Antimalware scan of backups

This description applies to a feature that is not available for cloud-to-cloud backups. For more information about a similar feature, Antimalware scan of Microsoft 365 mailboxes, see Antimalware scan of mailboxes.

With an antimalware scan of backups, you can prevent recovery of infected files by checking whether your backups are free of malware. Antimalware scans are performed by a cloud agent that resides in the Cyber Protection data center and no local computing resources are used.

The availability of this feature depends on the service quotas that are enabled for your account.

To perform an antimalware scan, you must configure a backup scanning plan. For more information, see Backup scanning plans.

Every backup scanning plan creates a scanning task for the cloud agent and adds this task to a queue, which is one per data center. Scanning tasks are processed according to their order in the queue.

The scanning time depends on the backup size. That is why there is a delay between creating a backup scanning plan and completing the scan.

The backups that you selected for scanning can be in one of the following states:

  • Not scanned
  • No malware
  • Malware detected

You can check the results of a backup scan in the Backup scanning details (threats) widget. You can find it in the Cyber Protect console, on the Monitoring > Overview tab.

Limitations

  • Antimalware scan is supported for Entire machine or Disks/volumes backups of the following workloads:

    • Windows machines on which a protection agent is installed.

    • Windows virtual machines that are backed up at the hypervisor level (agentless backup) by Agent for Hyper-V and Agent for VMware (Windows).

    Antimalware scan is not supported for backups created by virtual appliances, such as Agent for VMware (Virtual appliance), Agent for Virtuozzo, Agent for Scale Computing HC3, Agent for Azure, and Agent for oVirt.

  • Only volumes with the NTFS file system, and GPT or MBR partitioning are scanned.

  • Antimalware scan is supported only on the default cloud storage. Local storages, partner-hosted storages, and public cloud storages are not supported.

  • Antimalware scan is not supported for tenants in Compliance mode.

  • Antimalware scan is not supported for the following file types:

    • RAR
    • 7z
    • ISO
  • If a scanning task fails, it will be retried in one day.
  • When you select backups to scan, you can select backup sets that include a Continuous data protection (CDP) backup. However, only non-CDP backups in these backup sets will be scanned. For more information about the CDP backups, see Continuous data protection (CDP).
  • When you perform safe recovery of an entire machine, you can select a backup set that includes a CDP backup. However, this recovery operation will not use the data in the CDP backup. To recover the CDP data, run an additional Files/folders recovery operation.