Comprehensive data protection for all workloads
Post Reply
mtg
Novice
Posts: 4
Liked: never
Joined: Sep 15, 2016 12:34 am
Contact:

FLR's failing within Veeam when disabling TLS1.0

Post by mtg »

We have a requirement to disable SSLv3 and TLS1.0. Prior to moving to Veeam and with our previous backup software, this was not an issue leaving only TLS 1.1 and 1.2 enabled. It appears that when doing File Level Restores on the Veeam backup server (essentially all communication within Veeam), Veeam uses TLS1.0 for this process. Disabling TLS1.0 breaks the process. We reached out to support however they were not helpful and suggested we post in the forum. I don't see this a "feature request" but more of a vulnerability as anyone who goes through audits such as PCI-DSS and SSAE16 will know that SSLv3 and TLS1.0 need to be turned off. As this is within the Veeam application and nothing to do with VCenter/VMWare, any suggestions on how we can get this addressed with a patch/update? If the application is already supporting TLS1.0, not sure how complicated it is to update the communication to leverage TLS1.0 for FLR.

Please advise.
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by Gostev »

Hi, I believe we have already switched to TLS everywhere in the product in 9.5, but I will double check for you on FLR. Just in case, what was the support case number for this?
mtg
Novice
Posts: 4
Liked: never
Joined: Sep 15, 2016 12:34 am
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by mtg »

Ticket #01902814
mtg
Novice
Posts: 4
Liked: never
Joined: Sep 15, 2016 12:34 am
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by mtg »

Any update and enforcing TLS1.1 or higher for FLR?
Vitaliy S.
VP, Product Management
Posts: 27377
Liked: 2800 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by Vitaliy S. »

Yes, this FR is logged and we are trying to squeeze it into our next major update.
mtg
Novice
Posts: 4
Liked: never
Joined: Sep 15, 2016 12:34 am
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by mtg »

Any idea when that will be? Will that be a hotfix or update 3?
Vitaliy S.
VP, Product Management
Posts: 27377
Liked: 2800 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by Vitaliy S. »

It will be either v9.5 or subsequent updates after the release.
Daffodil
Novice
Posts: 8
Liked: never
Joined: Apr 03, 2014 12:03 pm
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by Daffodil »

Seems it is still not working with v9.5, or have i missed anything?
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: FLR's failing within Veeam when disabling TLS1.0

Post by Gostev »

I believe there is a workaround with 9.5, and that is to install .NET Framework 4.6. This is something I have caught from one of the recent email threads between devs and support looking for a workaround, so support should be able to provide you more details. Thanks!
Post Reply

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], Semrush [Bot] and 65 guests