-VM workloads – you can just drop that new license into your existing backup server!


VUL is the future of licensing at Veeam, giving you all the features and all the portability in one license type.  If you have questions about license changes in v10, we have the detailed Licensing section in the What’s New document.

Still have questions? Please contact our renewals team. If you’re ready to go, download v10 and get started now! Thanks again for being VeeAmazing users, we hope v10 makes achieving your business objectives easier than ever. Until next time.

[VEEAM] v10: Seriously Powerful NAS Backup at Scale

February 26th, 2020 No comments

The world of NAS has changed over the years, historically being used as a central location to store and share user files and home directory data across the business.

Today, NAS is used much more widely – commonly including applications, large unstructured data sets and virtualization. What has also changed is the scalability that you can now achieve through your production NAS devices by exposing NFS or SMB protocols for these workloads. As such, unstructured data is currently measured in Petabytes and continues to grow exponentially.

Challenges of NAS and unstructured data

NAS functionality has a broad use case for different workloads including vast amounts of unstructured data- aka the data that we create as users every day including documents, presentations, graphics, etc., as well as the massive amount of data that devices in the Internet of Things are creating every second. This unstructured data growth brings a major challenge in how it can be protected efficiently. Several large unstructured data sets are not being protected today because of their sheer size, which helped to drive a major consideration that we at Veeam had to take in order to bring you the best solution for these large unstructured datasets.

A few common examples seen today include:

  • Common user data from office applications (docs, spreadsheets, presentations, etc.)
  • Surveillance video from doorbells and law enforcement body cams
  • Medical records that include x-rays or other imaging files
  • Warehouse data including barcode images

NAS Backup in Veeam Availability Suite v10

We are pleased to announce that NAS backup is a part of Veeam Backup & Replication v10.  This is a monumental achievement and a feature that we wanted to ensure was implemented properly.

At Veeam our NAS backup mission was clear:

  • Make NAS backup simple, yet powerful enough to fit the standards of Veeam Backup & Replication
  • Build a flexible solution that will meet workload needs anywhere -even across commodity hardware
  • Reliably scale to protect massive amounts of data, for even the largest of enterprise organizations

This approach embraces Veeam’s mantra of being software-defined and hardware agnostic, enabling customers to choose the hardware they need for the job and not be locked into appliances for no reason. Additionally, there are three areas of differentiation:


There are many types of NAS Systems with many protocols and versions being used across the world to present their unstructured data, with the v10 NAS Back up we can protect not only SMB and NFS shares but also Windows file servers and Linux file servers shares.

Changed File Tracking

The unique functionality that v10 NAS Backup brings to these challenging NAS environments is the Changed File Tracking functionality which enables you to perform fast incremental backups of our NAS environments, allowing you to easily achieve your backup objectives.

Snapshot friendly

One of the advanced backup capabilities we are delivering in v10 is the ability to perform flexible backups directly from storage snapshots created by enterprise-grade NAS devices on either primary or secondary storage. This gives even more ways to further enhance the performance and speed of NAS backup.

How does it work? – Components

The best thing about the addition of NAS backup into Veeam Backup & Replication v10 is that it still maintains the simplicity that has been a part of the product and design mantra since the beginning. The first component to mention is the file proxies, the file proxies are the muscle that allows for throughput of data from source to target. The requirements for these proxies are they need to be on a Windows operating system, but they are scalable and software defined, meaning there is no requirement for new hardware or dedicated appliances to scale this out like some other offerings in the industry.

Next up is the killer differentiator which is the Changed File Tracking which maintains the footprint of the source file share and is stored in something we call a Cache Repository. This cache repository keeps track of all objects that have changed between each backup, resulting super-fast backup processing.

When it comes to storing our backups, NAS Backup supports the same range of different backup repositories as our image-based backups- including scale-out backup repositories.

But since we we’re focusing on unstructured data backup in our NAS engine, we wanted to ensure the ability to tier off your older file versions onto cheaper storage types such as deduplication devices or Object Storage. This methodology provides the ability to keep a short-term retention for days close to the production data set but then to meet with regulations and retention demands you can leverage the public cloud for a longer-term retention and archival.

v10 NAS Backup also has the ability to store an offsite copy of your NAS data – this can be a completely different retention period (both longer and shorter), with a separate encryption key for added security  – and can be used as a disaster recovery option when it comes to recovering your unstructured data.

Recovery Capabilities

Restore entire share

This option is most useful when there is a complete loss of your file share or major outage, allowing for a complete restore of the latest version of all files either back to the original location or to an alternate location with security and permissions intact.

Rollback to a point time

Quick rollback gives you the ability to roll back to the “last known good configuration” or backup, meaning that any modified files since the last backup can be reverted. The example here would be a ransomware attack and the encryption of a file share. This option would allow you roll back to the last good backup before the ransomware attack occurred.

Check out a live demo of rollback to a point in time after a ransomware attack in action!

Restore individual files and folders

Designed to be simple with similarities to the File Level Recovery from image-level backups, this restore type provides you with the ability to restore individual files and folders either by overwriting the live system or keeping both copies. Easily choose specific restore points with additional visibility to see all available file versions, making the selection of versions you wish to recover a simple, yet flexible task.

Backup your NAS for FREE today!

Existing Veeam socket license customers are entitled to up to six (6) FREE Veeam Universal Licenses – one for every licensed CPU socket. You can use these licenses to protect NAS devices, Windows / Linux physical workloads with Veeam Agents, or enterprise applications with Veeam Plug-ins. You will see these licenses available in the License Information dialog right after installing v10, immediately ready to use! Also, any new Veeam customer can try Veeam Availability Suite, including NAS backup, for free for 30 days!


The time could not be better to take advantage of a better NAS backup that’s faster, stronger and smarter than ever before. Personally, I am super excited to see this feature be released as it will offer a solution that businesses large and small can use to simplify protecting their unstructured NAS data.  Learn more about NAS backup here or download the What’s New document.  And download v10 now to take advantage of this and the 150 other amazing new enhancements.  V10 = Better Backup!

Categories: Veeam Tags:

VMware: NLVMUG UserCon 2019

February 12th, 2019 No comments

In 2019 verhuist de NLVMUG UserCon naar een nieuwe locatie: De Fabrique te Utrecht! Het event vindt plaats op donderdag 21 maart 2019.

De locatie mag dan nieuw zijn, wij gaan er als vanouds tegenaan om een geweldig event neer te zetten. De trend van de afgelopen jaren wordt voortgezet. Verwacht dus nog meer community en VMware sessies. Denk ook aan use-cases van onze sponsors met situaties die je zelf zou kunnen meemaken op de werkvloer.

Call for papers

Zelf bijdragen aan de content van het event? Dat kan! Onze “call for papers” is nu online. Ga naar PaperCall om deel te nemen en jouw presentatie(idee) in te dienen.


Inschrijven voor de NLVMUG UserCon 2019 doe je hier.



Categories: VMware Tags: , ,

VMware: New Rollup Bulletins Simplify VMware ESXi Updating

July 14th, 2018 No comments

VMware ESXi patches are released periodically to resolve issues or address security vulnerabilities – just like any other software product. These updates can either be downloaded automatically through VMware vSphere Update Manager (VUM) or manually by logging in to My VMware. Regardless of delivery means, the contents are the same: a collection of software packages, knowns as VIBs, that are grouped into bulletins to ensure dependencies are satisfied during installation.

Bulletins, Patches, and Rollups

There are two different types of patch bulletins for VMware ESXi: patches and rollups.

For any given VMware ESXi patch release, there is typically, at a minimum, one bulletin that contains the core system packages – esx-base, vsan, and vsanhealth. Often, there are additional bulletins if other packages have been revised in order to remedy bugs or security issues. These types of bulletins, that include a small set of packages, are known as patches in Update Manager.

Occasionally, VMware releases a more comprehensive service pack, known as an Update, that includes the latest versions of all packages that comprise VMware ESXi. These Update releases are classified as rollups in Update Manager.

Rollup Bulletin Now Included in Every Patch Release

In between the large Update releases, however, there has not been a simple workflow for vSphere administrators to use that would ensure hosts are on the absolute latest version of every package. While this can be accomplished with dynamic Update Manager baselines that are configured to include all applicable patch bulletins, some customers may have opted to apply just specific critical patches. In that scenario, over time, hosts may lack many useful fixes and updates that were released since the GA.

Starting in June 2018, each VMware ESXi patch release will also feature an optional rollup bulletin that includes every package that has been updated since GA. This is a straightforward approach to keeping the vSphere infrastructure current, because the Update Manager baseline requires just a single bulletin.

For detailed information on software fixes, each VMware ESXi patch release is described in a KB article, with a link to a child article for each bulletin included in the patch release. Take a look at a recent VMware ESXi 6.7 patch KB for an example.


VMware issues a patch release when software fixes are required – these includes one or more bulletins. Each bulletin includes a set of VIBs, which are the ESXi software packages. Bulletins come in two different types: patch (a few packages) and rollup (complete system). Going forward, all patch releases will include the traditional patch bulletins, and will also be supplemented with a rollup bulletin. This offers a simple way to ensure hosts are running the latest version of every package.


Source: VMware

Categories: VMware Tags: , , ,

VMware: Yeehaa I’m vExpert 2018

March 15th, 2018 No comments

I am very honored and very pleased to be awarded the VMware vExpert Award for the ninth time in a row! Thanks to VMware for continuing this award. Also congratulations to all new vExperts 2018 and again welcome to earlier vExperts!

Categories: VMware Tags: , , ,