Secure Restore

Secure restore allows you to scan restore points with antivirus software before restoring the machine to the production environment. Starting from Veeam Backup & Replication 12.1 (build 12.1.0.2131), you can also scan restore points with YARA rules.

Secure restore is available for the following operations:

  • Instant Recovery
  • Entire VM Restore
  • Restore to Microsoft Azure
  • Restore to Amazon EC2
  • Restore to Google Compute Engine
  • Disk Export

How Secure Restore Works

For secure restore, malware detection works in the following way:

  1. On the mount server, Veeam Backup & Replication runs the Veeam Mount Service to perform the following steps:
    1. Mount machine disks from backups to the mount server under the C:\VeeamFLR\<machinename> folder.
    2. Initiate a new scan session.
  1. If malware activity is not detected, Veeam Backup & Replication will restore the machine to the target location. The malware detection event will not be created.
  2. If malware activity is detected, Veeam Backup & Replication will perform the following steps:
    1. Abort the restore process or restore the machine with restrictions depending on secure restore settings.
    2. Create the malware detection event and mark objects as Infected.

By default, the mount server role is assigned to the backup server or a backup repository. However, you can assign the mount server role to any 64-bit Microsoft Windows machine in your backup infrastructure. For example, you may want to run the malware detection scan on a different server for security reasons. For more information about mount server deployment and requirements, see Mount Server.

 

Tip

You can also scan machines for malware regularly within a SureBackup job. For information on how to enable the malware scan for a SureBackup job, see the Settings step of the SureBackup job wizard.

Requirements and Limitations

Secure restore has the following requirements and limitations:

In This Section

Page updated 3/7/2024

Page content applies to build 12.1.1.56