5 1 0:Performing a Virus Scan Before Single File Restore

From SEPsesam
Revision as of 11:23, 23 May 2023 by Jus (talk | contribs) (Marked this version for translation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


Welcome to the latest SEP sesam documentation version 5.1.0 Apollon. For previous documentation version(s), check documentation archive.


Overview


SEP sesam introduces a new feature that enables a virus scan on selected files before initiating a Single File Restore. With new malware continuously emerging, an increasing number of viruses and malicious programs are typically identified each day. By performing a virus scan with the latest Virus Database (VDB) before starting the restore, SEP sesam effectively prevents restoring any known infections that might have gone undetected during the backup process.

To detect various forms of malicious content, SEP sesam utilizes the IKARUS scan.server technology, which integrates the proprietary IKARUS scan.engine.

SEP sesam currently supports the virus scan feature on Windows only. It is available during Single File Restore for Path and VMware vSphere backup types. To conduct the virus scan, the saveset must be directly mounted to the SEP sesam server. This restriction ensures optimal scanning efficiency and accuracy. However, it is important to be aware that conducting a virus scan on a large number of items during the restore can lead to significant performance degradation.

IKARUS scan.server requirements and limitations

  • The functionality of the IKARUS scan.server relies on web access to perform scans using the latest Virus Database (VDB). In forthcoming versions, an update mechanism will be introduced to allow network-restricted IKARUS scan.servers to update their VDB by utilizing a second online scan.server as a proxy.
  • The IKARUS scan.server imposes a file size limit of less than 512 MB. This threshold can be altered on the scan.server, but that can result in additional performance loss. The feature to exclude files exceeding the threshold size has not yet been implemented, meaning that oversized files are still uploaded for scanning.

For more information on IKARUS scan.server functionality and limitations, refer to IKARUS antivirus software.

Configuring the IKARUS scan.server component

To configure the IKARUS virus scan feature, you need to first install the IKARUS scan.server and then prepare the SEP sesam Server.

Prerequisites

The following prerequisites must be met:

  • SEP sesam Server v. ≥ 5.1.0.5 Apollon is required.
  • IKARUS scan.server version ≥ 6.0.26.0 is required.
  • The IKARUS scan.server needs to be reachable over network from the SEP sesam Server. Check requirements of the IKARUS scan.server on the IKARUS scan.server download portal.

Installing IKARUS scan.server

Download the IKARUS scan.server installation package from the IKARUS scan.server download portal and follow the installation and setup instructions to install the IKARUS scan.server.

Preparing SEP sesam Server

On the SEP sesam Server perform the following procedure:

  1. Open Windows Explorer and go to <SESAM_ROOT>\skel\templates (default location is C:\Program Files\SEPsesam\skel\templates).
  2. Copy the files sm_sbc_restore_pre.ps1 and sm_sfr_scan.ps1 to <SESAM_ROOT>\bin\sesam.
  3. Open the pre script <SESAM_ROOT>\bin\sesam\sm_sbc_restore_pre.ps1 as Administrator and enter the IP address or hostname of your IKARUS scan.server in the following line (replace the variable <IKARUS_hostname> with actual hostname or IP address):
  4.  .\sm_sfr_scan.ps1 -SELFile $sel$rtask.sel -ScanServer <IKARUS_hostname>
  5. Save the changes.

Performing a virus scan during Single File Restore

Use the Restore Assistant to perform the Single File Restore vith virus scan. You can access the Restore Assistant in one of the following ways:

  • via the GUI: by clicking the Restore Assistant icon in the toolbar or from Activities -> Restore Assistant
  • from SEP sesam Web UI: left menu -> Restore Assistant
  • or by entering the following address in the browser bar: http://[sesamserver]:11401/sep/ui/restore/.

The virus scan restore options are only available in advanced restore mode. The following procedure describes only steps and options that are specific for performing virus scan before restore. For more details on how to configure a restore task in the SEP sesam GUI, see the Standard Restore Procedure.

  1. Open the Restore Assistant in the browser.
  2. In the start window, select the required backup task type and select the Advanced View checkbox. Click Next.
  3. Select the client you want to restore and click Next.
  4. Select what you want to restore and check the Single file restore option. Click Next.
  5. Mount the virtual disks in filesystem. Click Mount on RDS, select your SEP sesam Server from the list and click Mount this backup in filesystem.
    Note
    It is mandatory to select the SEP sesam server as the mount target. Selecting a different RDS is currently not supported.
  6. In the Select Files dialog, only the mounted VMDK drives are shown (the local drives are not displayed). Select the files you want to restore and click Next.
  7. Select the target settings as required and click Next.
  8. In field Options for restore (server-side) enter exec-virus-scan and click Next.

  9. Start the restore.

Monitoring restore

You can monitor the restore progress using the Web UI (Monitoring -> Restores) or view the status in the GUI (Main Selection -> Job State -> Restores). The restore overview provides detailed information on the last run of restore jobs, including task name, status (successful, error, in queue...), start and stop time of the last backup, data size, throughput, etc. For details, see SEP sesam Web UI or Restores by State in the GUI.


See also

VMware Single File Restore - Restore Assistant - Standard Restore Procedure - SEP sesam Web UI

Copyright © SEP AG 1999-2024. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.