Skip to main content

Hey Guys,

I have a scenario. I want to replicate VM from DC to DR site. At some point if the VM gets malware attack and the same is replicated to DR site. The DR site also gets malware infected. How to mitigate this kind of a scenario

Hi @Anandu!

 

This is where you’d have multiple replica points to step backwards through, and you’d complement it with a backup in the DR site should you need to go back further!

 

Hope this helps 🙂


Fully agree witj @MicoolPaul. The alternative is to see if you can “replicate” on an application level for some selected applications. For example, Active Directory you would usually not relocate but rather just have an additional domain controller on the DC running.


Unless I’m mistaken, I believe you can also create SureReplica jobs and have it scan the VM image for malware like you can in SureBackup.  Of course, you’ll need to have an up to date AV/Antimalware application to do the scanning, but it may be helpful in identifying malware sitting on the VM.

https://helpcenter.veeam.com/docs/backup/vsphere/surebackup_job_settings_vm.html?ver=110


Unless I’m mistaken, I believe you can also create SureReplica jobs and have it scan the VM image for malware like you can in SureBackup.  Of course, you’ll need to have an up to date AV/Antimalware application to do the scanning, but it may be helpful in identifying malware sitting on the VM.

https://helpcenter.veeam.com/docs/backup/vsphere/surebackup_job_settings_vm.html?ver=110

You’re talking about Sure Restore feature

https://helpcenter.veeam.com/docs/backup/vsphere/av_scan_about.html?ver=110


I would use the replicas to provide quick failover incase of a physical location, or hardware failure. Recovering from a replica after a malware infection cn be hard as the changes get replicated to the target VM almost instantly if you are using CDP.

To recover from a Malware attack you’d be better off recovering files from the last know good backup.  The backups can be checked with sure backup and you can use secure restore to make a VM is cleaned of a zero day malware attack before it get recovered.


Unless I’m mistaken, I believe you can also create SureReplica jobs and have it scan the VM image for malware like you can in SureBackup.  Of course, you’ll need to have an up to date AV/Antimalware application to do the scanning, but it may be helpful in identifying malware sitting on the VM.

https://helpcenter.veeam.com/docs/backup/vsphere/surebackup_job_settings_vm.html?ver=110

You’re talking about Sure Restore feature

https://helpcenter.veeam.com/docs/backup/vsphere/av_scan_about.html?ver=110

 

SureRestore can do this, but I learned on the VeeamON Update Labwarz that you can do it on SureBackup jobs as well.  I double checked and it’s an option for doing SureReplica jobs as well since it’s the same wizard.

 

 


Unless I’m mistaken, I believe you can also create SureReplica jobs and have it scan the VM image for malware like you can in SureBackup.  Of course, you’ll need to have an up to date AV/Antimalware application to do the scanning, but it may be helpful in identifying malware sitting on the VM.

https://helpcenter.veeam.com/docs/backup/vsphere/surebackup_job_settings_vm.html?ver=110

You’re talking about Sure Restore feature

https://helpcenter.veeam.com/docs/backup/vsphere/av_scan_about.html?ver=110

 

SureRestore can do this, but I learned on the VeeamON Update Labwarz that you can do it on SureBackup jobs as well.  I double checked and it’s an option for doing SureReplica jobs as well since it’s the same wizard.

 

 

Sure, but if a file got encrypted at the source, and then get’s replicated to a target it’s still encrypted.  SureReplica can test the viability of failover and scan for malware but it won’t fix errors.  A backup copy might allow you to restore to a clean copy and find the malware that was sitting in the server for a bit before it got triggered.


Comment