If we read the documentation right, to be able to restore Exchange items, the server must be member of the Active Directory of the Exchange server.
Why on earth?
I can restore Exchange items with the Veeam Backup and Recovery console without the need of the server beeing member of anything. If you need to scan the AD for mailbox info, why not ask the user for credentials? This way, we could even restore items from different Active Directories with only one Enterprise Manager server.
If someone hacks the AD and henceforth can access the Enterprise Manager, how safe are the backups at this point?
-
- Influencer
- Posts: 13
- Liked: never
- Joined: Mar 31, 2016 12:53 pm
- Full Name: Sven Putze
- Contact:
-
- Product Manager
- Posts: 14840
- Liked: 3086 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Enterprise Manager - Exchange item restore - domain membership
Hello,
the console and Enterprise manager work completely different in the background. That's why the requirement exists.
Best regards,
Hannes
the console and Enterprise manager work completely different in the background. That's why the requirement exists.
from which perspective? Enterprise manager cannot directly delete backup data. But an attacker could remove VMs from backup as it is possible to edit backup jobs.how safe are the backups at this point?
Best regards,
Hannes
-
- Influencer
- Posts: 13
- Liked: never
- Joined: Mar 31, 2016 12:53 pm
- Full Name: Sven Putze
- Contact:
Re: Enterprise Manager - Exchange item restore - domain membership
how safe are the backups at this point?
To my understanding the Enterprise Manager holds credentials for the Veeam Backup and Recovery server, regardless if the backup server is a domain member or not. When the Active Directory is breached, an attacker could work his way into the Enterprise Manager, decrypt the backup server credentials and move on to get hold of all the backups. Or he could just restore a VM into an unusable state.from which perspective? Enterprise manager cannot directly delete backup data. But an attacker could remove VMs from backup as it is possible to edit backup jobs.
-
- Product Manager
- Posts: 14840
- Liked: 3086 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Enterprise Manager - Exchange item restore - domain membership
ransomware will not do what you describe, but agree, that are valid attacks.
Who is online
Users browsing this forum: Bing [Bot] and 57 guests