Veeam: What’s new in Veeam Backup and Replication v12.1 – Major New Features

Greetings, friends! As the holiday season unfolds, Veeam unwraps a spectacular present for the tech community: the General Availability (GA) release of Veeam Backup & Replication v12.1. Packed with an array of enhancements and features, this release is like a tech enthusiast’s festive feast. Let’s embark on a journey through the most exciting updates!

Major New Features

Detect and Indentify Cyberthreats

The latest version of Veeam Backup & Replication 12.1, introduces several advanced features for detecting and managing cyberthreats. Key among these are:

1. Inline Malware Detection: This feature uses Machine Learning to analyze data streams during backup. It detects signs of ransomware, such as unencrypted data becoming encrypted and other malware indicators, like Onion links, directly in the backup stream. This process happens via a backup proxy or agent without needing additional requirements, although a well-resourced CPU on Proxies is recommended to avoid slowing down backup speeds.
2. Suspicious File System Activity Detection: This function involves scanning guest file system indexes for known malware file extensions and ransom notes. It compares file system activity against indexes to spot unusual changes indicative of malware or cyberattack, such as mass deletions, file renames, or the emergence of new file types. This feature operates independently from inline detection and requires file system indexing to be enabled in the backup settings. Regular updates of malware definitions via Internet connection are essential, though manual updates are also possible (refer to KB4514). I would keep that KB on my RSS and notifications without a doubt.
3. Early Threat Detection: The Veeam Incident API facilitates the integration of external Endpoint Detection and Response tools for early infection notification. This helps in marking all restore points created post-infection as compromised and allows for immediate creation of a new restore point before significant damage occurs.

Respond and recover faster from malware

1. Threat Visibility and Analytics: The software equips teams with advanced tools integrated into restore wizards for threat visibility, enabling efficient backup analytics and swift incident response to reduce reinfection risks. Veeam ONE direct access inside the Veeam Backup & Replication Console, what is not to like?
   
2. YARA Rule Integration for Backups: Once malware is identified, the software uses YARA rules to pinpoint clean restore points in backups, aiding in preventing malware reintroduction. It offers various scanning modes, like sequential or binary search, and the option for scheduled scans with SureBackup, especially useful in post-recovery phases.
3. Threat Tracking and Event Forwarding: It tracks potential threats, marking restore points as suspicious or infected to prevent accidental restoration of compromised machines. The software can forward event data to chosen SIEM systems, enhancing operational response capabilities.

Security and Compliance Enhancements

1. Four-eyes Authorization: Requires secondary approval for sensitive changes in backup settings.
2. KMS Integration: Integrates with Key Management Servers using asymmetric encryption, improving security against backup decryption by attackers.
3. Security and Compliance Monitoring: Regular scans ensure infrastructure hardening and compliance with best practices.
4. Veeam Threat Center: Offers a dashboard for threat detection, risk identification, and data protection scoring.

Veeam App for ServiceNow

This plugin integrates with ServiceNow, providing backup visibility, incident creation, and a dashboard for backup management and reporting.

1. Backup Visibility: This feature offers comprehensive visibility into backup operations within the ServiceNow platform. Users can access detailed information about their backup jobs, sessions, and restore points. This integration allows for the creation of custom reports and dashboards within ServiceNow, leveraging its robust data presentation and analytics capabilities.
2. Automatic Incident Creation: In case of backup failures, the Veeam App automatically generates incidents within ServiceNow. This seamless integration ensures that any backup issues are promptly reported, tracked, and managed using ServiceNow’s incident management framework. The integration extends to Veeam ONE (we will cover this on other blogs), enabling the transfer of failure messages and alerts into the ServiceNow environment, thereby centralizing operational response and monitoring.
3. Backup Dashboard: The application includes a pre-built dashboard that provides a snapshot of recent backup activities, incidents, and detailed insights when needed. This dashboard is designed to give IT teams quick access to essential backup data, aiding in swift decision-making and operational oversight.
   
4. Backup Job Templates: The app facilitates the automatic creation of backup jobs during the VM provisioning process. Users can select any existing backup job as a template, and the process can be integrated into existing workflows within ServiceNow. This feature adds to the efficiency of backup operations, ensuring that new VMs are automatically included in the backup schedule as soon as they are provisioned.

Backup of Object Storage

Offers a scalable architecture for backing up data in object storage, with support for various data sources and efficient backup engines.

1. Scalable, Storage-Agnostic Architecture: The software features a proprietary distributed file system, designed specifically for large-scale data protection. It can handle billions of objects of petabyte sizes, offering users the flexibility to choose their storage target. Whether backing up directly to another object storage or using a scale-out backup repository, the system supports a range of hardware options, from commodity server hardware to direct-attached storage. This flexibility is a key advantage, especially for businesses dealing with massive data volumes.
2. Extensive Data Source Support: The software supports a wide array of data sources, including on-premises S3-compatible object storage, as well as major cloud storage providers like Amazon S3 and Microsoft Azure Blob storage. This broad support ensures that organizations can protect their data regardless of where it resides, providing a unified backup solution across various storage platforms.

Veeam Continuous Data Protection (CDP) Enhancements

The Continuous Data Protection (CDP) enhancements in the software provide significant improvements in both performance and reliability:

1. Increased Scalability: The updated CDP engine now supports a larger number of VMs and virtual disks, making it suitable for protecting Tier 1 workloads in extensive environments.
2. Reduced Compute Requirements: The enhancements have led to a reduction in the compute resources needed for CDP, enhancing efficiency.
3. Advanced Recovery Features: New functionalities include file-level and application item-level recovery from CDP replicas, automated recoverability testing, and an I/O Anomaly Visualizer for precise recovery timing.
4. Enhanced Failover and Failback Options: The software now supports zero data loss failover for CDP replicas and more flexible failback options, including failback to cluster and customization of target VM names and disk types.

Veeam AI Assistant

The introduction of the Veeam AI Assistant marks a significant advancement in the software’s capabilities:

1. Intuitive Product Usage Advice: The AI assistant, powered by a GPT model and integrated directly into the backup console, offers personalized guidance and advice on the best practices for using Veeam products.
2. Contextual Knowledge Base: Utilizing Veeam’s extensive technical documentation as a context, the AI assistant provides precise and relevant answers to user queries, enhancing the overall user experience and efficiency.
3. Privacy and Security Focused: The AI logic runs on a private Microsoft Azure instance, managed by Veeam, ensuring that conversation data remains confidential and is not shared with third parties. No customer-specific information from production environments or customer records is provided to the AI assistant.
4. Optional User Control: Users who prefer not to use this feature have the option to disable it completely by modifying the system registry settings on the backup server.

Besides this very quick recap, there are other 16 pages on the What’s New for Veeam Backup & Replication v12.1, that for sure will keep you busy looking for that funcionality that you have been waiting for, that perhaps it was requested by your business, or by you on the forums, etc.

Other Resources

I would totally recommend you a few extra reads on the topic, with more material, and better explained than here for sure:

• https://anthonyspiteri.net/veeam-backup-replication-v12-1-features/
• https://www.vladan.fr/veeam-12-1-download-available-start-your-download-engines/
• https://original-network.com/v12-1-release-veeam-data-platform/
• https://community.veeam.com/discussion-boards-66/v12-1-what-s-new-what-s-your-favorite-5862
• https://medium.com/@nikitakozlenko/detect-defend-and-restore-veeam-data-platform-12-1-security-arsenal-a4dae006d04d
• https://nicostein.com/veeam-12-1-is-out-lets-upgrade-br-and-veeam-one/