Release date:July, 2024

Last document update: August 8, 2024

Table of contents

What's new

Mandatory 2FA for partner accounts starting with Acronis Cyber Protect Cloud 24.09 release

Effective from the Acronis Cyber Protect Cloud 24.09 release, Two-Factor Authentication (2FA) will be mandatory for all partners using paid services, i.e. operating in production mode. The option to disable 2FA at the account level will no longer be available.

We strongly urge you to enable 2FA in advance to ensure a smooth transition and avoid disruptions. This proactive approach will help you and your team seamlessly adjust to the new security measures. You can enable 2FA by following these steps:

  1. Navigate to the Management Portal.
  2. Go to Settings > Security.
  3. Enable Two-Factor Authentication.

Once 2FA is enabled, all users within your organization will be prompted to set up 2FA the next time they sign in or when their current sessions expire. Detailed instructions can be found in our documentation.

This update applies exclusively to partners using paid services (production mode). Trial partner accounts and customer accounts will not be affected.

Custom API Integrations: Transition to API Clients

If you are using a custom API integration with basic authentication (just login and password), we recommend migration migrating to API clients. This method offers enhanced security and aligns with industry best practices. While we understand that this transition may take time, you can temporarily disable 2FA at the user level by converting the user to a service account. Please note that such exemptions pose risks to your account security and are undertaken at your own risk.

No action required for integrations provided via Acronis Solutions Catalog.

We appreciate your cooperation and commitment to enhancing security. Should you have any questions or need assistance, please do not hesitate to contact our support team

Advanced security + XDR: Automated Response Playbook

The Automated response playbook enables Customer Administrators to automate responses to XDR/EDR incidents, allowing them to scale their security operations and improve response times, and to reduce the operational burden on managing and responding to security incidents.

Starting with this release, Customer Administrators can:

  • Create automated workflows to trigger a series of response actions, such as isolating a workload and sending an alert message.
  • Trigger workflows based on specific incident conditions, such as 'Critical'.
  • Configure automated response actions to stop suspicious processes, move infected files to quarantine, isolate affected workloads, and change the investigation state of security incidents.

Licensing

Advanced Security + XDR

Advanced Security + XDR: Acronis Copilot (Early Access)

Acronis Copilot is an AI-assisted chat tool that helps in the investigation and remediation of security incidents. It is designed for Customer Administrators with limited security skills. Copilot enables MSPs to strengthen their security posture by quickly identifying and mitigating threats. This helps improve security measures and prevent further damage.

MSP technicians can use Acronis Copilot to:

  • Ask specific questions about an incident.
  • Receive advice on actions to mitigate threats.
  • Get a list of incidents with similar detections for deeper analysis.

Acronis Copilot can be launched within the EDR/XDR incident investigation screen to create a new chat session for the selected incident.

Licensing

Advanced Security + XDR

Advanced Security + EDR

Email archiving for Microsoft 365 (Early Access Program)

Email archiving for Microsoft 365 allows, Acronis partners to unlock new revenue streams by facilitating clients' regulatory compliance and simplifying client e-discovery processes, for clients in all industries, including those in highly regulated industries.

Email archiving for Microsoft 365 allows Customer Administrators to:

  • Protect historical email data and continuously archive new incoming or outgoing emails.
  • Have instant visibility over all of the organization’s emails that were sent or received.
  • Search, preview, and recover emails directly from the archive when necessary for legal proceedings or after human errors.
  • Manage the protection of all Microsoft 365 workloads through a single UI.

Licensing

  • Available free of charge during the course of the Early Access Program (EAP).

  • Available in both Per gigabyte and Per workload models.
  • EAP Acronis-hosted cloud storage support + GA Partner-hosted cloud storage support.
  • Unlimited Acronis-hosted cloud storage.
  • Per-seat licensing for all Microsoft active users with a mailbox, shared mailboxes and group mailboxes are not charged (both in EAP and GA).

Direct backup to S3-compatible or Impossible Cloud storage

Starting with this release, you can store backups on publicly and privately-hosted S3-compatible or Impossible Cloud storage instances, without having to manage additional Acronis Backup Gateway machines.

  • Backup and restore Windows or Linux machines and/or VMs data to and from S3-compatible or Impossible Cloud storage, including disk/volume (physical and virtual), and files/folders.
  • Recover to bare metal via bootable media by registering it for remote management in the Cyber Protection service.

Implementation notes

  • Backup to S3-compatible storage has been tested with MinIO, Cloudian Backblaze B2, and Acronis Cyber Infrastructure S3, and officially supports any storage that is AWS S3 API compatible.
  • All backup options are available, except Instant Restore because it is not possible to run a VM from a backup on object storage.

Licensing

  • Per gigabyte and Per workload models: Advanced Backup pack for each workload being backed up or replicated to S3-compatible storage.
  • Per gigabyte model only: Charge for public cloud storage at the same price as for local storage.

Immutable storage (Object Lock) on AWS S3, S3-compatible, and Impossible Cloud

Now you can store backups on Amazon S3, S3-compatible, or Impossible Cloud storage instances with an enabled Object Lock (immutability) on the storage side to protect the backup data from malicious deletion.

Storage immutability provides the following key benefits:

  • A new layer of protection from ransomware and cyberattacks: Object Lock safeguards data, which is often the target of encryption or destruction attempts.
  • Protection from tampering, accidental, or intentional deletion: Retention periods ensure that internal threats from careless or rogue employees are mitigated.
  • Improved compliance and reduced legal risks: Various regulatory frameworks, such as SEC, FINRA, and HIPAA, require data retention and immutability. Immutable backups reduce the risk of legal consequences from data loss or tampering.

Implementation notes

  • The backup immutability period is a property of the backup location, so all backups to this location will be immutable. The period can be modified.
  • "Always incremental" and Full/Incremental/Differential backup chains are supported for scheduled backups with enabled retention option.
The immutability period is renewed automatically during a scheduled backup when the oldest backup in the chain (on which the new backup is dependent) becomes older than half of the defined retention period.

Licensing

Standard protection

Advanced Disaster Recovery: Protection for Windows workloads with dynamic disks

This release adds support for Disaster Recovery protection for Windows workloads with dynamic disks. Dynamic disks provide advanced features like volume spanning, striping, and mirroring, enhancing the flexibility and redundancy. They are beneficial for managing large storage configurations and ensuring data reliability, which appeals to users with specific performance and backup needs. Windows deprecated the technology and recommends to use Storage Spaces instead, but a lot of protected workloads still use dynamic disks in production.

The feature is supported only for virtual machines protected through agentless backup. Physical servers and virtual machines protected in agent-based backup mode are not supported.

Licensing

Advanced Disaster Recovery

Advanced Disaster Recovery: Stop production failover during finalization

IT technicians can now cancel production failovers at any stage, including during preparation and finalization. This improvement aims to reduce support cases from users performing PoC or testing on large servers. Previously, these issues could result in long wait times and high compute costs.

Licensing

Advanced Disaster Recovery

Disaster Recovery: Simplified configuration of Disaster Recovery sites

Disaster recovery (DR) site configuration now includes a clear onboarding flow. DR value propositions and links to detailed documentation can be accessed by clicking the Disaster Recovery tab in the navigation pane of the Cyber Cloud console.

IT technician can now easily perform the following tasks on DR sites:

  • DR site configuration.
  • Removing DR site configuration.

Licensing

Standard or Advanced Disaster Recovery

Cloud Integrations: Okta

This release adds support for single sign-on (SSO) and automated user provisioning to Acronis Cyber Protect Cloud via the Okta identity management system. The SSO support enables the following operations:

  • Set up users and their roles in Acronis Cyber Protect Cloud by using the Acronis application in the Okta portal.
  • Automatically provision, de-provision, and synchronize user accounts and their attributes from the Okta portal to Acronis Cyber Protect Cloud.
  • Sign-on to Acronis Cyber Protect Cloud with universal credentials through Okta SSO.

Licensing

Available to all partners

Updated components

Cyber Protection agent

The Acronis Cyber Protection agent has new versions as follows.

  • Acronis Cyber Protection Agent for Windows (v.24.07.38338)
  • Acronis Cyber Protection Agent for Mac (v.24.07.38338)
  • Acronis Cyber Protection Agent for Linux (v.24.07.38338)

See the release history for the Acronis Cyber Protection agent here.

Changes in Acronis Cyber Cloud API

Upcoming end of support for /api/ams REST API

The /api/ams/ REST API, which is used for backup and resource management, will be deprecated and replaced by a new API. The new API will accommodate all integrations and automation scenarios that currently use /api/ams/.

The /api/ams/ REST API is not an official and public API. However, some customers are using it for integration and automation tasks. To ensure smooth transition, the deprecation will be done in phases, with one year of notice for each phase.

The beginning of the one year notice period for Phase 1 was announced officially in May 2024. Documentation on how to migrate to the new public REST API will be provided.

One year after the official announcement of deprecation, there will be no commitment to support the /api/ams/ endpoints, even though they might still be available.

You can find more information an the history of changes in Acronis Cyber Cloud API in the dedicated API change log document.

Fixed issues

Acronis Cyber Protect Cloud

Management portal

  • [PLTFRM-67473] Unable to set up MFA for new users if the brand service name contains an empty string.
  • [PLTFRM-66770] Resetting 2FA for a user fails with the error {"error":{"domain":"ApplicationAccountServer","code":"","message":"authN flags do not match for API handler: need \"user (w/o MFA check), user\", have \"\""}}

Microsoft 365, Google Workspace, and other applications protection

  • [ABR-386695][ABR-386744] Backups of Microsoft 365 workloads fail with "access denied' errors.
  • [ABR-385624] Missing emails in M365 mailbox backups.
  • [ABR-383717] During backup of an individual database, you might encounter warnings for other databases on the server that are offline, even though they are not included in the protection plan.
  • [ABR-378626] Backups of Windows server workloads fail with the error "Failed to connect to the Agent Core service on this machine."
  • [ABR-327185] Scheduled backups generate false alerts "No successful backups have been performed..." even though the backups are running properly per the schedule.

Recovery

  • [ABR-386195] Backup browsing is slow and might fail with a timeout error.

Known issues and limitations

Cyber Protection agent

Backup

  • [ABR-365442] The backup validation completes successfully, but the validation status is incorrect or missing in backup sets with a large number of backups.
  • [ABR-361097] It is possible to create backups with special characters in their names, but such backups are not accessible when saved on a network storage.
    • Solution: Do not use special characters in backup names, even though the application allows you to.
  • [ABR-305920] The backups of System state performed via the Windows Server Backup feature fail with the error message "The process cannot access the file because it is being used by another process."

Bootable media

  • [ABR-358235] WinPE-based media: Unable to browse backup files if the cloud storage location contains corrupted backup archives.

Cyber Protection Agent

  • [ABR-371912] The Acronis SnapAPI module may require separate compilation after installation on Rocky Linux or Oracle Linux 8.7 distributions.
    • Solution: Compile the SnapAPI module manually after installing the Agent for Linux on a workload that runs on a Rocky Linux or Oracle Linux 8.7 distribution.

Recovery

  • [ABR-371521] When browsing backup archives, the sorting of files by last change date does not work correctly.

Virtualization protection

  • [ABR-383978] No alert about almost reached storage quota is displayed for agentless Microsoft Azure VM backups.
  • [ABR-383972] No alert about exceeded storage quota is displayed for agentless Microsoft Azure VM backups.

For more information on known issues and workarounds, please visit our Support Portal.