> Software > Secure > Threat Scan

Commvault Threat Scan Requirements

The following Commvault Threat Scan requirements are for software-managed deployments and SaaS deployments where customer-managed storage is configured as a scan target.

Note

When Threat Scan plans are configured to use Commvault-managed storage (default configuration), the threat scanning infrastructure is fully provisioned and operated by Commvault; no additional infrastructure or deployment steps are required.

If you configure a plan to scan customer-managed storage (cloud or on-premises), you must deploy new access nodes or reuse existing backup access nodes with the required components, according to the software deployment requirements shown below or reuse existing backup access nodes.

License Requirements

  • Commvault Threat Scan license

Threat Scan Server Requirements

  • Set up a server used for scanning data.

  • For Windows VM workloads, set up a Windows Threat Scan server.

  • For Linux VM workloads, set up a Linux Threat Scan server.

Hardware Requirements

Component

System Limits

Source data size per node

200 TB

400 TB

Objects per node (estimated based on an average file size of 2 MB)

100 million

200 million

Average file size

2 MB

2 MB

CPU or vCPU

16 cores

32 cores

RAM

32 GB

64 GB

Index disk space 1

(SSD class disk recommended)

1 TB

2 TB

1 Not applicable for VM scans.

Note

  • File indexing and Threat Analysis processes do not recognize when backup operations are running on proxies. Because these processes are resource-intensive, they can negatively impact backup performance and delay job completion. To avoid performance issues, do not overlap proxies used for Threat Analysis jobs with those used for backup jobs. The access nodes defined at the Threat Analysis plan level should be different from the proxies configured for backups (defined at the hypervisor or VM group level).

  • To scale for larger configurations, you can add additional nodes, but you must ensure that the nodes are running the same OS. For more information, see Adding a Node to the Index Server.

  • The maximum size of file that can be analyzed is 50 MB.

  • This is not applicable for VM scans.

Software Requirements

Linux

  • Red Hat Enterprise Linux/CentOS 7.3 or a more recent version.

  • Rocky Linux 8.x, Rocky Linux 9.x

  • Ubuntu 22.04, Ubuntu 24.04

Windows

  • Windows Server 2016 or a more recent version.

Package Requirements

Deploy the following packages on Threat Scan servers:

  • Content Extractor

  • Index Gateway

  • MediaAgent

  • Threat Analysis

  • Virtual Server Agent

Virtual Server Agent Requirements

  • Threat Analysis supports Linux virtual machines (including FreeBSD) that use UFS and ZFS file systems via Ubuntu 24.x access nodes.

  • For ZFS file systems, Rocky Linux and RHEL access nodes are also supported. Ensure that ZFS is installed on any access node used for ZFS backups.

Advanced Requirements

For additional Threat Scan configuration information, see Commvault Threat Scan - Advanced Requirements.

×

Loading...