Skip to main content
Question

how Commvault Handling of Ransomware-Infected Files during 2nd Copy

  • 10 November 2023
  • 1 reply
  • 55 views

Hello Community,

 

I recall encountering an article that explained how Commvault handles files during the 2nd copy process If files/chunks on primary storage infected/compromised  by ransomware

it mentioned during aux copy, CV opens the each file including infected files, checks the header, and compares it with its own metadata reference.
 

If the file has been modified or changed to the extent outside of cv process then CV skip files/chunk during the copy process and that prevent data on the 2nd storage overwritten by those compromised files . 

Unfortunately, I'm unable to locate the article now, and I would greatly appreciate confirmation on this matter.
 

thanks

1 reply

C
Rank
Userlevel 5
Badge +14

Hello @DanC 

I think the process you are referring to is Data Verification. During Aux Copies we don’t pro-actively check if files have been modified but if the file cannot be read for the aux copy, it cannot be copied and errors will be reported.

Data Verification is the processes of checking through the data to validate its integrity and restorability. This run Daily by default but can be run manually with various options and scopes.

Data Verification of Deduplicated Data - https://documentation.commvault.com/2023e/expert/100399_data_verification_of_deduplicated_data.html

Validate Backups for Data Recovery - https://documentation.commvault.com/2023e/expert/12371_validate_backups_for_data_recovery.html

 

Thank you,

Collin

Reply


Terms & ConditionsCookie settings