Release Notes 4.4.3 Grolar
Copyright © SEP AG 1999-2019. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.
- 1 What's new in SEP sesam 4.4.3 Grolar
- 2 Known issues and limitations
- 3 Enhancements and changes
- 3.1 S3 cloud storage
- 3.2 NetApp storage snapshots
- 3.3 Hyper-V backup and restore
- 3.4 Changed block tracking (CBT) support for Citrix XenServer 7.3: Citrix XenServer new backup levels
- 3.5 Access control lists (ACLs)
- 3.6 NDMP direct access recovery (DAR)
- 3.7 Self-Service Restore Assistant
- 3.8 New default access mode
- 3.9 Improved functionality
- 3.10 GUI enhancements
- 3.11 Changes in SEP sesam License
- 4 End of maintenance and support
- 5 Major fixes and changes
- 6 See also
What's new in SEP sesam 4.4.3 Grolar
SEP sesam new release, a hybrid Grolar, brings a fistful of features that help you enhance data protection in your environment and ease administrative tasks.
Version 4.4.3 Grolar introduces new S3 cloud storage to be able to safely store and retrieve your business data. Also new is enhanced capability to utilize NetApp hardware storage snapshots for backup.
SEP sesam no longer supports Hyper-V multiple virtual machine backup (by specifying all as a source) in one backup task. You have to configure a backup task for each virtual machine. However, you can now restore single items from Hyper-V FULL backups if the saveset is stored on a data store or Si3 deduplication store.
SEP sesam introduces changed block tracking (CBT) support for Citrix XenServer 7.3 and higher thus providing incremental backup capabilities; new backup levels are available accordingly for Citrix XenServer backups.
SEP sesam allows administrators to configure access control lists (ACLs) for locations and clients, if they are granted appropriate permissions.
Direct access recovery (DAR) is now enabled by default during NDMP backup to enable selective restore. Previous special configuration of DAR is no longer required nor supported.
With Self-Service Restore Assistant you can now restore a data from a regular Path, NDMP and NSS backups as well as email(s) from Kopano backup.
Default access mode is now changed from CTRL to SM_SSH to provide more secure communication. Note that it is strongly recommended to use the default SM_SSH instead of CTRL access mode whenever possible.
You can now exclude patterns (directories or files) from BSR image backup (BSR Pro 2.0) and activate compression. For details, see SEP sesam BSR Pro – Backup Configuration.
This release provides improved functionality for exclude processing for Windows VSS writers and for mounting savesets containing umlauts (ä, ü, ö, ...).
GUI enhancements enable you to check the Si3 deduplication store state, set your preferred GUI mode, clear the GUI cache memory, disable a particular backup task or a task group from running for a certain period of time, manage multiple drives, and set additional options.
Rythm templates can be used for customized advanced reporting. They are installed in the
<SESAM_BIN>/skel/templates/rythm directory. Note, however, that such custom reports are beyond the scope of SEP sesam standard support; they require additional technical assistance provided by SEP Consulting Service.
SEP sesam Server requirements
- JavaFX is required for the web dashboard and user-defined schedules. For details on the exact version, see Java Compatibility Matrix.
- 64-bit or PowerPC (PPC) architecture required
- SEP sesam Server requires an operating system running on 64-bit or a PowerPC (PPC) architecture. PowerPC (PPC) is supported for several Linux distributions, see SEP sesam Support Matrix.
Installation and upgrades
SEP sesam 4.4.3 Grolar was released on 23rd of July, 2018. Direct upgrade for versions 3.6/4.x to version 4.4.3 Grolar is supported.
Latest released versions are:
- SEP sesam 220.127.116.11 Linux – released: 29th of October, 2018.
- SEP sesam 18.104.22.168 Windows – released: 29th of October, 2018.
The 4.4.3 Grolar installation package on Windows also includes:
- VMware® Virtual Disk Development Kit (VDDK) version 6.5 for Windows.
- Callback File System® (CBFS®) version 6.1.181 from EldoS Corporation, used to create virtual file systems and disks for savesets which are stored on SEP sesam local data store or Si3 deduplication store.
|A CBFS driver is needed for the virtual file system layer (Cross Platform Recovery File System – XPRFS). The installation/update of this driver requires a reboot of your newly installed or updated Windows SEP sesam Server unless this driver is already installed with a previous SEP sesam 4.4.3.xx installation.|
SEP sesam Server and Client components should be upgraded to the latest version during the upgrade process. This ensures that SEP sesam Clients are fully protected. Customers with a valid license are eligible for a free upgrade of SEP sesam to any new release for the duration of the license. See also Automatic Updates and Automatic Installation on Windows.
|As of Grolar release, SEP sesam executables are single signed with SHA256. Because of the buffer limitation of the GetCertHash() function on Windows Server 2008 SP2, the SEP sesam executables which are now signed with a SHA256 certificate cannot run on Windows Server 2008. To install/upgrade SEP sesam on the respective Windows Server version, you have to install a special Windows update first. For details and update download, see any of the following links:
Known issues and limitations
|Antivirus programs may disrupt network communication and cause SEP sesam processes, such as backup and replication, to fail. One program that is known to cause SEP sesam processes to terminate is Sophos Firewall with IPS (Intrusion Prevention System) enabled. Make sure that there are no antivirus, firewall, IDS or IPS programs preventing interaction with SEP sesam.|
|SEP sesam v. 22.214.171.124-64 known issues:|
/var/opt/sesam/var/ini # cat sm_sshd.ini [SSHD] max_connections=255
|Fixed with SEP sesam Server 126.96.36.199:|
|Fixed with SEP sesam version 188.8.131.52:|
|Fixed with SEP sesam Server 184.108.40.206:|
- SEP sesam backup for hypervisors (VMware, Hyper-V, Citrix Xen, KVM, OpenNebula) cannot back up the data on external disks
The data of such disks is silently skipped from backup, hence the backup saveset contains no data for the external disk while the backup succeeds and no warning about the missing data is issued (except for VMware, see below).
- In case of VMware, SEP sesam cannot back up the data on the independent or Raw Device Mapping (RDM) disks due to a VMware limitation that does not support including independent/RDM disks in virtual machine snapshots. As of Grolar, SEP sesam issues a warning about the missing data for VMware independent/RDM disk. To avoid the warnings and have a successful backup, you should exclude the independent disks/RDMs from the backup task or install a SEP sesam Client in the virtual machine and perform an additional file or application backup to back up this data.
- In case of other hypevisors (Hyper-V, Citrix Xen, KVM, OpenNebula), SEP sesam cannot back up the data on the RDM disks or on a VM without attached SCSI controller(s). To back these hypervisors, you have to add one or more SCSI controller to the virtual machine before performing a backup, even if there are no devices to use the SCSI, or you have to install a SEP sesam Client in the virtual machine and perform an additional file or application backup to back up this data.
|If a restore of a VM with external disk is performed to the original VM by using the option overwrite, the disk is re-created and all existing data on the restore target is lost.|
- Old disk_info Linux backup task is no longer supported – its usage may result in data loss
During update all customers which are still using backup task with source disk_info backup task are notified that the disk_info Linux backup task is no longer supported. It has been replaced by BSR Linux/REAR. If you still use the obsolete disk_info backup task, you will no longer be able to restore your data.
|SEP AG is not responsible for potential data loss that may occur as a result of backing up data with unsupported backup task.|
- BSR Pro Direct forensic imaging method does not work with SEP sesam versions Tigon V2 and Grolar
BSR Pro Direct forensic imaging method is only possible if a special snapshot driver is installed and the system is rebooted after installation. It is otherwise not possible to create a consistent image.
- The existing BSR Pro installation package containing the driver is stored in the
<SESAM_BIN>/skeldirectory. Follow the steps for installing additional driver as described in Steps for using Direct forensic option.
- The existing BSR Pro installation package containing the driver is stored in the
Enhancements and changes
S3 cloud storage
An S3 (simple storage solution) cloud storage can now be used to safely store and retrieve your business data. SEP sesam treats the S3 cloud storage like any other devices. It creates the snapshots and synchronizes data to the cloud. For details, see S3 Cloud Storage Backup.
NetApp storage snapshots
SEP sesam provides backup and restore integration built on NetApp Snapshot copies. You need to configure a new data store type – NetApp Snap Store to easily use hardware snapshots as usual backups. For details, see NetApp Storage Snapshots Backup.
Hyper-V backup and restore
- Separate task for each VM
- It is no longer possible to back up multiple VMs running on a Hyper-V with a single task. Now you have to create a separate task for each VM running on a Hyper-V standalone server or Hyper-V cluster. However, you can assign individual backup tasks to a task group and then trigger the backup of all tasks belonging to that group with a single event. For details, see Hyper-V Backup.
- Single item restore for Hyper-V
- Now you can restore single items from Hyper-V FULL backups if the saveset is stored on a data store or Si3 deduplication store. For details, see Hyper-V Restore.
Changed block tracking (CBT) support for Citrix XenServer 7.3: Citrix XenServer new backup levels
SEP sesam introduces support for the XenServer changed block tracking feature (CBT) that offers incremental backup capabilities; hence, new backup levels (FULL, INC and DIFF) are available for Citrix XenServer backups. For details, see Citrix XenServer Backup.
Access control lists (ACLs)
The administrators can configure ACLs to enable or disable access to location (group of clients) or specific client. Note that before configuring ACLs, database-based authentication must be activated and users configured and added to the relevant group. For details, see Using Access Control Lists.
NDMP direct access recovery (DAR)
Direct access recovery (DAR) index is required to restore a directory or a single file from a NDMP backup (selective restore). As of version 4.4.3 Grolar, DAR is enabled by default (no configuration is required). While DAR can greatly reduce the time it takes to restore individual files, it might be unnecessary in case you want to backup and consequently restore only the whole volume. In such case, you may disable DAR to improve backup performance. For details, see NDMP Backup.
Self-Service Restore Assistant
It is now possible to use web restore assistant to restore data not only from regular Path backups, but also from NDMP and NSS file system Path backups as well as emails from Kopano backups with a few simple steps. You can connect to web restore assistant and perform a restore if you have appropriate permissions. If a backup is encrypted and the password is not stored in the SEP sesam database, it is now possible to enter the encryption password online. For details, see Self-Service Restore Assistant.
New default access mode
The default access mode is now SM_SSH (previously CTRL) which provides strong authentication and secured data communication for clients and servers in the SEP sesam environment. SSL libraries now include libmicrohttpd, libcurl, and libopenssl.
Note that it is strongly recommended to use the default SM_SSH instead of CTRL access mode whenever possible.
- Exclude processing for Windows VSS writers is improved. If you have an issue with backing up your data using snapshot technology, you can exclude a specific VSS writer from being used during a snapshot. For details, see Manually excluding a VSS writer from backup.
- The Mount saveset feature for single file restore has been improved and now supports mounting folders and files containing umlauts (ä, ü, ö, ...). For details on mounting a saveset, see Option Mount saveset – Cross-Platform Recovery File System Layer.
- SEP sesam introduces a number of data store enhancements (S3 credentials tab, Si3 State tab, new data store type, etc.). For details, see Configuring a Data Store and Configuring Si3 Deduplication Store.
- Database-based authentication and authorization are extended and can be combined with the LDAP authentication and authorization and/or with AD (Active Directory). SEP sesam authorizes the users based on the mapped roles and their associated privileges. For details, see About Authentication and Authorization, Configuring LDAP/AD Authentication, and Configuring Database-Based Authentication.
- SEP sesam features a GUI that can be customized and now also adjusted by selecting one of the following UI modes: basic, advanced or expert. The mode can be changed in GUI: from the menu bar select Configuration -> Defaults -> Extras -> UI Mode. For details, see UI Mode.
- A force refresh can be used to clear the GUI cache memory and consequently to update the view. For details, see All Results by State.
- Rather than deactivating a schedule (and all related jobs), you can now deactivate a single task but keep it in the list of tasks. You can also disable a whole task group by using the same option the Execution is blocked. You can enable a disabled task and/or task group again at any time. For details, see Disabling and Enabling Backup Task and Disabling and Enabling Task Group.
- New Manage multiple drives option is introduced to enable you to easier change drives properties (e.g., maximum number of parallel streams (max channels), delete drives, create new drives, etc). It lists all configured drives and allows you to change the properties settings of multiple drives, after which SEP sesam restarts the drives automatically. For details, see Manage multiple drives. Now it is also possible to reconfigure all drives by using Configure all drives option.
Changes in SEP sesam License
- New license editions VM Essential and VM Essential Plus introduce a CPU socket based license for VMware and Hyper-V backup.
- New license for 'source Side Deduplication'
End of maintenance and support
Unsupported SEP sesam Server OS
The following operating systems are no longer supported for SEP sesam Server:
- Ubuntu 14.04
- Windows Server 2008
|The limitation applies only to SEP sesam Server systems and does not affect SEP sesam Clients. Windows Server 2008 R2 SP1 is still supported. For a complete list of supported SEP sesam Clients, see SEP sesam support matrix.|
For a complete list of supported SEP sesam clients, see SEP sesam Support Matrix.
Major fixes and changes
SEP AG recommends that you update to latest Grolar version 220.127.116.11.
There are service packs available at http://download.sep.de/servicepacks/4.4.3/18.104.22.168/. These patches provide necessary fixes for
- GUI issues
- Common issues
- Windows specific backup and restore problems -> download http://download.sep.de/servicepacks/4.4.3/22.214.171.124/windows/.
- Sesam Loader Utility (SLU): Added support for tape encryption for LTO-8 and LTO-M8