how Commvault Handling of Ransomware-Infected Files during 2nd Copy

Question

Hello Community,

I recall encountering an article that explained how Commvault handles files during the 2nd copy process If files/chunks on primary storage infected/compromised by ransomware

it mentioned during aux copy, CV opens the each file including infected files, checks the header, and compares it with its own metadata reference.

If the file has been modified or changed to the extent outside of cv process then CV skip files/chunk during the copy process and that prevent data on the 2nd storage overwritten by those compromised files .

Unfortunately, I'm unable to locate the article now, and I would greatly appreciate confirmation on this matter.

thanks

Collin Harper · Answer

Hello @DanCI think the process you are referring to is Data Verification. During Aux Copies we don’t pro-actively check if files have been modified but if the file cannot be read for the aux copy, it cannot be copied and errors will be reported.Data Verification is the processes of checking through the data to validate its integrity and restorability. This run Daily by default but can be run manually with various options and scopes.Data Verification of Deduplicated Data -https://documentation.commvault.com/2023e/expert/100399_data_verification_of_deduplicated_data.htmlValidate Backups for Data Recovery -https://documentation.commvault.com/2023e/expert/12371_validate_backups_for_data_recovery.htmlThank you,Collin

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded