You can enable ransomware protection on a Windows MediaAgent.
Considerations
-
On Linux MediaAgents that have access to a disk library mount path, you must enable ransomware protection manually. For more information, see Ransomware Protection for Disk Libraries on a Linux MediaAgent.
-
Ransomware protection is enabled by default on all Windows MediaAgents that have access to a disk library mount path.
-
If ransomware protection is disabled on Windows MediaAgents that have a disk library association, index cache, or deduplication database, it is automatically re-enabled after 24 hours.
-
Review the following considerations for multi-instancing support on Windows MediaAgents:
-
All instances must operate on the same Service Pack level to maintain compatibility and system stability.
-
Starting with Long-Term Support Release 11.40, the ransomware protection driver is automatically loaded on systems where the MediaAgent package is installed. Disabling ransomware protection does not unload the driver. Instead, the driver remains loaded but does not receive any paths for protection. This behavior ensures that process tracking is maintained to support driver-based process registration and whitelisting. Unloading the driver would remove tracking of existing processes.
-
On systems with multiple Commvault instances that have the MediaAgent package installed:
- The ransomware protection driver supports a maximum of 10 concurrent ports.
- Each instance requires a minimum of two ports.
-
To avoid reaching this limit, do not configure more than three Commvault instances with MediaAgent packages on the same Windows computer.
-
If this limit is exceeded:
- Some processes might fail to register with the driver.
- The driver might block unregistered Commvault processes.
-
This limitation applies only to Windows computers where multiple Commvault instances with MediaAgent packages are installed.
Procedure
-
From the navigation pane, go to Manage > Infrastructure.
The Infrastructure page appears.
-
Click the MediaAgents tile.
The MediaAgents page appears.
-
Click the MediaAgent.
-
In the Control section, move the Ransomware protection toggle key to the right.
For a Linux MediaAgent, the toggle key is disabled and displays the status of ransomware protection.
Additional Information
Administrative shares pose a security vulnerability and if you have an existing disk library mount path configured to use an administrative share, reconfigure the share using a dedicated share. For more information, see Reconfiguring Mount Paths that Use Administrative Share.