Ransomware Protection

Last post 06-14-2017, 6:50 PM by MKV. 2 replies.
Sort Posts: Previous Next
  • Ransomware Protection
    Posted: 06-12-2017, 11:18 AM

    I am looking for more information regarding the Ransomware Protection option referenced in BOL: http://documentation.commvault.com/commvault/v11/article?p=features/disk_library/t_enable_ransomware_mediaagent.htm

    The documentation is very limited and we would like to understand more about what is happening with this option before we consider using it.

    Is this for Mount Paths that exist as part of the MediaAgent only (e.g. Local Disk, SAN Attached Disk)?

    Will it have any affect on NAS based mount paths? We have multiple MediaAgents that all have direct paths to a NAS based library. If one of those MediaAgents was able to somehow restrict the path for only their use, I would see that being an issue. I would guess this does not apply to NAS libraries, but I cannot find documentation to support it.

    -J. Mills
    Customer, Senior Systems Engineer
    Enterprise Storage and Data Protection
    CommVault Certified Master (V10/V11)
  • Re: Ransomware Protection
    Posted: 06-13-2017, 8:04 AM

    Well that is indeed what it states and yes it will also work on NAS based mount paths. And I would be very happy if it would restrict the access to the mount path in the case of ransomware infection. Because if it happens it will have effect on the entire volume thus all MAs will be affected.


  • Re: Ransomware Protection
    Posted: 06-14-2017, 6:50 PM

    When ransomware protection is enabled on an MA, any other applications like a ransomware running on these MAs will not be allowed modification/delete access to the files on the locally attached mount paths as well as network mount paths.

    To get the full protection of data on a network Mount path, the network share should have restricted permissions with a specific Commvault backup user that has write/modify/delete permission. This Commvault backup user credentials should be configured for Commvault disk library mount path and all MAs accessing this share should have the ransomware protection enabled.

    To reiterate, make sure that no other user, other than this specific backup user (not even an admin) has write/modify/delete permission on this network share.

    Note that this feature is applicable to only Windows MAs with V11 SP6 and higher.

    Manoj Kumar Vijayan
The content of the forums, threads and posts reflects the thoughts and opinions of each author, and does not represent the thoughts, opinions, plans or strategies of Commvault Systems, Inc. ("Commvault") and Commvault undertakes no obligation to update, correct or modify any statements made in this forum. Any and all third party links, statements, comments, or feedback posted to, or otherwise provided by this forum, thread or post are not affiliated with, nor endorsed by, Commvault.
Commvault, Commvault and logo, the “CV” logo, Commvault Systems, Solving Forward, SIM, Singular Information Management, Simpana, Commvault Galaxy, Unified Data Management, QiNetix, Quick Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell, SnapProtect, ROMS, and CommValue, are trademarks or registered trademarks of Commvault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Copyright © 2019 Commvault | All Rights Reserved. | Legal | Privacy Policy