Disaster Recovery (DR) backups can be protected against ransomware attacks, by ensuring that ransomware is enabled on all the folders or entities associated with DR backups.
When a DR backup is started, it is executed using the following 2 phases:
-
Export phase, in which a metadata backup of the SQL databases is copied to an export destination on local or network path.
Ransomware protection for this export destination, both local or UNC/mount path, is by default, enabled on Windows and must be manually enabled on Linux. For more information, see Protecting DR Backup Folders from Ransomware.
-
Backup phase, in which the metadata available in the default staging directory in the CommServe along with the configured log files, are backed up using the DR storage policy.
For ransomware protection of the DR backup, make sure that Ransomware is enabled on the MediaAgent associated with the DR storage policy. For more information, see Protecting Mount Paths from Ransomware.