Malware Scan

Before you run a plan to recover a machine to the production environment, Orchestrator allows you to scan the protected machine for possible malware. You can also perform the scan when testing a restore plan in a DataLab.

You can instruct Orchestrator to do the following:

Check if any of restore points are infected with possible malware. For more information, see the Veeam Backup & Replication User Guide, section How Malware Detection Works.
[Applies only to restore and cloud plans] Scan restore points with antivirus software. For more information, see How Orchestrator Performs Virus Scan.
[Applies only to restore and cloud plans] Perform YARA scan. For more information, see Managing YARA Rules.

Requirements and Limitations for Malware Scan

To allow Orchestrator to perform malware scan, the following prerequisites must be met:

Virus and YARA scan is supported for machines recovered to a VMware vSphere and Microsoft Azure environment only.
Only .YAR and .YARA files are supported.
The Veeam Backup & Replication server that manages the process of recovering machines to Microsoft Azure must run version 13 or later.
Antivirus software must be installed on the mount server and support the command line interface (CLI). For the list of supported antivirus software, see the Veeam Backup & Replication User Guide, section Antivirus XML Configuration File.

For Linux-based machines protected by a Windows-based Veeam Backup & Replication server, antivirus and YARA scans are supported only if you specify a Linux-based server as the default mount backup server in Veeam Backup & Replication.

For more information on how to configure the default mount server, see the Veeam Backup & Replication User Guide, section Mount Servers.