Backup VMware VMs Using Data Protection Manager; Protect iPhone from 'Trident' Using Intune

4 simple steps to protect virtual machines with VMware VMs Backup and SCDPM 2012 R2. Protect mobile devices from persistent attack on iOS that uses three zero-day vulnerabilities called 'Trident' using Microsoft Intune.

Share online:

System Center Data Protection Manager (SCDPM) adds support virtual machines running on VMware platform, now allowing enterprises to have a single backup solution across their heterogeneous IT environment.

For getting started with VMware VM Backup—download and install UR11, if you are already on DPM 2012 R2.

If you are not aware, DPM is a recognized protection suite of key Microsoft workloads such as SQL, SharePoint and Exchange as well as virtual machines running on Hyper-V.

Today, announcement brings the following features:

  • Agentless Backup – DPM uses VMware's VADP API to protect VMware VMs remotely without installing agents on vCenter or ESXi servers—meaning admins are free from the hassle of managing agents for VMware VM backup.
  • Integrated Hybrid Backup helps customers in backing up to disk for operational recovery and to cloud using Azure Backup for offsite copy or longterm retention
  • First class integration with VMware allows customers to backup VMs stored in different storage targets like NFS and cluster storage seamlessly without any extra manual steps. "vCenter's capability to organize VMs in folders helps customers in managing large environments with ease. DPM can discover and protect at folder level," explains microsoft. "This enables protection of VMs that are present currently and also any new VMs that gets added into this folder in future," the team said.

If you are new to Azure Backup and want to enable it for longterm retention, refer to Preparing to backup workloads to Azure with DPM documentation. Or, browse this documentation, or visit DPM support forum.

Here is a short video of the VMware VM backup announcement PLUS four steps to enable protection of VMware VMs using DPM:

Aside, wondering What is a Serverless Computing? Don't be confused—in simple terms, "Serverless Computing" doesn't really mean there's no server. But, it actually means "there's no server you need to worry about."

That might sound like PaaS, but it's higher level that than.

There's a lot of confusing terms in the Cloud space. And that's not counting the term "Cloud." ๐Ÿ˜‰

  • IaaS (Infrastructure as a Services) - Virtual Machines and stuff on demand.
  • PaaS (Platform as a Service) - You deploy your apps but try not to think about the Virtual Machines underneath. They exist, but we pretend they don't until forced.
  • SaaS (Software as a Service) - Stuff like Office 365 and Gmail. You pay a subscription and you get email/whatever as a service. It Just Works.

In other words, 'Serverless Computing' is like this - "You have your function out there on a cloud server and it will scale as long as you can pay for it. It's as close to "cloudy" as The Cloud can get."

New using new cloud systems like Amazon Lambda and Azure Functions, you upload some code and it's running seconds later. "You can have continuous jobs, functions that run on a triggered event, or make Web APIs or Webhooks that are just a function with a URL," writed Scott.

For further reading on how quickly a Web API with Serverless Computing can be made, read here.

Serverless Computing

On August 25th, a Lookout research revealed about a 'sophisticated', 'targeted', and 'persistent' mobile attack on iOS that subverts even Apple's strong security.

The that uses three zero-day vulnerabilities called "Trident"

According to Lookout's research, 'Pegasus' a mobile spyware product using Trident to attack high-value targets. "Pegasus attack starts with SMS phishing using spoofed sender numbers and anonymized domains to deliver malware to the target's iPhone. The target's phone is remotely jailbroken and immediately starts compromising the target's digital life," the research explained.

Further, "Pegasus has a built-in self-destruct capability." Lookout's research reveals "that the system is always monitoring to see if it's been discovered." If it detects tampering, "it has the ability to wipe itself out," research explained.

In addition to the use of mobile security prodcuts, Microsoft Intune, which is part of the Enterprise Mobility plus Security (EMS) suite, provides capabilities to help reduce the risk of data loss due to compromised devices by helping ensure that devices are up to date and fully patched.

You can use the method below to patch and update your iOS, Android, Windows, and Windows Phone devices:

  • "run the Intune Mobile Device Inventory report to see vulnerable devices, that are enrolled in Intune MDM, plus connected to Exchange through Exchange ActiveSync.
  • report help you identify who you should plan to install the latest updates.
    microsoft intune device inventory
  • Then, enforce an update and set up the minimum OS version setting in an Intune compliance policy and using Conditional Access to restrict access to Exchange Online and SharePoint Online.
  • Now, when a user attempt to connect to these services from an unpatched device, will be blocked until they update."
    Additionallly, you can also specify a patch version for Android devices.
    It is recommended that organizations provide early notification to users before this policy goes into effect.
    microsoft intune device complicance notification

For more reading on this threat, refer to this Lookout white paper.

Also, a cumulative update release for SQL Server 2014 SP2 is now available for download at the Microsoft Downloads site.

CU#1 KB3178925 Article.