Explore New Features in Open-E JovianVHR Up02

When it comes to ransomware, the administrators’ mantra goes like: “It’s not if, but when.” That’s why we created an ultimate system to help you survive the “when.” Open-E JovianVHR was already a formidable answer to the ransomware crisis, combining Linux-based immutability with ZFS’s underlying data integrity. Yet data protection can always get better, and you are about to witness another step towards digital defensive perfection!

With the release of the Open-E JovianVHR Up02 version, the focus expands from protecting the data to also protecting the management plane. Even the most robust immutability can be undermined if the administrative credentials themselves are compromised, so let’s see how you can avoid it.

Next Layer of Protection: Two-Factor Authentication (2FA)

Now you can use Time-Based One-Time Passwords (TOTP) in Open-E JovianVHR to provide a layer of security that is more robust than standard SMS authentication. This feature is compatible with common authenticator apps, such as:

• Google Authenticator
• Microsoft Authenticator
• Authy
• FreeOTP
• And other

The system generates unique security codes that refresh every 30 seconds. Because these codes are generated locally on a device, the process works entirely offline and does not require an active internet connection or cellular network to function.

In case of phone loss or breaking the device, you can always use backup codes. The system generates 10 of them when you enable 2FA in the GUI. You can monitor the available backup codes in the system, as well as regenerate them if needed (in this case, the previous ones – both used and not used – are invalidated).

Best Practices:

• Regenerate backup codes periodically to maximize defensive control
• Consider disabling 2FA before planned switching phones
• Keep your codes in a well-secured location (physical or digital)

More Control Over System with The New “Locked Mode”

“Locked Mode” is a unique Open-E tool that restricts specific administrative actions once the initial configuration is finalized. It prevents the modification or deletion of crucial data storage parameters and backup repositories through the standard management interface.

Options that are unavailable to change when the system is in locked mode include:

• Uploading software updates
• Shutting down the system from the main page menu
• Deleting pools
• Deleting repositories
• Deleting snapshots
• Rolling back snapshots
• Creating, modifying, enabling, disabling, rolling back, or deleting backup tasks
• Changing console access settings
• Changing time and date settings
• Accessing Launchpad and other protected entry points redirected by the LOCKED mode

Enabling this option is pretty simple. It requires only clicking the respective button in the GUI. Turning it off, on the other hand, is where the protective value of this feature gets really serious. In order to switch the system to the unlocked mode, you need to have physical access to the machine to reboot the system and launch it in the unlocked mode.

To take the most out of this feature’s protective value, treat it as the “default setting”. According to this, use the UNLOCKED mode only during planned, administrative tasks, such as:

• Changing backup task settings
• Uploading software updates
• Adjusting time and date settings
• Changing console access settings
• Performing storage operations that may affect data availability

If you want to lock your system administration even deeper, you can disable the Apache service from the system console. When Apache is disabled, HTTP access to Open-E JovianVHR is also disabled. This way, the only possible access to the system will be through the physical machine that runs Open-E JovianVHR.

Advanced Synergy: Veeam Backup & Replication 13 Compatibility

The security architecture of Open-E JovianVHR is further solidified by its updated compatibility with Veeam Backup & Replication 13.

By aligning with the latest Veeam release, Open-E JovianVHR leverages enhanced communication protocols and optimized handling of the “Hardened Repository”. This synergy ensures that the “double-layer immutability” – where Veeam handles file-level immutability and Open-E JovianVHR provides an additional layer of immutability via ZFS snapshots – operates with zero friction and maximum performance.

Admin’s Verdict

When it comes to Software-Defined Storage, we often focus on IOPS and throughput. But for a hardened backup repository, security is the metric that really matters. This update is our direct answer to the needs of senior architects who require not only a standard data storage system. Since the very beginning, Open-E JovianVHR has been designed to take data protection to another level, and with every update, we try to go even further.

Are you ready to enhance your Veeam Hardened Repository with Open-E JovianVHR Up02? Ensure your systems are running the latest version to take full advantage of these critical security protocols.