Creating a New Threat Scan Plan

You can configure a new Threat Scan plan.

Start the Wizard

1. From the Command Center navigation pane, go to Security services > Threat scan.

   The Threat Scan page appears.

   The Plans tab shows all existing plans.

   

2. Click Create plan at the top of the page.

   The Create Threat Scan Plan wizard appears.

General

1. Enter a Plan name.

2. Click Next.

   The Configuration page appears.

Configuration

1. Anomaly detection is enabled by default and cannot be disabled. It automatically monitors backup metadata and file attributes to identify suspicious or unusual activity patterns.

2. For Threat detection, select from the following:

   • Encryption detection. Scans backups for encrypted files and ransomware threats.

   • Malware detection. Scans backups for known malware signatures to identify threats.

3. Click Next.

   The Compute page appears.

Compute

1. Either select Commvault included storage, or select Bring your own compute to use your own computing resources to run Threat Scan scans.

2. For Storage, select the storage to use.

3. For Access nodes. Either select an existing access node, or click the Add button and then add a new access node.

4. Click Next.

   The Advanced Options page appears.

Advanced Options

1. To create a schedule for the plan, click the Edit button and then enter criteria for the schedule.

2. If you enable the Auto scan anomalous resources only option, resources flagged as anomalous are scanned automatically.

3. Click Submit.