Malware Scan
Orchestrator allows you to scan a machine included in the plan for possible malware either when running the plan or without running the plan by performing on-demand scanning. You can also perform the scan when testing a plan in a DataLab.
You can instruct Orchestrator to do the following:
- Check if any of restore points are marked as Suspicious or Infected. For more information, see the Veeam Backup & Replication User Guide, section How Malware Detection Works.
- [Applies only to restore and cloud plans] Scan restore points with antivirus software. For more information, see How Orchestrator Performs Virus Scan.
- [Applies only to restore and cloud plans] Perform YARA scan. For more information, see Managing YARA Rules.
Scan Method | Restore Plan | Replica Plan | CDP Replica Plan | Storage Plan | Cloud Plan | |
|---|---|---|---|---|---|---|
To VMware | To Hyper-V | |||||
Scan on-demand |
|
| Malware flag check | Malware flag check |
|
|
During plan execution |
| Malware flag check | Malware flag check | Malware flag check |
|
|
During a DataLab test |
|
| Malware flag check | Malware flag check |
|
|
Requirements and Limitations for Malware Scan
To allow Orchestrator to perform malware scan, the following prerequisites must be met:
- Virus and YARA scan is supported for restore and cloud plans. However, machines recovered to a Hyper-V environment can be scanned with antivirus software and YARA rules only when running a malware scan on-demand, which means that the scan cannot be performed during a DataLab test or plan execution.
- Only .YAR and .YARA files are supported.
- Scanning storage plans for possible malware is not supported.
- Veeam Backup & Replication server that manages replication jobs protecting machines included in CDP replica plans must run version 13.0.1 or later.
- The Veeam Backup & Replication server that manages the process of recovering machines to Microsoft Azure must run version 12.1 or later.
- Antivirus software must be installed on the mount server and support the command line interface (CLI). For the list of supported antivirus software, see the Veeam Backup & Replication User Guide, section Antivirus XML Configuration File.
- For Linux-based machines protected by a Windows-based Veeam Backup & Replication server, antivirus and YARA scans are supported only if you specify a Linux-based server as the default mount backup server in Veeam Backup & Replication.
For more information on how to configure the default mount server, see the Veeam Backup & Replication User Guide, section Mount Servers.
Related Topics