If Kaspersky Industrial CyberSecurity for Linux Nodes detects malicious code in a file while scanning a protected device, the application can block the file, assign to it the Infected status, place a copy in Backup, and attempt to disinfect the file.
Backup keeps copies of files that have been deleted or modified during disinfection. A backup copy is created before disinfecting or deleting the file. Backup copies of files are stored in a special format and do not pose a threat.
Sometimes it is not possible to maintain the integrity of files during disinfection. If after disinfection, you partially or completely lose access to important information in a disinfected file, you can try restoring the file from the backup copy.
Restoring infected objects may lead to a device infection.
Backup file copies may contain personal data. Root privileges are required to access Backup objects.
You can configure the following Backup settings:
When the specified retention period expires, or when the maximum Backup size is reached, the application automatically deletes the oldest backup copies regardless of their status.
You can delete the backup copy of a restored or unrestored file manually.
A general list of files placed in Backup by Kaspersky applications on client devices is generated in Kaspersky Security Center and is available in the Administration Console (Advanced → Repositories → Backup) and in the Web Console (Operations → Repositories → Backup). You can view the properties of files in backup storage on protected devices and delete files from it. Kaspersky Security Center does not copy files from Backup to the Administration Server; all files are stored in the Backups on protected devices. File restore takes place on the protected device.