Enabling malware scanning and anomaly detection
Malware and ransomware programs may go undetected on the server and the storage system for days, weeks, or months. These long durations make it possible that the malware may be backed up along with the regular backups if existing antivirus and antimalware tools miss the signature. In a ransomware event, the best practice is to scan backups before recovery to find and eliminate malware before it is restored. To plan ahead before an actual cyber event, you can implement anomaly detection and malware scanning against production backups.
NetBackup provides unique built-in anomaly detection and malware scanning to help detect malware and ransomware early. Once malware scanning is enabled, make sure that critical events are sent to a security information and event management (SIEM) system for alerts and security incident orchestration through platforms like Service Now.
NetBackup Appliance additionally provides antimalware protection for the appliance OS.
Note:
NetBackup appliances do not support the installation of third-party antivirus software, including on application instances.
How to enable malware scanning and anomaly detection:
Flex Appliance
Follow the same steps as NetBackup.
NetBackup Appliance
Follow the same steps as NetBackup and also enable antimalware protection for the appliance OS.
NetBackup