Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest
Please, try again later.
When upgrading to Veeam Backup & Replication 12.3, the installer's Configuration Check will display a warning advising:
The new Veeam Threat Hunter service scanning process might be interrupted by existing antivirus software on mount hosts. Please read KB1999 to set the appropriate exclusions.
To prevent interference from security software, the following folder should be excluded on all Mount Servers:
C:\Program Files\Veeam\Backup and Replication\Threat Hunter\
For details about other antivirus exclusions, please review the rest of this article.
The folder paths provided in this article are paths the software uses for day-to-day operations. During the deployment and updating of Veeam Backup & Replication or Veeam Backup Enterprise Manager, user and system temp folders (e.g., %temp%, C:\Users\<user>\AppData\Local\Temp\, or C:\Windows\Temp\) are used to store extracted installer data.
While relatively rare, security software may disrupt the installer, leading to deployment failure. Rather than excluding the entire temp folder from security monitoring, we suggest that should you encounter an installation or update issue that you believe is related to security software interference, a temporary deactivation of the security monitoring may be necessary to eliminate interruptions. Remember to reactivate the security software once the installation or update is completed.
HKLM\SOFTWARE\Veeam\Veeam Backup Catalog\
HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam NFS\
HKLM\SOFTWARE\Veeam\Veeam Backup Catalog\
If either Application-Aware Processing or Guest File System Indexing is enabled, the following folders will be used:
If the Malware Detection system's Enable inline entropy analysis option is enabled, and the Guest File System Indexing and Malware Detection guest processing option is enabled:
On SQL Servers, when SQL Server Transaction Log Backup is enabled, the following folder will be used:
If using Persistent Agent Components, the Veeam Guest Agent package will be installed.
When restoring files to the original machine or a different machine, the following folders are used:
Below is a list of packages that may be installed on machines assigned Backup Infrastructure Component roles (e.g., VMware Backup Proxy, WAN Accelerator, Windows Repository) and their associated AV exclusion requirements. Review which packages are installed on a given machine and create the AV exclusions based on which packages are installed.
All Windows-based components use the following folders:
Package names below are as listed within the Programs & Features list (appwiz.cpl).
Veeam Installer Service
Veeam Backup Transport
Veeam CDP Proxy
Veeam Backup vPowerNFS
Veeam Hyper-V Integration
Veeam Mount Service
Veeam WAN Accelerator Service
Veeam Remote Tape Access Service
Veeam Backup Cloud Gateway
Veeam Threat Hunter
Veeam Transaction Log Backup Service
Due to the high variability in how each Security solution operates and may be configured, some Linux Administrators may find that no exclusions are needed. Yet others may find that their security policies may necessitate specific exclusions. With that in mind, we strongly encourage Linux administrators to review their security software's logging closely when issues occur and adjust rules/policies accordingly.
Veeam Support has observed that the most common issues occur when Antivirus has been configured to tightly secure the /tmp/ directory, which in turn causes conflicts with Veeam's use of the path /tmp/Veeam/ . For example, a Veeam Agent for Linux backup job may display the error "POSIX: Failed to open file [/dev/veeamimage1]." This error can be misleading at first as the path shown in the error does not appear related to /tmp/Veeam/, but in fact,/dev/veeamimage is symlinked to /tmp/Veeam/{guid}/
Below is a preliminary list of folders and executables that Veeam Support has identified:
Your feedback has been received and will be reviewed.
Please, try again later.
Please try select less.
This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
Your feedback has been received and will be reviewed.
Please, try again later.