Welcome to the “Lessi Learned” Newsletter!
Since my youth, I’ve been fascinated by management and strategy games, and Theme Park (1994, by Bullfrog Productions) was one of my all-time favorites. Only recently did I discover that Demis Hassabis, then a very young developer at Bullfrog Productions, played a key role in designing the game’s AI.
Fast forward a few decades, and he is now the CEO and co-founder of DeepMind, one of the world’s leading AI research companies—proof that a passion for games can sometimes lead to groundbreaking innovations. How cool is that?
It’s remarkable how small and connected the IT world can be: from building virtual amusement parks in the 90s to shaping the future of artificial intelligence today. And just to prove that video games can actually take you places—let’s see what’s been happening in the world of Veeam this week.
Newsflash
Veeam Plugin for HPE Morpheus VM Essentials available
Great news for virtualization teams: the Veeam Plugin for HPE Morpheus VM Essentials is now generally available. After a successful beta phase and strong interest from the community, Veeam now officially supports the HPE VM Essentials ecosystem.
With this plugin, Veeam delivers agentless, host-level backup and recovery for Morpheus VM Essentials environments. The solution also provides strong backup portability, allowing organizations to restore workloads to any hypervisor platform supported by Veeam. This gives IT teams additional flexibility when modernizing their virtualization environments and ensures reliable protection of critical VM workloads.
Highlights
- Hassle-free, reliable backup for HPE Morpheus VM Essentials
- Simplifies operations while exploring new hypervisor options
- Keeps critical VM workloads protected
- Agentless, host-level backup and recovery
- Restore workloads to any hypervisor platform supported by Veeam
Further information
Application-Aware Processing Issues After Recent Updates
The latest Patch 2 for Veeam Backup & Replication 13.0.1, along with the updated AHV Plug-in 9.1, has introduced issues affecting application-aware (SQL, PostgreSQL, SharePoint, Active Directory,…) processing.
According to KB4842, the root cause is related to a malfunction in the in-guest processing components, leading to failed connections or service start issues.
A hotfix for Windows-based VBR installations and the VSA is now available and should be applied to restore proper functionality.
Administrators are strongly advised to review affected systems and implement the fix to ensure consistent and reliable backups.
Patch your systems / important KB articles
Keeping your environment up to date is crucial. Here are the key updates from the past few days:
Important Advisory for Microsoft 365 Backups
Veeam has published KB4835, a critical advisory for customers using Veeam Backup for Microsoft 365 and Veeam Data Cloud for Microsoft 365. The article highlights an issue affecting data consistency and restore reliability under specific conditions in Microsoft 365 environments.
At present, no official fix is available, making it essential for administrators to carefully review the documented behavior and potential impact. The KB provides guidance on identifying affected scenarios and outlines recommended mitigation steps.
Patches Now Available for High-Impact Issues
Veeam has published KB4830 (v12.3) and KB4831 (v13.0.1), addressing multiple critical vulnerabilities including remote code execution and privilege escalation risks.
All customers are strongly advised to update immediately, as all prior builds are affected and potentially exploitable.
EWS‑Related Issue Affecting Microsoft 365 Backups
A known issue tied to recent Microsoft control changes impacting Exchange Web Services (EWS) can cause certain Exchange Online backup sessions to fail in Veeam Backup for Microsoft 365 and Veeam Data Cloud for Microsoft 365.
If you see the following error in your Exchange backup session logs:
The HTTP request was forbidden with client authentication scheme 'Anonymous'
then KB4796 explains the root cause and provides the steps and details needed to address it.
Administrators should review the article carefully to understand affected mailbox types and ensure continued protection of their Microsoft 365 data.
Lessons learned
Excessive Table Scans in Veeam SQL Due to Compatibility Mode
Last week, I was told about an interesting behavior that, while only indirectly related to Veeam, is worth noting. An IT team observed an extremely high number of table scans – up to 20,000 per second – on their Veeam SQL database.
After investigation, they identified the root cause: the SQL database was running in an older compatibility mode. Once the setting was updated to the correct SQL version, the excessive table scans immediately stopped.
This serves as a valuable reminder to regularly review database compatibility settings to ensure optimal performance for Veeam infrastructure.
Feature of the day
Veeam Plug-ins Version 13 improvements
With version 13, the Veeam Plug-ins receive two highly requested enhancements that have been on the feature request list for a long time.
Until now, plug-in backup data could be copied to object storage only as a secondary target, for example by using Backup Copy Jobs or by offloading via the Capacity Tier (move/copy).
Object storage was not supported as a primary backup target, as backups always had to be written first to a traditional Windows- or Linux-based repository.
With version 13, this limitation is removed: plug-in backups can now be created directly on object storage as the primary backup target. Immutability is, of course, fully supported.
There is, however, an important behavioral difference compared to Linux-based hardened repositories. On a hardened repository, Veeam keeps the log file open until the next image-level backup run, or for up to 24 hours. On object storage, this is different: immutability is applied after the backup has finished successfully.
This behavior applies to all Veeam Plug-ins, regardless of whether they are used in standalone/unmanaged or managed mode. And it applies to all supported object storage types, including Veeam Cloud Vault, Amazon S3, S3-compatible storage, Microsoft Azure Blob Storage, and Google Cloud Storage.
The second major enhancement is support for encryption at rest for plug-in data:
In unmanaged or standalone mode, all plug-ins are supported through the repository encryption settings. In managed mode, encryption at rest is currently supported for Oracle RMAN, SAP HANA, and SAP on Oracle plug-ins.
Thanks for reading
I hope you enjoyed this edition of my Lessi-Learned Newsletter. Thank you for reading!
Got feedback or something you want to see in the next edition? Leave a comment, write me on X (@lessi001) or connect at LinkedIn.
Want to get the newsletter hot off the press? Sign up for my mailing list and I’ll drop a note in your inbox as soon as the latest issue is ready: