Greetings friends, last April 21st to 23rd I had the opportunity to attend VeeamON in person. The experience was truly fulfilling like every year, where Customers, Partners, Community and the Veeam team get together to share the latest news regarding data resilience.
There were many announcements, new cool technology, road-map, workshops and great of in person conversations. On this post I will try to condense everything that was announced or mentioned during this VeeamON.
v13 & Veeam Software Appliance
Let’s start with my favourite announcement. Anton Gostev set up the scene showing all the workloads Veeam protects since the first release up to now, hinting as well two or three new hypervisors without mentioning any names. Gostev announced Veeam Data Platform v13, during his 15 minutes of presentation he covered multiple key enhancements and deliverables. Let’s quickly touch upon them, although we will cover them in more detail in future blog articles.
New Veeam Backup & Replication Web Client
Veeam Backup & Replication v13 includes a new web client, there is limited functionality at the moment, but the idea is to keep expanding on features and use-cases. Anton Gostev showed the Overview dashboards, which will be the new “home” button or landing page. Super-charged with a resiliency overview score that combines platform health, protection overview, and threat hunting, giving us a quick understanding of what it is happening in our environment.
I particularly like the Protected Workloads widget, which is a drill down that highlights what is protected vs what it is not, also the Top Repositories where we can see the growth vs previous weeks is truly useful and fresh:
There is also a dark theme, codename is “Aurora theme” and it combines all the modern design trends like glass effect (glassmorphism for those in design), blur background shapes, and high contrast for icons, and text to make it fully WCAG and VPAT compliant:
As mentioned, the new Veeam web client is aimed at simplicity, trying to flatten the learning curve for hardcore administrators, these are two examples of how simple and familiar the views will look like for example the Managed Servers view:
Or for example when creating a backup job, the view where we can select the source from different types, including filters, search bar, etc.:
Enhanced Veeam Backup & Replication Client
There was a beautiful announcement as well about a completely redesign of the Veeam Backup & Replication Client, the fat console/windows console we all know and love has been totally redesigned moving it to the latest Microsoft .NET UI/UX technologies. Not much was shown during this initial announcement, but surely enough to got us hooked. I absolutely love the marine blue theme, and seeing hoe many icons were redone make me excited to start using this console soon:
As Veeam is utilising latest Microsoft .NET libraries, now a dark theme is supported as well for those whom prefer something less bright in their eyes. Of course the job graphs, or anything that include green/red are truly visual and easy to spot:
New Veeam Backup & Replication High-Availability
Anton Gostev also showed us a brief functionality that has been requested for years, adding a small comment on how Veeam didn’t need HA to get to $2B valuation, but nevertheless this is an important feature without a doubt.
At the same time, it is true that Veeam Backup & Replication is really “stateless” in a sense, meaning that if it crash, got corrupted, etc. As long as you have a Backup Configuration done somewhere outside the server, you have your Veeam environment up and running within minutes. But of course, if we can reduce those minutes to seconds, or even no disruption with this HA, even better!
New Veeam Backup & Replication Access Management
Another one of my favourites, because I am going to use this day to day, and I am sure many Customers will too. I am talking about Access Management in general, as Anton Gostev presented two radical improvements.
- Full Identity Provider integration. Making super easy to add access and users from our current Entra ID, or any other IDP.
- Truly granular Role Based Access Control, or RBAC when using the nomenclature.
Adding an IDP seems truly simple in just a few clicks, similar to any other modern application really:
We are not yet fully prepared for this, but creating new backup or restore operator roles, with this level of granularity it is going to change how we use Veeam forever. As now we will not need Enterprise Manager anymore if we do not want. Also the Veeam Backup & Replication Console changes entirely depending of what you have access to see!
Imagine you have a backup role, with just a few VMs and some NAS access, some repositories, and even zero restore permissions. Your VBR Console will just show you what you have access, nothing else, nothing more; game changer!
As a small note, these custom roles are not yet available in the VBR Web Console, but surely they will come in a near future.
New Instant Cloud Recovery from Veeam Vault
More cutting-edge impressive innovation, I am referring to Instant Cloud Recovery from Veeam Vault. This new technology it will allow to Customers leveraging today Veeam Vault, to recover any Windows or Linux as an Azure VM, taking less than 5 minutes to boot up! As a quick highlights:
- Restore ANY Veeam backup of ANY Windows or Linux machine as a native Azure VM in less than 5 min (time includes Azure VM provisioning and boot to OS logon screen)
- No longer just a spare tire — instantly recovered VMs may perform better than native Azure VMs in some scenarios (depending on I/O pattern)
- Provides a solid foundation not only for disaster recovery, but also for various in-cloud services like Clean Room, malware scanning, data classification, and much more
New Universal CDP
Another outstanding functionality that is coming to shake the market is Universal CDP. Imagine RPO down to seconds, across any Windows or Linux machine, always ready to recover back to VMware vSphere or VMware Cloud Director. Think about the possibilities for Service Providers, or even across different business units protecting their most critical assets, we are talking seconds here, some bullet points from Anton Gostev:
- Veeam Continuous Data Protection (CDP) extended to ANY machine — physical, virtual, or cloud — with agent-based CDP for Windows and Linux machines.
- Protect your Tier 1 workloads with RPOs and RTOs in seconds, even over high-latency links.
- Support for VMware vSphere and VMware Cloud Director as replication targets, with additional targets coming later.
- Veeam Cloud & Service Providers will be able to deliver Universal CDP-powered services with the existing Veeam Cloud Connect Replication infrastructure.
v13 Performance improvements
Veeam v13 will deliver a major leap in data protection performance, helping customers reduce costs, accelerate operations, and enhance productivity across the board. Anton Gostev mentioned these three key improvements:
- Up to 100% improved workload processing speed: Customers can protect more workloads in less time, enabling faster backups, reduced job windows, and improved system efficiency, especially critical in large-scale environments.
- Up to 50% improved backup performance: Achieve faster backup completion times and lower impact on production systems. This means better SLA compliance and more room for growth without overhauling infrastructure.
- 10x faster, 10x cheaper restores to cloud: Cloud restores are dramatically optimized, reducing both recovery time and cloud egress costs. Perfect for hybrid cloud strategies, ransomware recovery, and agile testing in cloud environments.
NEW Veeam Software Appliance
Gosh, if it was not enough great stuff already. Anton Gostev quickly mentioned the many years that took him personally to be able to deliver a Veeam Software Appliance based on Linux. Gostev covered this announcement based on three main pillars: pre-built, pre-hardened, and predictable. Let’s deep-dive into all of them.
Veeam Software Appliance – Pre-Built (Simple to Deploy)
- Appliance OS with Just Enough OS (JeOS): Veeam software comes pre-packaged with a lightweight, purpose-built operating system, all maintained by Veeam, eliminating OS patching and compatibility headaches.
- Flexible delivery options: ISO or OVA: Choose between standard installation media (ISO) or a Virtual Appliance (OVA) for fast, hassle-free deployment in your environment.
- 100% software-defined and hardware-agnostic: Run the appliance on any infrastructure: physical, virtual, or cloud, without worrying about hardware compatibility or vendor lock-in.
- Streamlined management via web UI: Simplified web-based interface for easy access to host OS controls, removing the need for deep OS expertise or complex tools.
Anton Gostev showed-case briefly the new Veeam Host Management Console, a dedicated, and separated from the main Web Client, secure interface. If you use Linux you might have seen cockpit on RedHat.
This is going to be truly powerful, and it is exactly as anyone could have dreamed. Very similar to what VMware vCenter offers today.
Veeam Software Appliance – Pre-Hardened (Secure by Default)
- Pre-configured Appliance OS: Aligned with DISA STIG security guidelines, the appliance is built with hardened defaults right out of the box, removing guesswork and ensuring strong security from day one.
- Minimized attack surface: SSH and unnecessary integration services are disabled by default to reduce exposure to external threats and limit entry points.
- Mitigated privilege escalation risks: The architecture uses low-privileged services to minimize the blast radius of potential vulnerabilities, helping contain threats before they escalate.
- Automated security updates and centralized management: Veeam handles continuous patching and hardening, easing the operational burden and improving your organization’s security posture.
- Consistent protection across components: Backup infrastructure deployed using the JeOS ISO benefits from the same centralized patching and hardening, ensuring consistent security across the entire stack.
Regarding the updates part, it was very nice to see how Veeam will make sure all the appliance are up to date, with both: security and functionality based updates, giving certain control over them but ultimately installing the security one, like Microsoft does:
Veeam Software Appliance – Predictable (True Zero Trust Operations)
- No root access for backup server admins: Appliance OS is locked down: root privileges are completely restricted, even from backup admins, ensuring strong separation of duties and reducing insider risk.
- Security Officer approval for sensitive actions: All critical host operations and configuration changes require explicit approval from a designated Security Officer role; enforcing governance and accountability.
- Mandatory MFA and password policies: Multi-factor authentication is enforced along with DISA STIG-compliant password rules to strengthen access control and reduce the risk of credential-based attacks.
- SAML (SSO) integration: Provides seamless access to the backup console using secure Single Sign-On (SSO), improving user experience while maintaining strict access control.
If we remember the Host Management console I mentioned above, the Security Officer only has access to a few key operations, nothing else. Not IP changes, or DNS, etc. Just there for the sake of keeping the environment secured.
Anton Gostev announced that the v13 Beta can be found today contacting your Veeam Systems Engineer of trust. I have the ISO and recorded a video with my thoughts, it will be published soon as well.
Overall, VeeamON 2025 didn’t disappoint, it was an absolute great success and the level of announcements and releases did blow my mind. Keep posted for more updates about it.
Leave a Reply