Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Malware detection
  7. Scan a policy client backup images for malware
NetBackup™ Security and Encryption Guide

Scan a policy client backup images for malware

To scan a policy client backup images for malware

  1. On left, click Detection and reporting > Malware detection.
  2. On the Malware detection page, click Scan for malware.
  3. From the Search by option, select Backup images .
  4. In the search criteria, review and edit the following:

    • Policy name

      Note:

      Only supported policy types are listed.

    • Client name

      Note:

      Shows clients which contains supported policy type backup images.

    • Policy type

    • Type of backup

      Note:

      Incremental backup images without accelerator feature enabled are not supported for VMware workload.

    • Copies

      Note:

      If the selected copy is not an instant access capable copy, the backup image is skipped for the malware scan.

    • Disk pool

      Note:

      Only MSDP (PureDisk) storage type disks pools are listed.

    • Malware scan status.

    • On the Select the timeframe of backups verify the date and time range or update.

  5. Click Search.

    Note:

    Select the search criteria accordingly and also ensure enough scan host availability and active in selected scan host pool.

  6. From the Select the backups to scan table select one or more images for scan.
  7. In the Select a malware scanner host pool, Select the appropriate host pool name.

    Note:

    Scan host from the selected scan host pool must be able to access the instant access mount created on MSDP storage server with configured share type NFS/SMB.

  8. Click Scan for malware.

    Note:

    The malware scanner host can initiate a scan of three images at the same time.

  9. This scan status is at backup image level and it is applicable to all copies of backup image. Once the scan initiated you can see Malware Scan Progress on Malware Detection, you can see the following fields:

    • Not scanned

    • Not infected

    • Infected

    • Failed

      Note:

      When we hover on failed status tool tip displays the reason of failed scan.

      Note:

      The backup images which failed in validation, are ignored. Malware scanning is supported for backup image stored on MSDP storage with instant access capability for the supported policy type only.

    • In progress

    • Pending

      Note:

      You can cancel the malware scan for one or more In progress and pending jobs.

Feedback

Was this page helpful?
Previous

Deactivate the scan host

Next

Perform malware scanning

Feedback

Was this page helpful?