Backup

If Kaspersky Embedded Systems Security detects malicious code in a file while scanning a protected device, the application can block the file, assign the Infected status to it, place a copy in Backup, and attempt to disinfect the file.

Backup keeps copies of files that have been deleted or modified during disinfection. A backup copy is created before disinfecting or deleting the file. Backup copies of files are stored in a special format and do not pose a threat.

By default, the /var/opt/kaspersky/kess/common/objects-backup/ directory is used to store backup copies of files. This directory also stores quarantined files. You can change the directory for storing Backup and Quarantine objects using the command line.

Sometimes it is not possible to maintain the integrity of files during disinfection. If after disinfection, you partially or completely lose access to important information in a disinfected file, you can try restoring the file from the backup copy.

Restoring infected objects may lead to a device infection.

Backup file copies may contain personal data. Root privileges are required to access Backup objects.

You can configure quarantine settings on a device using a policy in the Web Console, in the Administration Console or using the command line. You can configure the following Backup settings:

• Storage time for objects in Backup. Objects are kept for 30 days by default.
• Maximum Backup size. Backup has an unlimited size by default.
• Path to the directory where Backup and Quarantine objects are stored (can only be configured on the command line).

When the specified retention period expires, or when the maximum Backup size is reached, the application automatically deletes the oldest backup copies regardless of their status.

You can delete the backup copy of a restored or unrestored file manually.

A general list of files placed in Backup by Kaspersky applications on client devices is generated in Kaspersky Security Center and is available in the Administration Console (Advanced → Repositories → Backup) and in the Web Console (Operations → Repositories → Backup). You can view the properties of files in backup storage on protected devices and delete files from it. Kaspersky Security Center does not copy files from Backup to the Administration Server; all files are stored in the Backups on protected devices. File restore takes place on the protected device.

To manage files in Backup in Kaspersky Security Center, you need to enable the transfer of data about files in Backup to the Administration Server.

In this Help section Configuring Backup settings in the Web Console Configuring Backup settings in the Administration Console Configuring Backup settings in the command line Working with Backup objects in the command line

Page top