Subscribe

VSCAN - excluding IP or the username

ONTAP allows to exclude a specific share from AV scanning as well as specific file extensions on a given SVM.
Is it possible to exclude a specific client IP address or a specific domain user from scannig?

The point is we are deploying an application that will be accessing lots of files on the NAS and we need to bypass AV scanning.

 

 

Re: VSCAN - excluding IP or the username

Hi

 

i don't think you can have any other type of filer side exclusion except of type and size and share.

if the app is only reading it may be sensible to do scan only on writes / close.

 

how about creating dedicated share for the app to access via (to the same dataset) ?

 

Gidi

Re: VSCAN - excluding IP or the username

Hi Gidi,

 

Thanks for your comment.

 

We would like to avoid any AV scans for the requests made by the app, also for the read-only ones.

I was also thinking about the dedicated share for the app, but the problem is the app is going to scan all the data on the filers. All the shares. Therefore I would have to create another instance of every share I have in the environment, append something like "-noscan" to the share name, allow access only for the app and disable scanning on those new shares. We have many many thousands of shares so will not work.


One option I have in mind is to utilize "ONTAP_ADMIN$" share.