Four-Eyes Authorization

grzegorz · Post by **grzegorz** » Dec 16, 2023 11:10 am this post

I've recently heard about a new feature in Veeam - Four-Eyes Authorization. I would like to take advantage of it. My repository is an iSCSI disk connected to a server with VBR installed. I'm wondering how to avoid a situation where, while Veeam ensures four-eyes control, the files are physically present and visible on the machine's disk. From there, they could be deleted without four-eyes approval.

https://helpcenter.veeam.com/docs/backu ... ml?ver=120

Dec 16, 2023 6:21 pm

Four-Eyes Authorization will protect you from malicious or accidental actions inside of Veeam.
But to protect your backup files, you should implement immutable backups: https://helpcenter.veeam.com/docs/backu ... ility.html

But of course, immutability needs to be configured correctly. For example you could use your iSCSI storage to setup a hardened repository. But if an attacker gets administrative access to your storage he could still wipe your backups.

stewsie · Post by **stewsie** » Apr 15, 2024 10:26 am this post

Hi

Question related to Four-Eyes Authorization and the expiry of requests

Enabled this function last week and have been testing it. I changed the expiry from 7 to 1 days and deleted a backup file on disk. Pending approval was shown in the console and an email received. I told the other admins not to do anything with the approval as I wanted to see what happened when it expired. I expected it to expire after 1 day but in the end it was almost 2. It also appears that the backup file on disk was actually deleted. I expected the approval to auto reject and the file on disk to remain. Is that not how it works? I am testing this again and have taken screenshots at every step.

In the history I can see the status of the request I submitted last week (Thursday) is Expired. That is what I expected. I hadn't expected the actual file on disk to be deleted as the request hadn't been approved.

I am running Veeam 12.1.1.56 I have not contacted support yet

Post by **Gostev** » Apr 15, 2024 11:58 am this post

Correct, expired requests are automatically Rejected.

stewsie · Post by **stewsie** » Apr 15, 2024 1:22 pm this post

Thanks for the info. During my testing it appears even thought the request was rejected, the actual files on disk were deleted. I am running more tests so will see what happens with that. Thanks

Post by **Dima P.** » Apr 16, 2024 8:44 am this post

Hello Paul,

Please raise a support case if you confirm this behavior and share the case ID with us. Thank you!

stewsie · Post by **stewsie** » Apr 19, 2024 11:42 am this post

I ran another test and it worked as expected

R&D Forums

Four-Eyes Authorization

Re: Four-Eyes Authorization

Re: Four-Eyes Authorization

Re: Four-Eyes Authorization

Re: Four-Eyes Authorization

Re: Four-Eyes Authorization

Re: Four-Eyes Authorization

Who is online