If ransomware protection is enabled for a MediaAgent and the MediaAgent receives a ransomware attack, you can recover the disk mount paths that are attached to the MediaAgent after the attack. See Enabling Ransomware Protection on MediaAgents.
Before You Begin
-
Before you start the MediaAgent recovery process, gather the following information:
-
A list of all the DDBs that have partitions on the MediaAgent
-
A list all the DDBs that are associated with the disk library mount paths on the MediaAgent
-
A list all the non-deduplication storage policies that are associated with the disk library mount paths on the MediaAgent
-
-
For all the DDBs with partitions on the MediaAgent, if any of these active partitions are corrupted by the ransomware attack, then an automatic DDB reconstruction job is attempted by the system.
Note
Automatic reconstruction will not start on partitions of sealed DDBs. In case, you have a sealed DDB, wait for the remaining jobs on the sealed DDB to meet the configured retention and allow for macro pruning. You may contact the Customer Support if you want to reconstruct a sealed DDB.
Procedure
-
Verify that all the DDBs that are associated with the disk library mount paths on the MediaAgent are marked online.
-
Run a full data verification operation on each DDB.
For more information about running a data verification on deduplicated data, see Performing a Data Verification Operation on Deduplicated Data.
-
Run a data verification job on all non-deduplication storage policies that are associated with the disk library mount paths.
-
If the DDB reconstruction fails, then run the Start over operation.