Remove the early Ransomware detection feature in the Cristie VA
Cristie Software have applied technologies to provide advanced file anomaly detection, which can take place within the system recovery and replication process to help combat Ransomware.
This can be disabled if not required within the environemnt. For full details of the technology, please see: https://www.cristie.com/news/ransomware-detection-and-enhanced-recovery-now-included-in-the-cristie-software-recovery-and-replication-portfolio/
To disable the feature go to:
Options / Discovery settings
Set the ‘Ransomware Scan Interval’ setting to ‘0’ (zero)
Once disabled, the feature is disabled and the icons in the GUI relevent to ransomware detection are removed.
Disabling Ransomware can also be done in the VA terminal via putty.
Log into the VA over ssh
Run the below command
sed -i ‘s/^.ransomware_watchdog.$/# &/’ /usr/sbin/discovery_service
Restart the VA services
restart_services
(restarting the services will stop all processes in the VA, including replications, updates, deployments etc.)
Supported in version 4.8 of the Cristie VA.