Скачать с ютуб DartPoints: Podcast в хорошем качестве

DartPoints: Podcast

This is DartPoints Podcast #95 for Friday, November 10th, 2023.  In this podcast, Michael and I talk to David Gorman and Lee Rivas from Veeam about the upcoming Veeam 12.1 Platform Update. The views, thoughts, and opinions expressed in this podcast are the speakers own---and do not necessarily represent the views, thoughts, and opinions of DartPoints or a guest's employer. #DartPoints #DaaS, #Storage, #DataCenter, #Cybersecurity, #TechNews, #DisasterRecovery, #DataProtection, #Enterprise, #InternetPrivacy, #LifecycleManagement, #VMware, #NOC, #NetworkOperationsCenter, #ManagedDetectionAndResponse, #mdr Dave Gorman, Service Provider and Cloud Sales at Veeam Lee Rivas: Technical Systems Engineer at Veeam What's new in Veeam V12.1 (23H2 Update): Cybersecurity Features: (AI and Machine Learning making way into Veeam) YARA Rule Integration: Can be used for ransomware or protected data/info - "Yet Another Recursive Acronym." Ransomware Rules to detect specific heuristics in backup data. Realtime Ransomware Identification YARA is an industry standard for malware identification. Inline Ransomware Detection: In-step with Cyber attach impact stage (MITRE Framework) Engines: Data Stream Analysis: Entropy Change detection using AI/ML Model -- As backups are happening… Image Level File System Analysis: Index is checked for the presence of suspicious files with known malware extensions. Built-in Malware detection engine - Protection during detected and forwarded to SEIM Can Mark Backups as "Clean" or "Dirty" in the Veeam UI Veeam can scan for the last "clean" restore point. *Updates to malware definitions can be automatically updated! Veeam Incident API: Enables your backup server to receive threat notifications from 3rd party tools: Leverage Advanced detection algorithm of EDR/XDR engines. Real-time notifications mean we can react to the infection immediately. An EDR engine can trigger Veeam to take an out-of-band backup----and/or update known good backups. EDR partnerships/integrations. Sophos for now…who's coming next? Offline Malware Detection: Detection of malware and/or any other unwanted data in backups with: AV engine of your choice - Microsoft Windows Defender---and any AV of user's choice. YARA rules -- Look for specific malware strains-----but also things like personal data, SSNs, etc. Backup data can be scheduled or performed ad-hoc with specific can order of backups. Four-Eyes Authorization: Protect your backup infrastructure by preventing accidental execution of sensitive operations by requiring additional approval to proceed with system configuration changes. Backup Deletion Repository Deletion Access Control configuration modifications BTW, MFA Veeam Console login was added in V.12 -- Just saying, admins-- MFA everything! Updated Security & Compliance Analyzer: Periodic scans for: Backup infrastructure security Data Protection Best Practices Veeam Threat Center: Integrates all of this data into a "single pane of glass" - Based on Veeam ONE Engine -- But can be access inside of VBR Location Mapping across data centers---- Infected, Suspicious, Clean SLA Compliance, Immutable Backup compliancy Other New Features: Veeam AI Assistant: GPT-based chatbot for technical Veeam support on YOUR Veeam server. Data does not leave your VBR server. Leverages "on-board" LLM. The AI engine is trained by evaluating entries from the Veeam KB and the transcripts from Veeam's YouTube channel. Backup Object Storage as a Source S3 compatible and Microsoft Blob Storage SureBackup Enhancements -- Malware scans, randomized backup job object checks Veeam CDP Replication with visualization of when attacks have taken place--- to ensure clean data is recovered.