Jump to content
Sign in to follow this  
Malcolm McLeary

Retrospect Management Console

Recommended Posts

I've just setup Retrospect Management Console and on the surface it looks pretty promising, however it doesn't appear to be updating.

Presently I have 2 Windows Backup Servers on 2 different sites and have added both to the new Console but only 1 has uploaded any data and although backups have subsequently run the details have not appeared.  The 2nd Backup Server says it has contacted Retrospect Management Console but the Console hasn't acknowledged this.

How often does the Backup Server contact Retrospect Management Console?  I read it was supposed to be at least hourly when idle and ever minute when actively performing backups.

Does this work with existing servers or is it necessary to download the "installer" from Retrospect Management Console?

Is there a plan for this to run on premise?  On a VM hosted on ESXi, FreeNAS, Synology or QNAP?

Share this post


Link to post
Share on other sites

Seems that it takes an "over night" before any data appears, but its not very current.  At least I now know my machines are actually talking to the Management Console.

I've just scheduled a run once backup for now + 10min and although it ran no details have appeared in the console ... it still says the last backup was 19 hrs ago.

Past Activities "may" list the backup activity but its hard to say as it doesn't show any dates.

Backup Sets doesn't show any dates either so I can't see which was used when.

What time zone does Retrospect Management Console work in?  Is it a bit confused because my backup servers are running in +10 and its not dealing with "future" timestamps?

Share this post


Link to post
Share on other sites

Malcolm McLeary,

(Still being written while you posted immediately above it.)

First, you hadn't said in any of your recent posts which version of Retrospect Windows you are using.  I'm still on Retrospect Mac 16.6, because I don't use the new  or bug-fixed features in 17.0.x and I'm now waiting for 17.5 to see any new features announced in August–September 2020.  I do, however, have a 45-day trial license for 17 for reasons it's hardly worth discussing (a week ago Monday I thought my 2010 Mac Pro "backup server" had an unfixable hardware or software problem, and therefore installed a 16.6 "backup server" on my MacBook Pro—only to deduce a couple of days later that the "unfixable" Mac Pro problem was fixable simply by installing a new PRAM battery; meanwhile, in the process of installing 16.6 on my MBP, I hit the wrong Registration button and was e-mailed a trial license for 17.) 

The point of the foregoing is that the august (my ironic adjective) Documentation Committee  has now wiped out the former Knowledge Base articles about the Management Console, by replacing them with links to newly-updated-for-17 sections added to the User's Guides.  Tomorrow I'm going to phone the head of North America Sales, and ask him if I can install the Management Console on my MBP and have it report on the 16.6 "backup server" on my Mac Pro.  I'll also ask him about whether and how often the Management Console updates via Heroku—he told me three months ago it's more frequently than once a minute, and how it handles time zones; by looking at Wikipedia I deduce you're in eastern Australia and on AET, which is now 14 hours ahead of New York City EDT (15 years ago I worked in New Jersey for a couple of guys in Melbourne, so I used to know that stuff).

I did a Forums search, and essentially all of the posts mentioning the  Management Console are by me—which strongly implies that no Forums poster has actually tried it.  IMHO the reason for that is the "go big or go home" strategy I outlined in the second substantive paragraph of this post in another thread.  At the start of that strategy Retrospect Inc. developed a special relationship with "Partners", by which they mean consultants who can resell Retrospect to multiple clients.  A consequence of that is their never having shown the Management Console Add-On on their Configurator; I had to grill the head of North America Sales for the Editions prices for it.  To me this means Retrospect "Inc." still doesn't expect anyone who isn't a Partner to use the Management Console Add-On features, and probably doesn't expect a non-Partner to use the basic Management Console.  And they probably haven't had a Partner who is in a substantially different time zone from his/her clients, which might explain why Past Activities doesn't show any dates.

Despite this you may be able to get help from Tech Support.  Another administrator from Oz recently posted that the Tech Support whose phone number is listed for Australia turned out to be quite helpful, once the administrator found out that the phone number is only answered during Western European business hours.  Also, here's why and how to file a Support Case for a bug, which will go to Tech Support in California.

 

Share this post


Link to post
Share on other sites

I've just bought a couple of licences and hence I'm using v17.0.2.102.  I used Retrospect seriously on both Mac and Windows up to v7.5 then lost faith when it looked likely that EMC would kill the product.

I called APAC Tech Support this morning but got some message about only being open during Business Hours CET.  I've now realised what that means for AEST so in fact I called 45min before they were "open for business" and now they are closed.

I have filled in a Tech Support Request, essentially a copy and paste of my posts above,  but I think the system is broken.  I received an acknowledgement email with a link to the Case, but it does not work.  I've logged into my Portal but it says I have no Cases open.  I created a new Ticket from that interface and received another acknowledgement email, but still no indication of an Open Case.

I have subsequently received a response from support@retrospect.com requesting screenshots.

Quote

Dear Malcolm, 
Thank you for contacting Retrospect support.  Retrospect Agent Reply can be found below.

We understand you have the following question:

Agent Response: 
''
Past Activities "may" list the backup activity but its hard to say as it doesn't show any dates.
Backup Sets doesn't show any dates either so I can't see which was used when.
''
Please provide us some screenshots from the ''Past Backups'' and ''Sets''.

''
Does this work with existing servers or is it necessary to download the "installer" from Retrospect Management Console? ''
not necessary
''
Is there a plan for this to run on premise?  On a VM hosted on ESXi, FreeNAS, Synology or QNAP?''
The purpose of the Management Console is not to run on-site as on-site there is already the Retrospect software.

What time zone does Retrospect Management Console work in?  The date and time show in the Management console is taken from the Retrospect software.

Thank you for using Retrospect.
Costinel
The Retrospect Support Team 

 

Share this post


Link to post
Share on other sites

Malcolm McLeary,

According to JG Heithcock (down the page in the article),  EMC did end-of-life Retrospect and then months later revive it.  The article doesn't say that the resultant Retrospect Mac 8.0 was such a mess (new design and terminology plus temporary loss of PowerPC compatibility plus rushed testing) that in 2016, 7 years after its release, former users denounced the product when I started a thread about Retrospect Mac 12 on the Ars Technica Mac forum.  IMHO that's also a contributing—but not controlling—reason why Retrospect Inc. stayed with the 7.5 GUI and terminology for Retrospect Windows.  But the Retrospect Console Preview—which can run on a Windows "backup server"—looks to me like a simplified version of the Retrospect Mac Console.

I've never gotten a Tech Support reply from Costinel.  He/she is likely either new and/or European.  The attitude Costinel is expressing is thoroughly in keeping with what I described in the third substantive paragraph of this up-thread post; the Management Console was intended to be used by off-site Partners as part of the "go big or go home" strategy.

The Retrospect Support Case system is a perverted version of some vendor's case-management software.  One perversion is to automatically mark most submitted cases as being Closed.  IME that doesn't mean you can't add Additional Notes.  I just used the link in the latest e-mail Tech Support automatically sent me to access my cases, so the system is working for me.

 

Share this post


Link to post
Share on other sites

Its not relevant what you believe the Retrospect Management Console was intended for as its clearly available and promoted on the website.  There is no indication that its for "Parters" or US Residents ONLY.  I have a reasonable expectation that available products will simply work.

Retrospect Management Console appeals to me because it will remove the need to VPN into multiple sites just to confirm backup status or monitor completion emails.  Similarly I use Zabbix to monitor the status of critical systems/services and Unifi/UNMS to monitor/manage network infrastructure across multiple sites.

In the case of Zabbix I run a host on my premise, UNMS is a cloud service and Unifi runs on dedicated devices (some on client sites, some sites on my multi-site host). The VoIP solutions I deploy all utilise a cloud based PBX which has a web based Management Console.  Most of my FileMaker clients have on-premise servers, but FileMaker does have an AWS based option with v2 planned to provide a Partner Console where we can manage multiple clients via s single console.

Performing on premise backups still has a role to play as not everything can or should be hosted in the cloud.  This doesn't mean I should be limited to local monitoring/management as Costinel has suggested.

Share this post


Link to post
Share on other sites

Well isn't that interesting, accessing the Retrospect Management Console with Chrome (for MacOS) displays the missing dates, but they don't show when same is viewed with Safari (for MacOS). Similarly my missing dates appear in Microsoft Edge (Chromium Edition) on Windows.  I would have thought that a Mac first, Windows second company would ensure that web interfaces work with the default MacOS browser or at least have a popup which says that some features are only supported if using Chrome.  Goes a long way to explaining why the Retrospect Management Console renders poorly on an iPhone.

As far as deployment goes, it would be better to have options for Retrospect Management Console ... cloud, independent host, or localhost.  The standard web interface should adapt to screen size of the connected browser so as to make the user experience appropriate for the device but for an even better experience the iOS app would use it as a single backend for all the managed servers rather than having to connect to each independently (and possibly open additional holes in firewalls).

Goes without saying that the Retrospect Management Console should support/require 2FA.

Share this post


Link to post
Share on other sites

Disclaimer: Anything I may say about the intentions of Retrospect "Inc." in this or any other post is merely the result of "reading the tea leaves", the "tea leaves" being documentation and public announcements supplemented by an occasional morsel from Retrospect Sales.  I have never been paid a cent by Retrospect "Inc." or its predecessors, and I pay for my upgrades. Any judgements expressed are—obviously—mine alone. The same is true of Retrospect's history, especially here. 

Malcolm McLeary,

I have only two questions about your use of the Retrospect Management Console:

  1. Is the way it works now satisfactory for your purposes?
  2. If it's not satisfactory, is Retrospect "Inc." likely to fix it?

Based on your preceding posts in this thread, I'd say the answer to my first question is "No".  Here's why I think the answer to my second question is also "No":

Let's look at the history of the Management Console shown in the Retrospect Windows cumulative Release Notes.  The Management Console came out of beta with 16.0 in March 2019.  There were bug fixes and added Pause/Unpause/Stop support through 16.1 in May 2019.  Then there were major enhancements added in 16.5 on 1 October 2019, followed by one minor enhancement and Automatic Onboarding added in 17.0 on 3 March 2020.  IMHO it's significant that16.5 had so many bugs in it that there was a very-unusual 16.6 release on 2 December 2019—which also added Retrospect non-Management Console Preview, and that 17.0 came out a week earlier than usual and had a "clear the decks of bug fixes and ongoing enhancements" feel to it.

Over 40 years I developed the opinion that a major aspect of applications development is applied political science, which can be studied by "reading the tea leaves".  In the case of Retrospect, IMHO the "tea leaves" say that StorCentric took over product management during the period of June 2019 through February 2020, and that the efforts of the Retrospect engineers have now been redirected to supporting the development of a variant of the "backup server" Engine that runs on Drobo—and I hope other Linux—NASes.  That support is above all developing a simplified Console that runs on a Mac or Windows machine to control and monitor the Engine running on a NAS, and the purpose of the Retrospect non-Management Console Preview is clearly to "run the proposed GUI up the flagpole and see if anybody salutes" (apologies for paraphrasing a 1950s Madison Avenue catchphrase). 

If Retrospect Engine on a NAS is going to succeed in a "go wide or go home" competition against Synology Hyper Backup and similar non-client-server backup applications, its Console GUI is going to have to be much easier to learn than the GUI of the current Retrospect Mac Console.  In 2016 other posters on the Ars Technica Mac forum belittled Retrospect Mac 12 because it took me  6 hours to learn how to set it up—even though I had used Retrospect Mac from 1995 to 2010, and independent software reviewers over the years have always noted that Retrospect is difficult to learn. 

OTOH developers of that simplified Console won't be faced with the problem that has been a stumbling block for Retrospect Windows; DroboAccess provides a built-in Web server, and other Linux-based NASes no doubt have similar facilities.  I'm sure that the Retrospect engineers will try to get the simplified Console to work better using Heroku to interface with Retrospect Windows Engines, but from what you've said in your first two up-thread posts that's going to be difficult.  IMHO Mihir Shah of StorCentric won't let them spend a lot of time on Heroku; the bugs you found show minimal 2019 testing. 

So that's why I think the answer to my second question is "No"—and that goes double for the enhancements the second and third paragraphs of your immediately-up-thread post suggest.  Costinel's probably not that knowledgeable.  Knowing that I tried phoning the head of North America Sales on 3 July to ask him that second question, but he was unavailable—possibly because Saturday 4 July is a major U. S. holiday.  I'll try again next week.

BTW you're wrong about Retrospect "Inc." being a "Mac first, Windows second company".  That may have been true in the 1980s and 1990s, but hasn't been true at least since EMC took over Dantz Development Corp. in 2004.  The Windows market is just so much bigger.

 

Share this post


Link to post
Share on other sites

David,

I'd answer "No" and "Probably not, but one can hope" to your questions.  It has potential, but Retrospect Management Console doesn't really work.  It should only be available for testing ... a Limited Preview.  I'm currently trialing a Developer Preview of FMS 19 for Linux and so far I can't break it.  Its as stable as the release versions for MacOS and Windows ... feature for feature its the same product (accepting a few capabilities yet to be implemented) running on a different OS.

IMHO Retrospect need to do same.  Not only leverage common code, but also the exact same UI and workflows.  Deploy the client as appropriate and run the server on what is most appropriate for the environment.  The experience should be the same.

I'd be interested in what they do with a Drobo NAS.  I've used a Drobo for personal storage for years but only a direct connect version.

Yes, the Windows market is bigger but unfortunately the users are generally comfortable with using slapped together, poor quality software ... its simply consistent with the OS.  It doesn't have to work ... it just has to sell.

I gave EMC a chance when they took over Dantz Development Corp. but it was apparent to me that they were a Windows company and product quality was going to suffer so I moved on.

Perhaps I should forget about this little misadventure back to Retrospect and stick with Synology based options.

Share this post


Link to post
Share on other sites

Malcolm McLeary,

(The disclaimer at the top of this up-thread post applies here.)

I see you have now discovered that Retrospect for iOS can't access a Retrospect Windows 17 or 16.6 "backup server".  I guess that explains part of this problem as well.  IME Retrospect "Inc." and its predecessors have a decades-old deficiency in alpha-testing, dating back well before the EMC acquisition but no doubt exacerbated by the temporary end-of-lifing in 2007.  What they need is an alpha-tester employee with the intelligence of a good applications programmer, but the controlled malice needed to forgo creation in favor of finding bugs in other employees' creations.  Such alpha-testers are hard to find—and probably highly paid; I was employed as one in 1996–1998, and was laid off because I lacked the malice—so I concentrated on a programming task.  When I next manage to speak with the head of North America Sales—tomorrow or later, I'll ask him to re-direct your Support Case for this bug—as well as the Support Case you should file for the other bug—to Tech Support in California; I don't know whether Costinel has the power/desire to do that.

Getting back to the Retrospect Management Management Console vs. the Retrospect non-Management Console Preview, I've now realized that I'm out of my technical depth.  I've said up-thread that what's needed is a webserver in both Heroku and the forthcoming Linux variant of the Retrospect Engine.  Heroku undoubtedly has a webserver, but I've recalled the following facts:

  • Don Lee discovered in 2017 that he could access a Retrospect Windows "backup server" from the Console running on a Mac laptop.  Presumably neither of these machines had a webserver running, but presumably they were on the same LAN.
  • AFAIK Retrospect for iOS  doesn't have need to have access to a webserver, yet from 2014 through 2019 it has been able to communicate with a Retrospect Windows "backup server" over TCP port 22024..
  • The Retrospect Mac Console in any Edition higher than Desktop (that's what my home installation has) can communicate with a Retrospect Mac "backup server" on another machine, so long as both machines are on the same LAN—but regardless of whether either machine has a webserver.

So what I'll call "UAC-acceptable port 22024 LAN communication" seems to exist—however it works .  If the forthcoming simple Retrospect Windows Console has "UAC-acceptable port 22024 LAN communication", then it won't need a webserver to communicate with a Retrospect Windows Engine.

Share this post


Link to post
Share on other sites

David,

There is a difference between running a "web server" and simply leveraging web technologies.  A "web server" in most peoples minds conjures up being able to access fully formatted and structured pages of information but it doesn't have to be that way.  The "service" could respond simply with XML or JSON formatted data to an appropriately crafted request (which also contains an Access Token previously obtained).  The "service" could process appropriately formatted XML or JSON data which is in the payload of a http POST.  Commonly if the host does have a "web server" then it handles the routine "web" traffic, but appropriately crafted requests are passed to the "service".  This way the "service" can leverage an existing installation of Apache, IIS, nginx, etc.

I suspect the Retrospect Management Console works like this where the "engine" does an http POST to the "console" periodically to give it status updates and polls for "commands".

It would be appropriate if port 22024 on the "engine" worked like this as well where the Retrospect for iOS sends a http POST and gets back appropriate data which it processes, caches and presents.

Security is provisioned by using https rather than simply http.

If you keep it all "in house" then self signed certificates are fine, but if you get standard browsers involved when rendering the "console" then you need to have properly signed certificates.  This can be problematic for Home users but seldom an issue for Business users as its best practice to buy a wildcard certificate and use it everywhere its needed.  An alternative is Let's Encrypt

https://letsencrypt.org

which is an option provided by most NAS vendors.  None the less it can be tedious because you need to have DNS entries and expose port 80 and 443 to the internet so Let's Encrypt can validate the endpoint.

Anyway, Windows 10 can run IIS ... its simply not installed by default.  MacOS has Apache and so does Linux (even if its not part of a minimal install).  Retrospect don't need to include a "web server" ... its most likely already there, BUT if they persist in maintaining backward compatibility with Vista/7/8, etc, for a "backup server" then things probably get complicated, however I'm only talking about a "backup server" ... not clients.

Share this post


Link to post
Share on other sites

Malcolm McLeary,

(The disclaimer at the top of this up-thread post applies here.)

Late Tuesday afternoon Silicon Valley time I reached the head of North America Sales by phone; he's been selling Retrospect since the EMC days.  He checked the Support Case system using his magical Salesperson privileges, and says you have several current Cases.  He's vaguely heard of Costinel, whom he thinks is new, and says the European Tech Support organization has recently physically moved.  I told the head of North America Sales you're a potential Partner (he Googled the nature of your business),  and he's agreed to bring your current problems to the the attention of the head of Retrospect Technical Support in Silicon Valley.

Despite my limited understanding of communications technology, I've used what you wrote in the post directly above to come up with a new hypothesis as to the cause of your two problems.  One of the glories of Retrospect has been its Proactive backup capability, but this was substantially improved in March 2018 and renamed ProactiveAI (the improvement is really a decision tree, using linear-regression backup speed predictions, rather than true AI).  Steps 3 and 4 in that Knowledge Base article describe the "backup server" Engine "reaching out" to every "client" machine in a running Proactive script, and my guess is that that improved "reaching out"—which was made more frequent in Retrospect 17.0.0—interferes with the existing "reaching out" the Engine's been doing to make Management Console and Retrospect for iOS possible.  The latest version of Retrospect for iOS was released in September 2017, and it's consistent with the engineers' habitually-limited alpha-testing (a characterization that the Sales guy said was very charitable 🤣  ) that they wouldn't have retested Retrospect for iOS since then.  The Management Console released in March 2019 was originally described as being updated once a minute, although I was surprised to see in a Retrospect webinar I was invited to attend on 3 April 2020 that the updating seemed to be more frequent than that—so maybe an engineer had hobbled the ProactiveAI "reaching out" for that demo.  I told the Sales guy my hypothesis; we'll see if it's correct.

The key point about the existing Retrospect Mac LAN Console is that the Mac LAN Console "reaches out" to a "listening" Engine, not the other way around.  That enables the Mac LAN Console to update the Engine's stored scripts/sources/destinations/etc. instantly, which is surely a capability that the Retrospect engineers wanted for a Retrospect Windows LAN Console back in 2008.  Windows UAC made that impossible, and IMHO it makes sense that the engineers wouldn't settle for a less-than-instantly-updating Windows LAN Console—so they've never developed one.  The Sales guy says the engineers intend to try to create a simplified Windows LAN Console—not requiring a Drobo "backup server"—as part of the effort I described in the fifth-from-last and third-from last paragraphs of this up-thread post, but IMHO it'll have to be less-than-instantly-updating.

BTW the Sales guy says that engineering effort has slipped for COVID-19-related reasons, so it's not going to get done by August or September 2020.

 

Share this post


Link to post
Share on other sites

Its been said that the Retrospect Management Console is adequately secured and besides it doesn't contain any actual data.

Further its "mainly" a reporting tool which passively receives status information from "backup servers".

Apart from the performance aspects of this thing running in the US, I'd prefer to be running it "in-house" because I believe that presently there is a fairly significant security flaw which could be exploited to exfiltrate data on a large scale.  Please tell me I'm wrong ...

The attack vector requires first gaining a username/password combination for Retrospect Management Console.  Given that accounts are compromised all the time lets assume that an Advanced Persistent Threat (APT) exists for a given organisation and they have the means to obtain credentials for what is an external publicly visible system which does not enforce 2FA.

Now although the Retrospect Management Console does not contain any data, it does have the ability to edit backup scripts and even create new scripts.  For these new scripts, or existing scripts, you can set up "Other Destinations" ... including Other Cloud Storage.

So having gained access to the Retrospect Management Console (as its only secured by username/password) the actor simply adds an extra Amazon S3 destination with a new 20 char Access Key and 40 char Secret Key and have Retrospect send out "everything" ... essentially untraceable as the Access Key and Secret Key don't provide any information as to which Amazon Account owns the S3 Bucket.  Then the actor simply Recreates the Catalogue for this exfiltrated Storage Set, on another machine running Retrospect and restores whatever they want.

It seems that the actor can even cover their tracks by deleting the created script after they've gotten what they want.

There is no need to mount an attack on Amazon or any encrypted backups which may be stored there.  There is no need to penetrate the target site and copy data directly or remove encrypted backup media which may be laying around ... just add a Cloud Storage Backup Set to one or more existing Scripts (or add one) and have Retrospect diligently do all the work.

Who is going to notice that "extra" Backup Set or that "extra" script in a large installation?  

The only problem I see at the moment is that you can't turn off verification on this new Cloud Storage Set so the additional download may be noticed but as most organisations download way more than they upload this overhead may go unnoticed.

Just putting it out there that any cloud based service which is only secured by username/password is just asking to be compromised and in this case becomes an avenue for massive data theft.

Share this post


Link to post
Share on other sites

Malcolm McLeary,

(The disclaimer at the top of this up-thread post applies here.)

Let me reference from another thread my thanks to you for shooting down my hypothesis that the Retrospect Engine doesn't initially listen on port 22024.  That leaves me with only a purely marketing explanation—discussed in the last paragraph of the linked-to post—for the puzzling fact that Retrospect Inc. has never implemented a Retrospect Windows LAN Console equivalent to the Retrospect Mac LAN Console.  But the engineers are now developing a simplified Retrospect Windows Console.

AFAICT you're spot-on about the security flaw in the Management Console you discuss in the preceding post.  Unless the forthcoming Retrospect Windows Console can be limited to use from the LAN the Engine is on, as the existing Retrospect Mac LAN Console is, it would have the same security flaw.  I urge you to file a Support Case for a 2FA enhancement to the Management Console.

In the same Support Case, or in one you have already filed, you could add an Additional Note requesting that the Management Console be replicated in Heroku's Australian region—which should make it more responsive for you  I've pointed out in this up-thread post that the Management Console was developed as part of Retrospect Inc. Product Management's evidently-unsuccessful "go big or go home" strategy.  I'l bet they never thought about the possibility of an Australian consultant using it.  Do you drop from trees onto clients? 🤣

Share this post


Link to post
Share on other sites

David,

I can't explain the "stagnation" between v7.7 and v17.0 as I stopped using Retrospect at v7.7 when the writing was on the wall that EMC intended to kill the product, only to return recently to see next to nothing had changed.  Don't get me wrong, Retrospect has some great features under hood ... shame about the look and feel (of the Windows version).

Presently I've posted my concerns about the security of the Management Console here to illicit peer group thoughts and advised APAC Sales, but the next step is Tech Support although I have already raised a feature request for 2FA without indicating my underlying concern ... just that its best practice for cloud services.  I must say that my previous post is not simply theory ... its pretty straight forward to demonstrate that once you have access to the Management Consoles you can add a Cloud Backup Set and the add a script or modify a script to send company data to that Backup Set.  You can then recatalog that Backup Set on a separate machine and hence "restore" anything.  Its irrelevant that the Management Console can't access data ... it can instruct a "backup server" to save data to a "foreign" Cloud Backup Set.  The weak link is access control.  Apart from 2FA the situation could be improved/resolved  by enforcing backup set encryption where ONLY the "backup server" knows the secret key.  This exploit works because the additional "foreign" Cloud Backup Set is not encrypted by default.  Strong passwords are a myth ... no-one cracks strong passwords ... users are tricked into revealing them or they are stolen. A "random" 6 digit PIN which changes every 30 seconds and is generated by an independent device is a simple to implement fix.  Leveraging a hardware token like a Yubikey would gain massive street cred.

I have raised a support case about the Management Console having issues with time zones ... status is hours behind reality most likely because APAC is in the future compared to the US.  This is quite different to simply "response" and "refresh".  AWS has a presence in APAC ... and so does Heroku

https://blog.heroku.com/private-spaces-sydney-region

but realistically I'd prefer to run a Management Console on premise ... not in the cloud.

Presently Retrospect is hard coded to post status updates to console.retrospect.com ... it would be better if this was user definable (aka self hosted).

Drop Bears are real ... if you have ever gone camping in the Aussie bush you may have heard the males at night ... truely frightening. 😉

Share this post


Link to post
Share on other sites

Malcolm McLeary,

First, the "stagnation" between Retrospect Windows 7.7 and 17 was only in the UIStarting here is a version-by-version listing of the enhancements in the "backup server" between Retrospect Windows 8—which included user-initiated backups and restores introduced with Retrospect Mac 9—and Retrospect Windows 12.  Retrospect Windows 15 (which directly followed 12, in order to restore version number parity with Retrospect Mac) enhancements included e-mail protection, what is now called ProactiveAI, Remote Backup, data hooks, and the beta of the Management Console.  Retrospect Windows 16 enhancements included Storage Groups, deployment tools, and the features of the Management Console Add-On.  Retrospect Windows 17 enhancements—as I'm sure you know—included Automated Onboarding for the Management Console, speeded-up ProactiveAI, and Restore Preflight.

The latest thought you have elicited from me (definitely not illicit—a different word 🤣  ) on Management Console security is that—your basic idea— your Support Case should suggest adding a "Backup Sets Must Be Encrypted With AES-256" preference to the Security Preferences listed on page 327 of the Retrospect Windows 17 User's Guide.  You can already specify encryption for a particular Backup Set per pages 98-99  of the UG, but this enhancement would be a simple way—pending a 2FA enhancement that might be hardware-dependent—of plugging the security hole you have pointed out up-thread.

As for the Management Console having issues with time zones, I think you may have missed the point of this link in my preceding up-thread post.  Heroku may have a presence in APAC, but AFAICT console.retrospect.com defaults to a Retrospect Console app either in Heroku's "virginia" region or in its "us" region.  Replicating the Retrospect Console app in Heroku's APAC region would probably solve both the time zone and responsiveness problems.

Lastly, in December 2003 I spent two weeks in Australia—including a total of three nights at the house of one of my ex-bosses in Ferntree Gully in the state of Victoria.  That house was (I hope it hasn't burned down) hard up against the western border of the Ferntree Gully National Park, whose eucalyptus trees seem like they'd be a prime habitat for drop bears.  However the only nighttime "assault" I experienced was some kind of opossum relieving itself on the back porch railing, and I was not bothered overnight by any frightening cries.  I also took a walk in a fragment of bush forest to the south (?) of the coastal road between Melbourne and Adelaide, although that was during the afternoon.  If you insist that drop bears are real, you should start by editing the Wikipedia article on the subject—which states that they are a hoax (as both my Aussie ex-bosses also told me at the time).  I must warn you, from personal experience, that other Wikipedia editors will immediately revert your changes unless you include very reliable references. 🤣

 

Share this post


Link to post
Share on other sites

David,

I have been very clear in that its the "Desktop Experience" requirement that I have issues with, which could have and should have been changed a long time ago.  I don't need a version by version summary of under the hood changes since v7.7.  I have always said Retrospect has some great features under hood.

Yes ... presently Backup Set Encryption is optional and disabled by default on a Set by Set basis.  It really needs to be a global Security Preference and perhaps mandatory for Cloud Backup Sets.  That is fundamentally why my "exploit" works ... once one has access to the Retrospect Management Console you can add a Cloud Backup Set on any S3 Compatible target and have the "backup server" diligently use it (without encryption).  Being a cloud service 2FA is industry best practice if not essential.

Yes I was noting that there is a Heroku presence in APAC and you identified how simply Retrospect can make it happen.  Still I'd prefer self hosting on premise.

Drop Bears are a story passed around to keep visitors away, however some of the most deadliest creatures on the planet do live here.

Share this post


Link to post
Share on other sites

Late to the party, since RMC holds no interest for me. So I won't comment on most of the thread. However...

On 7/4/2020 at 2:00 AM, Malcolm McLeary said:

Retrospect Management Console appeals to me because it will remove the need to VPN into multiple sites just to confirm backup status or monitor completion emails.  Similarly I use Zabbix to monitor the status of critical systems/services and Unifi/UNMS to monitor/manage network infrastructure across multiple sites

I can see how RMC would be very appealing, especially if it presents as "single pane of glass" rather than you having to go to one site, then the next, then the next. But if your main requirement is monitoring, maybe look at using Script Hooks to send data to your Zabbix instance so it's of a part with your other stats reports/alerts.

I don't know how much you can do within Zabbix, eg to show machines which haven't been backed up in X days. But you've got FileMaker available -- it wouldn't take much to parse the backup reports or any other info sent via Script Hooks into a custom database with any functionality you wanted, including a dashboard, automated email alerting, etc. (I used to do that back when v6 had AppleScript support, so I could monitor things like weekly churn on individual machines, generate summaries of Group backup storage usage for cross-charging, and similar.)

Share this post


Link to post
Share on other sites

Malcolm McLeary,

(The disclaimer at the top of this up-thread post applies here.)

Regarding your justified desire for 2 Factor Authentication in the Management Console, let us first consider the RMC as it currently is—an application developed by Retrospect engineers running on Heroku.  Heroku currently has 2FA at the account level, but AFAICT this applies only to the developer of the applicationnot to a user of the application.  What you want is for each authorized user of the RMC to have his/her own 2FA, and I doubt Heroku gives the capability to a developer of requiring that for a user signing in to the RMC.   Maybe you could get Retrospect "Inc." to give you your own copy of the RMC application set up on Heroku's APAC server, but I doubt it. 

Moreover obtaining that would only enable someone with access to your "magic cellphone" containing the authenticator app to access the McLeary RMC, meaning in practice you personally.  What if you want to allow a manager at your customer site to monitor his/her own site via the McLeary RMC?  That argues for Retrospect "Inc." giving you authorization to install a modified version of the McLeary RMC code on a machine at each customer's site, but then you'd be responsible for making the modified version work on that particular machine.  You'd also be responsible for making sure—as described under "Setting up recovery options" in the Heroku page lined to in the preceding paragraph—that either the customer knows what to do with the SMS recovery message sent to another of his/her phones that still works or that you receive that message on one your own phones.  That's why the author of this recent Ars Technica front-page article thinks hardware keys are a better choice for 2FA than authenticator apps running on a smartphone.  But, as the rest of that article implies, you'd be responsible for enhancing Retrospect's code for RMC to make hardware keys work on your version—depending on what particular OS it's running under.  Maybe you could sell those enhancements back to Retrospect "Inc.", if they're still interested—which as I have implied in the next-to-last paragraph of this up-thread post they're probably not.

Nigel Smith's suggestion to use Script Hooks to extract info from Retrospect script runs for FileMaker use would, of course, work only for scripts that have been written to use those Script Hooks.  That wouldn't apply to any unauthorized scripts written by a hacker (but without RMC these couldn't exist).

P.S.: My implied point in the preceding paragraph—whose last sentence I've  clarified with a parenthesized clause—was that for security reasons you'd still have to eliminate any use of Heroku-hosted RMC as it exists now.  A simpler monitoring solution would be to use Retrospect for iOS, if the engineers got that working again in Retrospect Windows 17.

 

Edited by DavidHertzberg
P.S.: Point in preceding paragraph (now clarified) was you'd still have to eliminate use of Heroku-hosted RMC; a simpler monitoring solution would be to use Retrospect for iOS, if it worked for Retrospect Windows 17

Share this post


Link to post
Share on other sites
48 minutes ago, DavidHertzberg said:

Nigel Smith's suggestion to use Script Hooks to extract info from Retrospect script runs for FileMaker use would, of course, work only for scripts that have been written to use those Script Hooks.  That wouldn't apply to any unauthorized scripts written by a hacker.

?

My point is that if the only requirement is monitoring, you could use Script Hooks to generate your own data to parse into the on-prem engine of your choice and not use RMC at all. I can't speak for Malcolm, but the vast majority of my RS interactions are for monitoring so having to VPN into each site when active management is required wouldn't be a hardship.

Share this post


Link to post
Share on other sites

Malcolm McLeary,

I may have found a Retrospect Management Console answer that would satisfy both your desire for monitoring backups and your desire for security with the current version of RMC.  It is based on my reading of this "Feature Tiers" section of the Retrospect Management Console documentation.

Per the "Features included with Management Console Add-on" sub-section of that section, script creation on an "backup server" Engine seems to require that that Engine not be an "Unmanaged  Engine".  AFAICT that seems to mean that if a "backup server" doesn't have a license for the Management Console Add-On , then you can't create a script to be run on it using the RMC.  That would close the security hole you noticed.

Of course that means that your monitoring of an "Unmanaged Engine" would be limited to the Dashboard shown at the top of this "Overview" section of the documentation.  But, given that you've updated the Preferences in each "backup server" Engine with the UUID for your Management Console per the "System Setup" sub-section of the documentation, that Dashboard might be sufficient for your monitoring needs.  Check with Retrospect Tech Support.

P.S.: I wrote an e-mail Sunday night to the head of North America Sales, asking him to find out if my second and third paragraphs are correct.

Edited by DavidHertzberg
P.S.: I wrote an e-mail Sunday night to the head of North America Sales, asking him to find out if my second and third paragraphs are correct.

Share this post


Link to post
Share on other sites
On 7/23/2020 at 12:20 PM, DavidHertzberg said:

A simpler monitoring solution would be to use Retrospect for iOS

I don't think that would help -- you'd still have to VPN in separately to each "organisation" to check/monitor, just what Malcolm was trying to avoid by using RMC. Doubly annoying since, last time I looked, iOS VPN settings weren't available to Shortcuts.

Assuming Malcolm has "control" of the remote RS servers and routers he might be able to do something with a proxy server at his end which ssh-tunnelled to the remote servers. Quite how you'd set that up is well beyond me though 😞 

Share this post


Link to post
Share on other sites

Nigel Smith and anybody else,

Here's a March 2020 article titled "How to Set up an iPhone VPN";  if you don't want to use a VPN app, look at the section "Manually Configure a VPN on iOS".  I don't have any kind of "smart phone"—much less an iPhone—so I haven't tested out the procedure.

Malcolm McLeary and anybody else,

I had written an e-mail to the head of North America Sales, asking whether my temporary solution to the security hole in the Retrospect Management Console—that you had identified—would work.  When I didn't get a reply I followed up with a phone call voice mail, to which he replied late Friday afternoon.  He said he'd just come out of a meeting, and mentioned that there's now a supply chain problem for Drobo devices (I think we can guess where those are manufactured 🙂).  I don't know how that'll affect the StorCentric-dictated priorities mentioned in the last sentence of this post in another thread; i.e. whether it'll permit diverting engineers to fixing the Retrospect Management Console problems discussed in this thread sooner or not.

I didn't want to interrogate the head of North America Sales on whether this Retrospect Management Console answer will work; after all, I'd be asking a salesperson whether there's an additional feature available at no charge—without paying for the Management Console Add-on.  So after a couple of days I tried it this morning; it seemed to work using a Retrospect Mac 16.6 "backup server"—but see the P.S. on Sales  "helpfully" giving me the Add-On license.

On my MacBook Pro "client" I executed the "Account Creation" procedure in this document, using my regular e-mail password and the Forums password it defaulted to.  When I got the confirmation e-mail I clicked the Confirm Account link and assiged an organization name.  I copied the UUID from the dialog  onto a piece of paper, walked 45 feet to my Mac Pro "backup server", booted it and immediately paused all Retrospect activities, and followed the "System Setup" procedure's "Retrospect Backup"  sub-section in the document—copying the UUID from the piece of paper.  I then un-paused all activities, went to my MBP's Firefox browser, and opened a tab with the URL https://console.retrospect.com/dashboard?—which inserted the machine= and organization= fields at the end of the URL.  I then clicked the name of my "backup server" in the left-hand column, and got a Dashboard delayed behind the actual "backup server" by 2 to 4 minutes.  I guess that's the Heroku updating lag—RMC 's price you pay for not having to VPN into each site separately.

However this seems to have in Retrospect Mac 16.6 the security flaw Malcolm McLeary has identified.   I can log out the Management Console from my MBP, close the tab, and re-open it again with the the same URL—which on my MBP fills in the remaining fields.  When I then click the Log In button on the top right of the Web page, entering the e-mail address I used for Account Creation and putting in the password—with no 2FA—gets me to a Dashboard panel.   Above the Dashboard are additional buttons for Past Activities, Sources, Sets, and Scripts; clicking one switches to an appropriate panel.  Clicking the Scripts button gives me a panel with a New Script button on the top right; clicking that appears to enable me to create a new Proactive Script 🙄.  Therefore I intend to disable Management Console on my Mac Pro's Retrospect Preferences, since I have no need for it so long as I can walk 45 feet.

P.S.: Ignore the first and last 3 sentences of the last paragraph; I'll rewrite it.  I got an e-mail this afternoon from another Retrospect Inc. salesperson just as I was leaving for an appointment.  It said he had given me a Retrospect Management Console Add-On license for free, apparently because my posting activity on these Forums—for which I'm not paid—is considered helpful for Sales.  The e-mail apologized because the Add-On license might not have worked; when I returned home I hurriedly phoned back and asked the salesperson to remove the Add-On license, which I had intentionally never asked for.

Edited by DavidHertzberg
P.S.: Ignore the first and last 3 sentences of the last paragraph until I rewrite it; Retrospect Sales gave me a RMC Add-On license I never asked for

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×