You can ensure clean recovery of your data by auto-quarantining threats, and quarantining suspicious files by marking them corrupt. This ensures that subsequent data recoveries will restore previous good versions of files, and eliminates the possibility of reinfecting the recovery targets.
Threats (for example, malware) that are detected by the system are automatically marked corrupt and then quarantined.
After you perform on-demand scans of a server, you can mark suspicious files (for example, unusual changes, high entropy, or hash changes) corrupt. These files will then be quarantined by the system.
Procedure
-
Run Commvault Threat Scan either by automatic or on-demand anomaly detection on a client.
-
In the Suspicious Files table in the Threat Indicators Report, click the down arrow next to a file path to see all file versions for a set of files.
-
To mark a version of a file as corrupt, click the action button
, and then click Mark corrupt.A confirmation dialog box appears.
-
Click Yes.