ONTAP Discussions

c-mode antivirus

IANHOSKINSCNO
3,864 Views

I am trying to wrap my head around the on-access-policy for vscan in c-mode. I want to make sure that files are still served if anti-virus servers were to be unavailable. But looking at all the documentation I don't see an option for this.

According to documentation and support, the scan-mandatory flag means that it won't serve data if vscan servers are not available.
Their suggestion was to use the scan-ro-volume flag. Does this mean allow files from RO and RW volumes to be scanned, or just RO volumes? I am guessing the just RO volumes as the filter for on-access-policy can have multiple options selected.

 

Thoughts


https://library.netapp.com/ecm/ecm_download_file/ECMP1366832
page 1921

 

-filters {scan-mandatory|scan-ro-volume|scan-execute-access}, ...] - Filters

scan-mandatory - Enable mandatory scan. File access will be denied if there are no external virus-scanning servers available for virus scanning

scan-ro-volume - Enable scans for read-only volume.

scan-execute-access - Scan only files opened with execute-access (CIFS only).

By default, it is scan-mandatory.

 

 

1 REPLY 1

OhmR
3,028 Views

 

Vserver:cluster01
Policy: default_CIFS
Policy Status: off
Policy Config Owner: cluster
File-Access Protocol: CIFS
Filters: scan-mandatory
Max File Size Allowed for Scanning: 2GB
File Paths Not to Scan: -
File Extensions Not to Scan: -
File Extensions to Scan: *
Scan Files with No Extension: true

 

change previllage to  advacned mode 

 

cluster01:: set -privilege advanced

 

then you should be able change the filter value for on access policy 

 

cluster01::vserver vscan on-access-policy*> modify -vserver * -policy-name default_CIFS -filters "-"

 

you can verify it after changing 

 

cluster01::vserver vscan on-access-policy*> show -in

Vserver: cluster01
Policy: default_CIFS
Policy Status: off
Policy Config Owner: cluster
File-Access Protocol: CIFS
Filters: -
Max File Size Allowed for Scanning: 2GB
File Paths Not to Scan: -
File Extensions Not to Scan: -
File Extensions to Scan: *
Scan Files with No Extension: true

 

change previllage to  admin mode 

cluster01:: set -privilege admin

 

Public