Malware Scan

Before you run a restore or cloud plan to recover a machine to the production environment, Orchestrator allows you to scan the protected machine for possible malware. You can also perform the scan when testing a restore plan in a DataLab.

You can instruct Orchestrator to do the following:

• Check if any of restore points are infected with possible malware. For more information, see the Veeam Backup & Replication User Guide, section How Malware Detection Works.
• Scan restore points with antivirus software. For more information, see How Orchestrator Performs Virus Scan.
• Perform YARA scan. For more information, see Managing YARA Rules.

The results of the malware scan are taken into account when evaluating the overall Veeam Data Platform security level. For more information, see Veeam Threat Center Dashboard.

Requirements and Limitations for Malware Scan

To allow Orchestrator to perform malware scan, the following prerequisites must be met:

• Virus and YARA scan is supported for Windows-based machines only.
• Only .YAR and .YARA files are supported.
• The Veeam Backup & Replication server that manages the process of recovering machines to Microsoft Azure must run version 12.1 or later.
• Antivirus software must be installed on the mount server and support the command line interface (CLI). For the list of supported antivirus software, see the Veeam Backup & Replication User Guide, section  Antivirus XML Configuration File.

Related Topics

Managing YARA Rules