Backup Software

NAKIVO Backup and Replication v10.4 Beta Released with New Features

NAKIVO Backup and Replication v10.4 Beta released with new features. A look at the new immutable repository and two-factor authentication

Highlights

  • First you must setup your email configuration in the appliance settingsAfter setting up the email configuration, you can then enable two-factor authentication for a userYou will first be emailed a code to get started setting up 2FA on your account.
  • In the case of immutable backup repositories, it means that even if ransomware gets access to your data, once the immutability flag is set on a backup, the data cannot be deleted.
  • As mentioned at the outset, attackers are using ransomware as a way to lock up your data so that you cannot access it without paying a ransom.

Malware and specifically ransomware are getting more sophisticated and crafty in locking up your data AND deleting your backups. In fact, there are many variants of ransomware today that actually look for certain vendor-specific backup files and targets these for deletion. Why? If the attackers are successful in deleting your backups, you are much more likely to pay the ransom demanded. Modern backup solutions must account for the sinister threat that ransomware poses. NAKIVO Backup & Replication just released the next beta version of NAKIVO Backup & Replication v10.4, adding powerful features that help fight back at ransomware. Let’s take a look at NAKIVO Backup and Replication v10.4 beta released with new features and see what features are contained in this newest release.

NAKIVO Backup and Replication v10.4 beta released with new features

There are great new features in the new NAKIVO Backup and Replication v10.4 beta to note. The new features help to greatly bolster the security of the solution itself as well as your backups. New features with this release include:

  • Immutable backup repositories
  • Two-factor authentication

Let’s dive a bit deeper on the features and see how these will take your backup security to the next level.

Immutable backup repositories

As mentioned at the outset, attackers are using ransomware as a way to lock up your data so that you cannot access it without paying a ransom. As backups are the only road to recover data encrypted by ransomware in most cases, cybercriminals are making a concerted effort to also go after your data backups. If they can also encrypt or destroy your backups, you have no choice but to pay the ransom if you want to get your data back. NAKIVO is fighting back at the bad guys with this next release of NAKIVO Backup & Replication v10.4 Beta with the new feature of Immutable backups.

In case you haven’t heard of the term immutable, it is a term that describes persistence. In the case of immutable backup repositories, it means that even if ransomware gets access to your data, once the immutability flag is set on a backup, the data cannot be deleted. Period. With the new immutable repository, the backups of your business-critical infrastructure and data are protected from modification, deletion, or encryption by malware. However, it does not mean that you can’t use the backups. They operate as they always have by allowing you to recover data, VMs, and application data as you always have been able to do.

The way the immutable setting works is there is an immutability period that is set by the superuser. Once the immutability period is set, it cannot be changed or lifted by anyone, except the superuser account. How does this look?

On step 4 of the new jobs wizard, under retention, you set the immutability flag, along with the number of days you want the recovery points to persist. In other words, how long will they remain, unable to be deleted?

Setting the immutability flag on a backup in NAKIVO Backup and Replication v10.4
Setting the immutability flag on a backup in NAKIVO Backup and Replication v10.4

Two-factor Authentication

Another really great improvement in NAKIVO Backup & Replication v10.4 beta release is the addition of two-factor authentication to the solution. Two-factor authentication is recommended across the board for bolstering login security. The additional “factor” required for authentication means if someone steals your password, they still do not have all the information they need to complete the login process.

One of the most popular forms of two-factor authentication is the one-time password that is made possible by an authenticator app such as Google Authenticator. NAKIVO Backup & Replication v10.4 beta is introducing two-factor authentication for authenticating to the NAKIVO web UI.

The new two-factor authentication configuration is easily set in the NAKIVO interface when configuring a user account. There is a prerequisite:

  • First you must setup your email configuration in the appliance settings
  • After setting up the email configuration, you can then enable two-factor authentication for a user
  • You will first be emailed a code to get started setting up 2FA on your account

Let’s look at how this process works. After you have setup email on your NAKIVO appliance, navigate to the Users & Roles configuration. When you click Manage, you will see the option to Enable two-factor authentication.

Enabling two factor authentication for an account in NAKIVO beta v10.4
Enabling two factor authentication for an account in NAKIVO beta v10.4

When you click to enable two-factor, you will see the note warning the user will be required to configure two-factor authentication. ***Note*** if you are setting this up on the administrator account and you only have one administrator account, make sure your email configuration is working or you will be locked out of the appliance from the Web GUI. Click Enable.

Note that you are forced to configure two factor authentication on next login
Note that you are forced to configure two factor authentication on next login

When you log in, you will see the prompt about setting up two-factor authentication. Click Continue.

After enabling 2FA on an account logging in notes you will need to setup 2FA
After enabling 2FA on an account logging in notes you will need to setup 2FA

You will see the note about verifying your email address. Again, it is important to have the email configuration working in your appliance.

You must verify your email address first
You must verify your email address first

Below is an example of the email received and the temporary verification code.

Verification code received via email
Verification code received via email

Prompt to enter the verification code.

Prompt to enter the email verification code
Prompt to enter the email verification code

After entering the verification code, click Verify.

Entering the verification code received through email
Entering the verification code received through email

You have the option as well to enter a second email address. If you enter another email address you will need to look for the email verification to come through for the second address as well.

Optionally add a second email address
Optionally add a second email address

After verifying your email address, you will be taken to the screen prompting you to download Google Authenticator. Keep in mind, you can use any software authenticator that is compatible with the Time-based One-time Password Algorithm.

Prompt to setup Google Authenticator
Prompt to setup Google Authenticator

After clicking continue, you will see the QR code which you can scan to pair your device. After pairing, enter the code that is generated in your Google Authenticator.

Scan the QR code for pairing your device
Scan the QR code for pairing your device

Next, NAKIVO will display a pairing key that can be used to pair additional devices. Save this key so you can have this for future pairings if needed.

Saving the pairing key for adding to additional devices
Saving the pairing key for adding to additional devices

Next, as a safety measure, you will see backup codes displayed. You need to save these off as these will allow you to regain access to the appliance in case you lose access with 2FA.

Saving backup codes
Saving backup codes

Enter one of the backup codes to prove you have access to these.

Enter one of the backup codes to ensure you have those saved
Enter one of the backup codes to ensure you have those saved

After you enter the backup code, the process is complete. Now, you can log out and log back in. You will see the prompt to enter your verification code generated in your Google Authenticator or other compatible authenticator app.

Logging in and getting the 2FA prompt the next time you login
Logging in and getting the 2FA prompt the next time you login

NAKIVO Beta program rocks

NAKIVO has one, if not the best, beta programs out there. They aggressively release both the betas and GAs and the betas provide customers with the ability to get hands on with the latest and upcoming features to be release in the GA release.

Once you download the NAKIVO beta appliance, NAKIVO provides the extra incentive to perform testing for NAKIVO by carrying out a few tasks they determine in the interface. These tasks usually have to do with the new features introduced. Once you try out the new features, they have you send a support bundle in to help flush out bugs in the beta release that will be corrected in the GA.

After performing the testing of the beta release and sending in the support information requested, NAKIVO provides testers with a free Amazon gift card for their efforts. It is great to see how interested NAKIVO is in improving the product and allowing customers to have access to the latest and greatest features showcased in the beta releases.

Final Overview

NAKIVO Backup & Replication v10.4 is shaping up to be another great release from NAKIVO in a string of great new features that have been added in the past few versions. With this release, NAKIVO is concentrating its efforts on the security side of your backups with the introduction of both the immutable backup repository and two-factor authentication. Both of these new measures will help to secure and protect your backups.

Be sure to check out the new NAKIVO Backup & Replication v10.4 beta released with new features here:

Take a look at my previous coverage of NAKIVO Backup & Replication:

Subscribe to VirtualizationHowto via Email 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com and has over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, Brandon has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.