If the data on your servers has been encrypted by ransomware, you can create restoration tasks to restore the encrypted data and reduce losses. This topic describes how to create a restoration task, view the task status, purchase additional anti-ransomware capacity, and delete backup data.

Prerequisites

Before your servers are attacked by ransomware, a protection policy is created and server data can be backed up as expected based on the protection policy. When you create a restoration task, make sure the following requirements are met:
  • The value of recoverable versions in the protection policy is not zero.
  • The Security Center agent is enabled.

Background information

Security Center backs up the server data based on the protection policy you have created. If you have used the recommended policy, you can select a version that has been backed up to restore the data on the current server.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Defense > Anti-Virus.
  3. On the Anti-Virus page, click Add anti-ransomware policies.
  4. On the General anti-ransomware solutions page, find the protection policy that is applied to a restoration task, and then click The Hide/Show icon.
  5. Find the server where data will be restored, and click Restore in the Actions column.Restore
    You can also click the number in the Recoverable Versions column to go to the Restoration page.The Recoverable Versions column
  6. On the Restoration page, set the following parameters: Select a restored version, Select a restored file, and Recovery directory address.Create a restoration task
    Sample values of the Recovery directory address parameter in a Windows and Linux system are as follows:
    • Windows: D:\Documents\Restore
    • Linux: /home/Restore
    Note The Recovery directory address parameter specifies the folder where you want to restore the server data. The backup data is restored in the cloud. After you create a restoration task, the files will be restored to the Recovery directory address. If the specified directory does not exist, Security Center cannot perform the restoration task. We recommend that you specify a valid directory.
  7. Click OK.
    After you create a restoration task, you will receive the following message: The Restore task is created.

Related operations

  • View restoration task status
    On the Restore Tasks tab, you can view the restoration task status, the total number of restored files, and the number of files that failed to be restored. If a restoration task fails, you can view the causes of the failure. If the restoration task fails due to an invalid directory, you must recreate a restoration task to restore data again. View restoration task status
  • Purchase additional anti-ransomware capacity
    Insufficient anti-ransomware capacity leads to backup failures. We recommend that you purchase sufficient anti-ransomware capacity to prevent backup failures. On the General anti-ransomware solutions page, you can view the used and total anti-ransomware capacity. To purchase additional anti-ransomware capacity, click Upgrade and specify the capacity on the Upgrade page. You can also delete backup files for additional space.Purchase additional anti-ransomware capacity
  • Delete backup files
    Note Deleted backup files cannot be restored. Proceed with caution.
    You can delete backup files that are no longer required. In the Recoverable Version pane, find the files that you want to delete and click Delete. After backup files are deleted, free space is released correspondingly.Delete backup files