Ransomware Protection false positive

  • 15 September 2023
  • 1 reply

Userlevel 3
Badge +14


We have a small problem with Ransomware Protection. We have two VM's for our Microsoft Exchange service. These two VMs are secured via VSA.
In addition, the Exchange databases are secured via the corresponding agent. Now we have the problem that if the DB deletes log files or a lot of data is modified, Commvault suspects a ransomware attack from the VMs and sends out an email. So Commvault has no knowledge that these changes are triggered by the database and suspects that the VMs underneath are being attacked.
Is there the possibility of excluding individual directories from the protection? Or how can the problem be solved.

Kind Regards



Best answer by Nutan Pawar G 15 September 2023, 11:08

View original