Disable ransomware detection from VA

Disable ransomware detection feature in the Cristie VA

Cristie Software have applied technologies to provide advanced file anomaly detection, which can take place within the system recovery and replication process to help combat Ransomware.

This can be disabled if not required within the environment. For full details of the technology, please see: https://www.cristie.com/news/ransomware-detection-and-enhanced-recovery-now-included-in-the-cristie-software-recovery-and-replication-portfolio/

To disable the feature go to:

Options / Discovery settings

Set the ‘Ransomware Scan Interval’ setting to ‘0’ (zero)

Once disabled, the feature is disabled and the icons in the GUI relevant to ransomware detection are removed.

It can also be disabled in the shell

sed -i ‘s/^.ransomware_watchdog.$/# &/’ /usr/sbin/discovery_service

Then restart the services (restarting the services will refresh appache and discovery of systems/backup servers etc)


Supported in VA version 4.8 onwards