Transcript
As you can see, Rick is on vacation. He actually mentioned it last episode. So I thought to myself, let's have some special episode. So I decided to invite two special guests. Luis, our legend and VUG Spain leader, as well as Andrej, my colleague from Product Strategy. Welcome, both of you. Andrej, you were part of the recap before. I believe so, a couple of times, yeah. But you've got too many episodes these days, so I don't really remember the number of the episodes anymore. But yeah, I used to be the part of it. That's OK. It doesn't matter. But I think you were twice in the show before. So this is your third time. So welcome back. And Luis, is this your first time? No, actually, I've been in other recaps and also at Beam On, we did something special as well. So it's not the first time, but I'm always happy to be here. And happy to have you both again. So I was thinking maybe I know many of the community members already know both of you, but maybe you can just give a short introduction of yourselves, starting with Andrej. OK, no problem at all. I'm Andrej Stadler. I've been with Veeam for 13 years. I celebrate my anniversary back in April. I am the part of global Veeam strategy team. Over the years, I've been taking different roles, supporting various products, but kind of growing and evolving with the company. So happy to be here and happy to support you, Maddie. Thank you very much. And Luis? I am Luis. I'm based in Spain. I am a Veeam legend, as well as the Veeam user group leader for Spain. IT professional with more than 20 years, Veeam lover, IT solutions lover, and always community first guy around. So, OK, thank you very much for both for your introduction and thank you for accepting my invite. We have a lot of great content to discuss about today. And I would say let's jump in already. What do you think? And start with the first article. Sure. Let's go ahead. Fantastic. So the first article comes from Eric from Veeam, and he's discussing how to enhance security for backups stored in Amazon S3 using resource control policies. And these policies let you define the maximum permissions that can be applied to AWS resources across your organization, even acting as a top level security boundary. Andrei, would you like to start discussing about it? What's your takeaway on this? Any opinions? Definitely. Well, first of all, Eric is a good friend of mine, and obviously he's very involved into the public cloud relationship with Veeam. So it's always good to hear from him. And it's not like a major news, to be honest, this article. It's just anyone who's been working with basically the object storage and object storage in the cloud, you know that if you put some data over there, obviously you want to have access to this data. But at the same time, you want to limit it. You don't want any random people all over Internet to access your data. So AWS, obviously, it is a relatively new concept, but it's not entirely new, because they used to have different systems to protect, to guide the data over there. But I like their approach, what they're doing now. It's more of a fine tuning of basically anyone, whether it's a user or the IAM role or the special service or anyone else, or even a special application. So you should be able now, using those policies, to fine tune the permission scope that's allowed towards the data files or data objects over there. So it's really good to talk about it. And yes, security, especially in the cloud and especially in object storage is very important to us. So anyone using it, please give it a read and please make sure that you adapt those practices. Luis, what do you think about that? I think S3 has been a standard nowadays, so it is super important to keep it as safe as possible. And with this great article and with the policies, you are avoiding, as he said in the article, the issue that everybody was, hey, I need a bucket, and your administrator just provided you a bucket, and nobody was really informed what the bucket was used for. So with these policies, even though if you request a bucket, you are protecting all those misunderstandings, that for initially it was for consulting, but then it becomes a data store or it becomes something different. With this type of controls, you can really ensure that the data is safe. You don't want to reuse a bucket that it was permitted to write, and then you're using it for, as he said, publishing pictures on a website. So everybody can reach that and also can write into it. So with this, you are ensuring that everything is under control. I think it's great, and S3, as I said, has become a standard. So the sooner the better is always a target for attackers, for malware, and for malusers. Yeah, absolutely. And as I always like to say, it's like any top-level security boundary is welcome, right, with any product. So that's actually a great way to start the recap, talking security and S3. Okay, so should we move to the second one? Thank you very much, Eric. That was a great one and looking forward to see your next article. So I know you are super active in the community. Moving forward to VBR Step-by-Step Configure Azure Stack HCI OS Azure Local Backup. This comes from Luca, one of our legends in Italy. And this is like a walkthrough of configuring Vim Backup and Replication to work with Azure Local. This is basically the Microsoft's rebranded version of Azure Stack HCI. This article looks, as we can see, at the installation, prerequisites. Yeah, exactly. So it's a long article, as Luca likes to always write, and he likes demos. So this is what we have in here. What's your takeaway in here? I guess I will start, but I'm a little bit confused. Well, it's marketing overall, but it's not Azure Stack HCI anymore. It's Azure Local, and I know they've been renaming it. Actually, I think it's the second renaming that they're going through. But obviously, what's going on in the industry with all the virtualization markets? Why is Azure Stack HCI or Azure Local these days? So obviously, it's another interesting variant that people should be aware of. And with Microsoft trying to push Azure as much as possible to anyone, and for anyone doing any businesses these days, this is a nice alternative to traditional Azure, to traditional cloud, because you can have a hybrid approach over here. And I do believe we don't have enough materials about that. So I'm really happy that someone actually got their hands dirty and actually tried to do it. Because I tried to do it a couple of years ago. It was pretty much the same kind of experience. You start adding it into BNR console, and all the time, you face something. And you have to Google. You have to read knowledge-based articles and kind of know your way around. So I really like that we have a guide now, which is straightforward. And for anyone that is trying to make those two systems be friends together, it's the way to go. Just read it, follow the instructions, and you'll be able to protect your Azure Local within a couple of seconds or probably minutes. Yeah, and what I like is also he put these links right with the KB and then also about the announcement of renaming it to Azure Local. Indeed, it is a little bit confusing with all these names, right? Because you just get used with the name, and then they change it, and you are like, oh, what's happening in there? But good that he put all these resources in here, Azure Local solutions overview as well. So I think all these links are very good to go over it. Any thoughts on your side, Luis? Oh, definitely. You know that for the articles that I've been writing down in the community in the past, and I am a super screenshots lover. I love to walk through screenshots because normally I am not the one reading everything. I love going through the screenshots and kind of jump all over around the article and test. I think it's great. He did a great job adding the screenshots and troubleshooting and providing all that information. Azure is pushing so hard. I am not a super fan of cloud providers. I'm more a fan of private cloud or maybe a hybrid approach. But a hyperscaler is always used for a lot of companies nowadays. It becomes also a standard. So as I said, this is great content, and I don't see that many content around. So thank you so much for sharing it. And I'm sure more than one people around the community will look at this and say, oh, this is super useful. Yeah, absolutely. Thank you very much, Luca. And yeah, as you heard from both Luis and Andre, this is something that, you know, like Andre tried to put it together. So Luis appreciates the information. He's very thorough. And as Luis said, I'm sure others will appreciate it. Thank you. And really looking forward to have more of you, because I haven't seen you lately. This is really, it's been a long time since we mentioned your name in the recap. So thank you for that. Moving forward, we're going now to some PowerShell scripts, some PowerShell tips for Veeam. This is a series that Chris put together, and he already shared with us for some other articles on M365. But now he's moving a little bit, and he's doing a script, a PowerShell script for Veeam Enterprise Manager. And he says we can also use it with VBR with the appropriate XML files. So what do you think about that, Andre? Do you think it should be me? Because I feel like, you know, like I should pass it to Luis. We can ask Luis then. Whoever wants to go first. Okay. To me, Chris is a super nice guy and always makes super cool entries in Syria. So thank you, Chris. I think this is super cool, because a lot of people may be scared about PowerShell scripts and these big things. And you commented it so well, and it's super clear and explained. So I love it. And everything that is some sort of automation or making our lives easier in order to update, in order to run tests and so on, I think is super useful. But I would love to see a little bit more maybe in action. What about a little video or a little more screenshots executing this and making it work? Chris, I would love to see that in action. Not only the script, but also. That's a good one, Luis, actually. Yeah, it's a really good one. Yeah, sure. Chris, you heard it. Yeah. Challenge. We're giving Chris homework. Homework for Chris, yeah. I'm sure he's very busy. But I think it's a good idea for him to create content, and it's good that he gets feedback. The application. Because if we're giving the homework, I think I can challenge him even further. So instead of just putting the video on the script, what about stepping up the game and creating an AI agent who would actually do the script and install Enterprise Manager? Because that would be awesome as well. Probably a random idea. What about a special recap or maybe a special add-on with the video inviting Chris and Andrei, and we can both be in the middle of it. It's kind of a live show showing this. How about I would suggest a Vim 100 show episode making it live. Sorry, Chris. You and Chris, and you talk about it. How about that? We're putting you under the line, but sorry for that. There you go. But I think it's fun, and I think it's great feedback. So, Chris, you know what you have to do. But, yeah, any other opinions, Andrei? I'm a fan of automation. I know sometimes it's like I never had the challenge of installing Enterprise Manager at scale, but then I know that some people do have a challenge, and then obviously it would be much better for them to use the script. And I like the part of the script that basically goes directly to Vim, not Vim.com, but underneath to one of the places where we actually have the ISO bits and downloads it to the virtual machine and then installs it. So it's like you don't even have to provide credentials, which is a good thing. So, yeah, I really like that. Absolutely. Thank you, Chris, and carry on with a good job. And looking forward to see if you are taking this feedback seriously and you apply it to your work because I really think it would be interesting. But overall, good job with these scripts, and I think they are useful for the whole community. Thank you for sharing it in here. So now we are kind of done with the community hub content. We are going to the Category Vanguard blog spotlight where we have Derek's article, and Derek's legend, now Vanguard, that used to be very active in the community hub, but now he's not that active anymore. So we want you back, Derek, to the hub because you definitely write some good stuff, and this article actually proves it. Very thorough, very good. I'm not even sure I ever kind of read about this, but I'm going to ask you in a moment about your opinion. So this is Veeam Hardened Repository, and he gets an error. He said device is not authorized for usage. I'm going to start with Luis to give him the opportunity to go first. What do you think, Luis? Derek is a really good friend of mine, so I'm going to be gentle. I'm just kidding. Well, you have to be gentle because this is a great article anyway, so you have to just... I'm going to be fair, transparent, and gentle. Derek, you did a great job. This is a super cool finding, I would say. Maybe we never thought about it because when we were deploying the Hardened Repo, normally you do it on your lab on a virtual machine, or if it's a physical device, you're using always your same USB devices connected to it. So for me, after reading it and going through the article, it was really useful, and I got really glad that, first of all, he finds it, and then that the Hardened works, that even though it does not recognize if you connect a new USB device, physical security is so important as the virtual security. So if somebody, a bad actor, has access to your physical machine, it is super cool that the Linux is also Hardened, that even though if they plug a USB that is not being allowed, it will get the error. So for me, it's super cool. The only thing is that the workaround is, for me, a little messy, but it's because it's Hardened, so you need to make a lot of steps to allow then a device. So it will be super cool for Veeam with the Hardened repo maybe to find a way to get this easier in order to add a device. I'm putting myself in the situation that maybe you need to step into your Hardened repo, but you don't have the USB keyboard that you were used to use. And to fix something, you need to first go to all these steps and lose all this time to get your hands dirty to then jump into the issue. So I like it. As I said, Derek did a great job finding it, posting it, and also posting the workaround. But I would love to see an easier fix in order to get something faster or easier in order to get this money. I guess Hannes heard that, hopefully. We'll tag him. I'm making a lot of friends today, though. You are, indeed. Andrei, what is your takeaway on this? I think I echo Lewis on this one. It's a little bit controversial to me because it feels like the system was designed this way. And if you want to make additional changes to the design, specifically to the security of this design, like plugging additional devices and basically fiddling with USB cards, it feels a little bit wrong because it was already designed. It's supposed to be secure. Why do you have to do additional things? No. But on the other hand, I know that sometimes we have to find the workaround. We are in these situations that obviously you want to plug something and you want to be able to troubleshoot the server and things like that. So I get it, but it's just the part of me that doesn't like to change the default security setting. It was specifically hardened in the title and secure in the name. So yeah. You see? Controversial. But overall, it is a very good reading. So for anyone of you who is basically trying to, I don't know, to get your hands dirty or playing around with hardened Linux repository, overall, it is a very good and detailed article. So, Derek, good job. Very well done. Yeah, and now, you know, because you both said that this is a little bit messy and it's a little bit long process, and I agree from what I see and hear from all these brain screams, I'm thinking maybe, of course, Hannes is the expert when it comes to the Beam hardened repository, but I'm thinking maybe the community has some ideas. You know, after going over this, maybe, you know, we have experts in this community that might have good ideas. So just let us know in the comments if you think about a better way to do it rather than the one that Hannes and Derek kind of found. I think it might just be a temporary one, you know. I don't know, but we'll see. But yeah, just let us know what you think in the comments as well. And thank you, Derek, for sharing this great article with us. I have to also appreciate the name of his blog, right? Tech Notes and Dad Jokes. You both would appreciate that, right? Yeah, but you have to read the article until the end, so you'll get that joke, and you'll get the punchline. Just like, do not skip the article. Do not go directly to the end. Try to read it, and then you'll reward yourself with getting that joke. Okay, so your advice is like, go and read Derek's article. That would be. Awesome. Thank you for the comments, guys. Very insightful. And now, as you can see, we are not really breaking any rules in here. We had three articles from the Hub. We have one VBS. And now we're going to have some special department news as well. And I'm going to start with, if this is going to allow me, with Blog of the Month. And we do have a winner. Blog of the Month winner, June 2025. It's actually the first time when Charlie was mentioned in the Blog of the Month. And he actually won the badge. He won the competition. How cool is that? But also, yeah, I mean, also his article was pretty good. I don't know if you guys read it, Automated Tape Import and Reporting. Yes. I had to go look into it. I had to look, but, you know, tape. Yeah, I have to follow that on that one. I'm not a tape lover. Yeah, me neither. Yeah, but it looks like other people are tape people. There's two types of people in this world, the tape and non-tape. Tape and not yet tape. Yeah. Okay. But anyway, great job in here. Congratulations. This is what I wanted to kind of say. Congratulations, Charlie. Great job. You are the winner with 13 votes. Who was the – I think it was Marcel with his Oracle Restoring Multiple Channels from Backup Job with AAP with nine votes. Oh, there is the Steps to Run OLTP Virtual Appliance. I think this was from – this is actually Oracle, and the other one was Moving Configuration Database. So, good votes in there. But, yeah, just keep on writing good stuff, and you guys are going to also get the badge at some point, and you're going to win the competition. Thank you very much. All that contributed is always really great to see so much good content. Moving forward, talking about the VIM100 show, I was just mentioning it earlier, Luis, that the show with you and Chris would be cool. Talking about Chris and VIM100 show, we have next Thursday on the 10th of July. We had to move it one week later because this week there are some public holidays in Canada and the U.S., so we moved it on the July 10th. And there's going to be actually an interesting show with Corinne and Chris, and we are going to discuss how to automate the setup of VIM backup for Microsoft 365 using Terraform. Chris says that the deployment time is going to be reduced from weeks to just days, so I'm very curious to hear on that. Any thoughts on it? Looking forward. Yeah, not really, like, many thoughts. It's just, like, the title looks great. I would really love to see the session. I would really love to see what they're going to do there and how, especially with VB365. It's all the time, like, I know a lot of people, they're dying to see more automation, and they're dying to see things at scale. So Terraform, it is a very nice platform or another framework to get it done. So why not? I'm hoping it's going to be a very successful session of all attendance. Yeah, totally. I hope so as well. It's summertime. I know people are on vacation. It might just not be the same attendance as the rest of the year, but as you know, this is going, the recording is going on the Veeam YouTube, the official YouTube channel to the section Veeam 100 show. So in case you cannot watch it live, you can still re-watch it in there. We are going to share it at the community hub, so no worries about it. But, yeah, looking forward to it. And moving forward, talking also about some interesting shows and some technical experts. This is like a new format for the BDC series. We had two in the shape of, like, in the format of an event, live event. But now we are trying to move it more to a vodcast format. So we have Hien and Michael Paul and their guest, Jochen Meischner from T-Systems International. And I think this is particularly interesting for the VCSPs, you know, because what they are doing in here is they are discussing the T-Systems experience with Veeam Data Cloud as a Veeam Cloud and Service Provider, you know, and why did they choose to build their latest offerings on Veeam's Data Cloud. Personally, I haven't had the chance to watch it, but I am sure it's going to be interesting. So I'm planning to do. Have you watched it, Luis, Andre? No, I haven't had the time yet. You know that I'm a father of two. So I'm really picking and choosing the things that I watch because my time is limited. I'm not a service provider. I don't work on that side. But I think it is a great approach for the community because normally communities are based or built by users or administrators or final users. And having this little space also for service providers, I think, is a big shot because it opens up a lot of different opinions and different experts that they deal with different issues or different problems, because it's not the same that when you deal with your issues and your problems and you can share with others. And these people, they are dealing with everybody else's issues. So for me, it's super cool. And the insights will be great. So it's one of my to-watch lists, maybe for next week for my vacations when I put the doors to sleep. Have a look into it. Yeah, absolutely. And do you know, guys, where to find it? It's in the Cloud CD at the Community Hub, if you are interested. It's also, I believe we shared it on the homepage. So easy to find. Any thoughts on your side, Andrei, on this regard? I glanced over it. I cannot say that I watched everything, but, you know, I watched the parts of it. I think it is a very important topic, especially these days, because obviously we have Beam Data Cloud. And a lot of service providers from the very beginning, they were concerned because it kind of, sometimes the expectation is that it's going against their businesses, but it's wrong. And it is a good opportunity for one of them, for VCSPs, Jochen, he's a good example, to actually explain how they embrace Beam Data Cloud and how instead of fighting it, they're trying to build their own services based on it, which is really something that is very important to us as a company, and especially looking forward, because we'll have more offering in BDC and we'll need service providers to be also the part of this game, because everyone is going to win, you know, based on that. So a lot of good insights already, and I would definitely recommend to watch it, because it's, you know, it's like not us, not Veeamers talking about, like in Data Cloud and how great it is, but it's, you know, our own service providers. Again, different conversation, right? Yeah, I agree. And it's a different perspective, because I don't think we heard a lot from, you know, VCSPs and BDC. So I think that's very interesting to watch and see that perspective. Great stuff. Thank you both for sharing your opinions, and thank you both for being part of this show. I think it's been a good show with good content, and we haven't broke the rule. And just want to, sometimes we do, but not today. So just wanted to ask you if you have any other thoughts, just before we are closing and wishing everyone a nice weekend. Andrei? My only thoughts right now is everyone stay hydrated, stay cool, and try to survive. You know, like after summer, we'll definitely have a break. It's going to be better, but for now, we have to endure, we have to survive. So, you know, all of the IT stuff, all the community things, it's like a little bit, you know, kind of like going away, because right now the most important thing is to survive. Yeah, Andrei is talking from his perspective, because he's in Berlin, and he has 36 degrees, right? Something around that. So that's not normal for Germany. So that's why he's so optimistic in there. Stay away from the screens. I hope you come with a more positive ending. Absolutely, stay away from the screens and go to the swimming pool. Enjoy some time with the family. You can always recatch this afterwards or in a couple of weeks. Now, keep pushing on the community. Great job, Maddy. Thank you so much for having me. And also, Andrei, it was a pleasure to share this time with you. And as I said, guys, go to the swimming pool, get some tent. Don't pretend to be always on your cave, like doing that stuff. So go outside, there is a world out there. And happy summer and vacations for all of you. Thank you both. And yeah, definitely, guys, stay hydrated, stay informed in the community, be active in there, but also take some time to enjoy the summer. I agree with both Luis and Andrei in there. And yeah, have all of you a happy weekend. And we'll see you next week with episode 222. And hopefully we're going to have Rick back. Triple, double. Absolutely.
