Greetings everyone, as the year is coming to an end, this might be the last post of 2021 about Veeam. I was taking a look at the extensive, and vast, Veeam ONE capabilities, remember that I wrote here a really great detail about everything you can do with it:
- Looking for the Perfect Dashboard: Veeam ONE – Part I – Introduction to Veeam ONE
- Looking for the Perfect Dashboard: Veeam ONE – Part II – Download and Install Veeam ONE
- Looking for the Perfect Dashboard: Veeam ONE – Part III – Adding a VMware vSphere Infrastructure to Veeam ONE
- Looking for the Perfect Dashboard: Veeam ONE – Part IV – Adding a Veeam Backup and Replication Infrastructure to Veeam ONE
- Looking for the Perfect Dashboard: Veeam ONE – Part V – Troubleshooting vSphere using Veeam ONE Monitor
- Looking for the Perfect Dashboard: Veeam ONE – Part VI – Troubleshooting Veeam Backup and Replication using Veeam ONE Monitor
- Looking for the Perfect Dashboard: Veeam ONE – Part VII – Dashboards at a Glance in the Veeam ONE Reporter
- Looking for the Perfect Dashboard: Veeam ONE – Part VIII – In-depth look at Reports in Veeam ONE Reporter
- Looking for the Perfect Dashboard: Veeam ONE – Part IX – Chargeback to create cost reports of our Infrastructure
As Veeam ONE already has deep visibility of VMware, not from every event, or change, but enough to give us an idea of what we can do. I have decided to take it to the Next-Level.
Introducing Veeam ONE Proactive Hardening Monitoring – Community-based
Quick introduction the “What”
As you might know, VMware takes the extra effort to keep up to date a really great Spreadsheet with all the security recommendations, and best practices for Center, ESXi, VMs, etc. You can find the spreadsheet for free here:
- Version 701-20210210-01 – https://via.vmw.com/scg
The spreadsheet looks like this:
Then I thought, wait a minute, some of these changes are reflected on Veeam ONE, I remember seeing them under the Tasks and Events, on every Inventory item:
Deep into the “How”
Alright, now that we have seen the what is all of this, let’s take a look at How we can leverage Veeam ONE to alert us when some of the Hardening issues are triggered. First is to download the Community-Based Veeam ONE Alerts that you can find on GitHub:
Now that we have the file ready, we login into Veeam ONE Client, and we go bottom left, under Alarm Management:
Great! Almost done, we go top of the tree, right-click, and Import Alarms:
As easy as pie, let’s go and select the file, and make sure you keep the Import assignment checked, finally click in Import:
If everything goes as expected, you will see something similar to this:
And finally, if you search by the keyword hardening, you will see the new alerts that have been added:
Doesn’t look awesome? Now, if these alerts are critical to you, please change and edit them to your needs. Same to the notification, it just has a default email, but maybe you want to send these to Teams, or Slack, perhaps? – https://www.veeam.com/blog/one-alarms-notifications-teams-slack.html
Quick “Why”
At this point of the year, I think I should not start pitching about Security, we all have seen massive Ransomware attacks, vulnerabilities of all scores, affecting every single layer of our stack; Hypervisor, Guest OS, Networking, Active Directory, everything really!
So, if a vendor like VMware spends time, and years as I have been following their best practices since vSphere 4.x, the less we can do is to pay attention to that recommendations and harden our environment following those instructions, as painful and less convenient as that can be. And of course, if we can leverage a tool like Veeam ONE to let us know a few pieces around that hardening, well even better.
Thank you so much for reading the blog, hope we can extend this monitoring much further.
[…] Jorge Delacruz vous présente Veeam One et ses fonctionnalités pour le hardened monitoring : https://jorgedelacruz.uk/2021/12/19/veeam-taking-veeam-one-to-the-next-level-with-proactive-hardenin… […]