Malware Detection

Starting from Veeam Backup & Replication 12.1 (build 12.1.0.2131), you can use built-in or third-party malware detection methods to scan backup data and get information about suspicious activity or infected objects. The functionality includes:

• Detecting malware activity in guest indexing data and data stream
• Scan backup
• Performing the antivirus scan and YARA scan during secure restore
• Integration with third-party malware protection solutions through Veeam Incident API
• Viewing malware detection events
• Receiving daily and immediate reports about malware detection events
• Managing the malware status of the machines marked as Suspicious or Infected
• Marking specific restore points as Infected or Clean

For more details about licensing support for specific malware detection features, see Veeam Data Platform Feature Comparison.

Requirements and Limitations

Malware detection has the following requirements and limitations:

• Malware detection is only supported by specific platforms and applications. For more details, see the supported scenarios of the specific malware detection method:

• Guest Indexing Data Scan
• Inline Scan
• Scan Backup
• Secure Restore

• Only users with the Veeam Backup Administrator role have full access to the functionality. Users with other roles can view malware detection events and machines marked as Suspicious or Infected.

In This Section

• How Malware Detection Works
• Malware Detection Methods
• Configuring Malware Detection
• Viewing Malware Detection Events
• Managing Malware Status