Forum Discussion

Riadh_R17's avatar
Riadh_R17
Level 5
29 days ago

backup to WORM in flex appliance

Hi all

We have 2 flex appliances 5260 (one in prod site and one in DR)

We have also configured malware scan on prod site

is it possible to backup into media instance storage unit then scan for malware and when we are sure that the image is not infected we move it  to backup into the WORM storage server instance of the prod appliance?

the goal is to backup into the WORM after being sure that the images are not infected.

Thanks in advance

  • Technically, it is doable, but not automated. 

    You can write a script to scan all previous day's backups and, if they are clean, duplicate them to WORM storage. However, I do not suggest consuming Flex storage for that purpose. Not only will you use additional storage, but if you delete the images after duplication you may also lose the backup deduplication ratio. And this will cause backup delays.

    Alternatively, you can write your backups to WORM storage without the WORM flag. If the image is clean, you can duplicate it to the same storage with the WORM flag enabled. If it is not clean, do whatever you want to do with it.

    Lastly, I want to point out that NetBackup (or any other software) will not detect any virus or malware that is new and unknown to antivirus software, or if the antivirus is not up to date.

    • Riadh_R17's avatar
      Riadh_R17
      Level 5

      thank you StefanosM 

      Could you explain more the 2nd point :

      Alternatively, you can write your backups to WORM storage without the WORM flag. If the image is clean, you can duplicate it to the same storage with the WORM flag enabled. If it is not clean, do whatever you want to do with it.

      Could you please show the workaround or steps to do that?

      should we divise the flex storage to give a size for the media and a size for the worm or all to worm ? 

      i could not see how to scan image before sending it to worm?

      in netbackup i can scan images and define policies with storage units or SLP destinations

      so the backup will be sent to destination before beeing scanned.

  • There is no way to scan during backups. You must finish the backup first and then initiate the scanning process manually.

    As I mentioned, there is no way to automate this entirely within NetBackup. You will need to create a script (bash, Perl, Python, or whatever you prefer).

    What I suggest is creating two storage units, both targeting the WORM storage server:

    • One with the WORM flag enabled.
    • One with the WORM flag disabled.

    You would use the "no WORM" storage unit for the backups. Once a backup is complete, start the scanning process. If the scan is successful, duplicate the backup to the "WORM-enabled" storage unit.

    All backup images without the WORM flag can be deleted if necessary, but the duplicated images with the WORM flag cannot be deleted.

    If this is not clear to you, you can use your first solution: create an MSDP storage server on the media server and follow the same process. You will still need to automate the scanning and duplication process using scripts.