AntiVirus on NetApp FAS3140 - needed?

javon7065 · ‎2011-09-09

Hello. We are new to the Netapp world. After recently setting up a new CIFS share, we saw that on the Share Options tab, there is and option to enable virus scanning on file accesses and when opening files (both boxes were checked by default). After doing some reading, I see that this needs to be setup with a third party product, to which the NetApp proxies files over to for scanning.

Is it recommended to use this option if the workstations that will be accessing the files already have AntiVirus installed that scans on file reads? I am wondering if the NetApp option is to provide for workstations that do not have AV installed or if it is recommended to stop the proliferation of a virus on the NetApp itself.

Thanks for any help.

Joe

scottgelb · ‎2011-09-09

A lot of our customers use their client based checking...some use the vscan AV which works well. McAfee, Sophos, Trend ,CA, Symantec all have versions for NetApp (and run two external vscan servers for redundancy, and it is recommended on a private network or vlan to keep av traffic separated). It is simple as enabling it with "vscan on" and typically "vscan options mandatory_scan off" to make the default still serve data if no vscan is available (the default is to not serve data if a scanner is not available). Often it is recommended to choose a vendor different from the workstation or server av vendor...so that one vendor might catch a virus the other might not. In reality with enterprise licenses it is free or little additional cost to keep the same vendor. By default all cifs shares have vscan enabled but you can set -novscan or -novscanread. If you have an app that doesn't need vscan... you can also create multiple shares to the same target...so if some users need vscan but others don't (a backup job for example or a copy job).