I'm very interested in VBEM for its REST API. It would greatly enhance our monitoring and reporting.
I was on a one-week VBR certification training and we also had a look at VBEM. I learned that as soon as you install VBEM a recovery key pair is created that can be used to recovery the encryption key set in VBR, in the case you loose it. Now I was not happy with that because they means that VBEM, becomes a critical attack target. I asked if we can disable key recovery entirely on VBEM. The answer was a clear and definite NO.
It seems odd to me that VBEM forces its way into our backup encryption procedures. We need VBEM only to have a read-only REST API server and neither planned nor intend to categorize it as 'business critical' infrastructure.
-
Daniel N.
- Enthusiast
- Posts: 52
- Liked: 5 times
- Joined: Feb 15, 2015 7:03 am
- Contact:
-
Egor Yakovlev
- Veeam Software
- Posts: 2537
- Liked: 683 times
- Joined: Jun 14, 2013 9:30 am
- Full Name: Egor Yakovlev
- Location: Prague, Czech Republic
- Contact:
Re: Veeam Backup Enterprise Manager without key recovery?
Hi Daniel,
I am quite sure you can disable respectful option under Enterprise Manager - Configuration - Key Management - [ ] Enable encryption password loss protection.
Note that this change will not affect existing backups, but will apply to newly created ones.
/Thanks!
I am quite sure you can disable respectful option under Enterprise Manager - Configuration - Key Management - [ ] Enable encryption password loss protection.
Note that this change will not affect existing backups, but will apply to newly created ones.
/Thanks!
Who is online
Users browsing this forum: Baidu [Spider], Bing [Bot], Google Feedfetcher and 67 guests