Malware Scanning Configuration | Windows Server
Dear all, I`m somewhat confused from the documentation about this and to this date, I was not able to get malware scanning working. Our environment: - Master+Media server windows 2019 (same physical machine, BYO device) - local storage for disk backups - Attached Tape Library for tape backups - NBU 11.0 Desired functionality: Backup to Disk -> Scan if certain anomaly score is detected (e.g. medium) -> stage to tape -> expire Image on disk As a first step, I wanted to setup malware scanning to scan images manually without luck. In some way, all routes seems to end up in a "you need Linux or an appliance" way. Unfortunately, I`m forced to use only windows machines at this moment. What I did: - setup MSDP for local storage (storage server, storage pool, storage disk) - created a 2nd VM as Scan Host (windows server 2022), deployed NBU malware scanner and poweshell script "setting up windows server as scan host" as described in the documentation + netbackup client - configured a scanpool using "Netbackup client communication", nbu scanner and SMB - created a SMB share on a random folder on master/storage server Where I struggle: Where/how do I configure the share on netbackup webUI? Is this even possible? My current understanding is, that "Universal Share" feature is needed, which is reserved for Linux. Is there a way to use Malware Scanning Feature on a fully windows server environment with BYO devices? Thank you in advance! Marco
Recovery Assistance with Rapid Recommendations
In a perfect utopian world without adversaries, we wouldn't need post-quantum cryptography. But until we get there, the importance of protecting your data against current and potential future threats cannot be over-estimated. With malicious actors and nation-states attempting to harvest-now-decrypt-later, replacing asymmetric key cryptographic algorithms to post-quantum algorithms is no longer a choice.
setup Malware Scanning
Hi I have some questions: in NetBackup Security and Encryption Guide doc said: For BYO setup, Instant access must be configured on MSDP storage server See the "Configuring Universal share" section in Veritas NetBackup Deduplication Guide 1- what's MSDP BYO? if MSDP server is windows, is it BYO? in Veritas NetBackup Deduplication Guide doc said: MSDP build-your-own (BYO) server prerequisites and hardware requirements to configure universal shares: The universal share feature is supported on an MSDP BYO storage server with Red Hat Enterprise Linux 7.6 or later. The universal share feature is not supported on SUSE Linux. 2- if windos is BYO too, then how about Malware Scanning? is it possible or I should deploy Redhat MSDP??? I have a windows MSDP to backup vmware vms with accelerator feature and want to deploy Malware scanning Thanks in advanceNetBackup 10.4 Adds K8s Malware Scanning Support and New Malware Scanning Features
Previous versions of NetBackup offered great backup data malware scanning options. But version 10.4 adds a litany of great new malware scanning features you’ll want to have. Just upgrade and they’re yours today: Scanning of K8s unstructured namespace data at the file system level A new malware scanning job configuration validation tool. Pre-test job configurations with a test/dry run of the malware scanning job. A configuration validator screen lets you run a quick scan of a few files specified in the job to see if the configuration will work the way you want it to. VMWare single file restore (SFR) can now skip infected files, not just flag them Separate malware scan jobs now appear in Activity Monitor instead of being part of other jobs. This allows scan jobs to be managed separately with Activity Monitor controls Scan host failover. Teamed scan hosts can take over scanning jobs for each other if a scan job fails for any reason on the first host. A notification of failover is posted Additional fields are added in scan results and view details for those running security operations center (SOC) as a service (SOCaaS). SOC is a cloud-based subscription threat detection service. Host and policy-specific messages are added so it’s easier to identify which system(s) contain malware threats Past scanning results can now be deleted An automatic Ansible script for silent malware scanning configuration will be available on GitHub once the script is past Open Source Review Board (OSRB) approval.
