Last document update: December 17, 2024
Table of contents
What's new
Advanced Management: Microsoft 365 security monitoring and management
Powered by Octiga, the following long-awaited functionality is now available for Acronis partners:
- Manage multiple Microsoft 365 tenants efficiently from one Cyber Protect console.
- Implement continuous monitoring of clients' Microsoft 365 environments, and automatic remediation of security risks.
- Deliver Microsoft 365 security posture management services according to best practices with tenant baseline template.
- Simplify routine Microsoft 365 user management tasks - user onboarding and offboarding.
- Deliver complete protection of Microsoft 365 environment, with backup, archiving, email, and tenant security.
By using Microsoft 365 security monitoring and management, Partner administrators can accomplish the following daily operational tasks directly from the Cyber Protect service console:
- Onboarding of Microsoft 365 customer tenants to Cyber Protect Cloud.
- Scan of Microsoft 365 environment for misconfigurations with best practice baseline templates (tenant-level).
- Multi-tenant Microsoft 365 security posture dashboard.
- Automatic and manual remediation of Microsoft 365 security risks by enforcing the required baseline configuration.
- Microsoft 365 user management - onboarding and offboarding.
- Remediation of user risks, such as disabled MFA, anonymous admins, dormant admins, sharing of standard mailboxes, and so on.
Licensing
- Standard protection: security posture audit and user onboarding.
- Advanced Management: remediation of security risks and user offboarding, in addition to features available in Standard protection.
Advanced Automation: Project management and resource planning for MSPs
The project management capabilities that we add in this release allow MSPs to:
- Seamlessly deliver projects to customers by planning team resources, scheduling activities with clear phases and steps, tracking delivery progress, and managing risks.
- Enhance project profitability with precise budget planning and tracking tools. Gain full control over project expenses, ensuring transparency and visibility at every stage.
- Accurately track time spent on projects and offer flexible billing options with multiple available models, ensuring customers are billed accurately based on the work completed.
Key features include but are not limited to:
- Project management and tracking with Gantt charts
- Staff and time management
- Resources and capacity planning
- Project planning with phases and steps
- Project delivery and time tracking with project tickets
- Project billing with multiple available options: total upfront, per closed step and based on milestone
- Using attachments and custom fields
- Invoicing and financial reporting
Licensing
Advanced Automation
Advanced Security + XDR: Antimalware scan of Microsoft 365 mailbox backups
The ability to scan Microsoft 365 mailbox backups adds the following benefits to the existing protection for Microsoft 365:
- Ensure malware free email recovery from Microsoft 365 mailbox backups.
- Offer a second layer of defense when the email security solution fails to detect malicious content.
- Extend malware scanning functionality to M365 mailbox backup, at no additional cost.
The Antimalware scanning for M365 backups feature is enabled automatically for customers who already use the Advanced Security + XDR pack and have configured backups for M365 mailboxes. If malware or a malicious URL is detected during the backup scanning, an alert will be triggered.
Licensing
Advanced Security + XDR (no additional charge)
Cyber Protection agent uninstallation prevention
This functionality replaces the password protection of the Cyber Protect Agent and provides enhanced protection against ransomware that uninstalls security software before encrypting the data on the protected workloads.
Starting with this release, uninstallation and updates of the Cyber Protect Agent is blocked by default, and can only occur during maintenance periods or through agent auto-update. The maintenance period can last between 1 hour and 7 days.
Licensing
- All licenses
Advanced Email Security: Self-service release of quarantined spam by mailbox own
Reduce support efforts when spam emails are blocked instead of being directed to the junk folder! Self-service release of quarantined spam is part of the Advanced Email Security options and can be configured by a partner or customer administrator. When enabled, the mailbox owner can self-release quarantined emails by via a link in their spam digest report. The link redirects them to an email release confirmation page. No user management is required for mailbox owners.
Mailbox owners are still not allowed to release to inbox malicious emails.
Licensing
- Advanced Email Security
Advanced Email Security: Generative AI-based explanations for email attacks
This feature provides Acronis partners with better insights into the reasons for moving an email to quarantine and helps educate partner and customer technicians about email security.
Licensing
- Advanced Email Security
Advanced Protection packs: Changes in licensing
The vulnerability assessment for Windows third-party applications and the Active Protection features become parts of advanced protection packs as follows:
- Active Protection becomes part of the Advanced Security + XDR pack
Strengthens the ransomware defense; actively safeguards all data on systems, including documents, media files, and programs, against ransomware attacks.
- Customers with the Advanced Security + XDR pack: workloads with only Active Protection enabled will be charged at the Advanced Security + XDR rate (Advanced Security + EDR SKU price).
- Customers without the Advanced Security + XDR pack: – Acronis will explicitly enable Advanced Security + XDR pack and workloads with only Active Protection enabled will be charged at the Advanced Security + XDR rate (Advanced Security + EDR SKU price)
- The vulnerability assessment for third-party Windows applications becomes part of the Advanced Management pack
Enhances security posture for Windows third-party applications by detecting and managing vulnerabilities across 314 critical applications, supported by Acronis' internally maintained database.
- Customers with the Advanced Management pack: – workloads only with Vulnerability Assessment for Windows third-party applications enabled will be charged with Advanced Management usage.
- Customers without the Advanced Management pack: – vulnerability assessment policies will stop working; to restore functionality, partners must enable the Advanced Management pack or disable the Vulnerability Assessment for Windows third-party applications in their protection plans.
Disabling or enabling the vulnerability assessment for Windows third-party applications on multiple customer tenants with multiple managed workloads could be time consuming, tedious task. Therefore we have built utilities for mass disabling and enabling of the feature. See these knowledge base articles for details:
- If you configured vulnerability assessment for third-party Windows applications in your protection plans but the customer does not have the Advanced Management Pack enabled on their tenant, use this utility to disable vulnerability assessment for third-party Windows applications in all affected plans while retaining all other vulnerability assessment components: https://care.acronis.com/s/article/Acronis-Cyber-Protect-Disabling-Vulnerability-Assessment-of-Third-Party-Windows-Applications-when-Advanced-Management-pack-is-not-enabled-for-the-tenant?language=en_US
- If you need to enable vulnerability assessment for third-party Windows applications to ensure their protection across all protection plans where the general vulnerability assessment policy is already active and the Advanced Management Pack is enabled for the corresponding tenants, use this utility to mass-enable the sub-policy: https://care.acronis.com/s/article/Acronis-Cyber-Protect-Enabling-Vulnerability-Assessment-for-Windows-Third-Party-Applications-when-Vulnerability-Assessment-module-is-enabled-in-Protection-plans?language=en_US
Virtualization protection: Added support for Hyper-V generation 2 virtual machines for cross-platform restores
Obtain Generation 2 (Gen 2) virtual machines (VM), instead of Gen 1, when performing X2V restores to Hyper-V from an EFI-based system.
Supported scenarios:
- Restore backups as Hyper-V Generation 2 VMs if the source system is EFI-based.
- Restore systems with more than 4 partitions on the disk (EFI + GPT).
- Run as VM (Instant Restore) using Generation 2 VMs on Hyper-V.
- Perform cross-platform restores of Linux EFI-based systems to Hyper-V.
Licensing
All licenses
Cloud Integrations: ConnectWise Asio integration with Disaster Recovery
Partners using ConnectWise Asio can now schedule and perform, directly from the ConnectWise Asio console, test failovers of Disaster Recovery infrastructure hosted in Acronis Cloud.
From the ConnectWise Asio console, partners can perform the following operations:
- Schedule a test failover for DR infrastructure hosted in Acronis Cloud.
- Specify the sequence for starting test failovers for multiple recovery servers.
Test failovers for specified recovery servers are automatically triggered in the predefined order.
Licensing
- Advanced Disaster Recovery
Cloud Integrations: ConnectWise Automate the legacy authentication is removed
We no longer support the legacy authentication of Username and Password to provide a more secure integration with ConnectWise Automate.
When configuring the integration, Acronis partners must use an API client.
Licensing
All licenses
Updated Components
Cyber Protection agent
The Acronis Cyber Protection agent has new versions as follows.
- Acronis Cyber Protection agent for Windows (v.24.11.39130)
- Acronis Cyber Protection agent for Mac (v.24.11.39130)
- Acronis Cyber Protection agent for Linux (v.24.11.39130)
See the release history for the Acronis Cyber Protection agent here.
Changes in Acronis Cyber Cloud API
Upcoming end of support for /api/ams REST API
The /api/ams/ REST API, which is used for backup and resource management, will be deprecated and replaced by a new API. The new API will accommodate all integrations and automation scenarios that currently use /api/ams/.
The /api/ams/ REST API is not an official and public API. However, some customers are using it for integration and automation tasks. To ensure smooth transition, the deprecation will be done in phases, with one year of notice for each phase.
Herein we officially announce the beginning of the one year notice period for Phase 1. Documentation on how to migrate to the new public REST API will be provided.
One year after the official announcement of deprecation, there will be no commitment to support the /api/ams/ endpoints, even though they might still be available.
You can find more information and the history of changes in Acronis Cyber Cloud API in the dedicated API change log document.
Fixed issues
Security
For information about security issues fixed in this release, please refer to https://security-advisory.acronis.work/updates/UPD-2411-8346-2536.
Acronis Cyber Protect Cloud
Advanced Automation
- [AA-7142] The Billing and Quoting tab fails to load with the error "Failed to find a user with role 'Admin' in tenant..."
Backup
- [ABR-391815] The 'always full' backup option is ignored when you run a manual backup for file-level backups; incremental backups are created instead of full backups.
Common
- [ABR-393243] Workloads appear to be offline in the cloud console if their localhost IP address resolves into IPv6.
- [ABR-392558] Unable to save changes after editing an encrypted protection plan. The Encryption option is orange and does not allow saving the plan.
- [ABR-392440] Imported protection plans cannot be saved after editing due to an undisclosed credential error.
- [ABR-391851] Various operations fail with the error "The subkey cannot be found".
- [ABR-385989] Quota usage for Advanced Management is incorrect.
- [PLTFRM-71990] The storage usage value for cloud to cloud resources is shown as a number in bytes without unit measures, while it should be in GB/TB as the usual storage usage.
Cyber Protection agent
- [ADP-38275] Software deployment plans fail to uninstall custom software installations, displaying the following error after several attempts: "Deployment cannot be performed because the package was already installed or uninstalled."
-
[ABR-392497] The installation of the protection agent on Linux workloads might fail with the error "Snapapi26 failed to install" related to kernel module.
- [ABR-392281] The error 'The password for the backup is incorrect' occurs if the password for the archive contains a trailing whitespace.
- [ABR-376928] The agent for Synology cannot operate properly if quickconnect is enabled.
Microsoft 365, Google Workspace, and other applications protection
- [ABR-390658] OneDrive backups are completing with warnings "Could not download chunk from OD: HTTP Error 416 : 416 Requested Range Not Satisfiable"
- [ABR-391418] Cloud to cloud backups fail with the error "A backup agent error: '[Archive Server]: net/http: request canceled (Client.Timeout exceeded while awaiting headers)'."
- [ABR-391609] Cloud to cloud backups fail with the error "Cannot write data to the backup file: 'slice not found'."
- [ABR-384090] Recovery points for SharePoint backups are not visible in the UI.
- [ABR-392023] Microsoft 365 backups are not starting as expected and seem to be hung.
- [ARC-795] OneDrive backups fail with the error "[Archive Server]: server instance mismatch".
Monitoring
- [ADP-38470] Hardware inventory scans fail with the error "Failed to collect data" and issue the alert "Removed hardware component" while nothing was changed in the hardware of the protected workloads.
Recovery
- [ABR-384090] Recovery points for SharePoint backups are not visible in the UI.
- [ABR-371521] The sorting of files in backup archives by last change date does not work correctly.
Virtualization protection
- [ABR-392500] Backup operations finish with the warning "The disk configuration of the Hyper-V virtual machine was not restored within a minute after the snapshot was deleted"
Known issues and limitations
Acronis Cyber Protect Cloud
Backup
- [ABR-365442] The backup validation completes successfully, but the validation status is incorrect or missing in backup sets with a large number of backups.
- [ABR-361097] It is possible to create backups with special characters in their names, but such backups are not accessible when saved on a network storage.
- Solution: Do not use special characters in backup names, even though the application allows you to.
- [ABR-305920] The backups of System state performed via the Windows Server Backup feature fail with the error message "The process cannot access the file because it is being used by another process."
Bootable media
- [ABR-358235] WinPE-based media: Unable to browse backup files if the cloud storage location contains corrupted backup archives.
Cyber Protection agent
- [ABR-371912] The Acronis SnapAPI module may require separate compilation after installation on Rocky Linux or Oracle Linux 8.7 distributions.
- Solution: Compile the SnapAPI module manually after installing the Agent for Linux on a workload that runs on a Rocky Linux or Oracle Linux 8.7 distribution.
Recovery
- [ABR-371521] When browsing backup archives, the sorting of files by last change date does not work correctly.
Virtualization protection
- [ABR-383978] No alert about almost reached storage quota is displayed for agentless Microsoft Azure VM backups.
- [ABR-383972] No alert about exceeded storage quota is displayed for agentless Microsoft Azure VM backups.
For more information on known issues and workarounds, please visit our Knowledge Base.