Network and Storage Protocols

CIFS Shares and Antivirus Scanning?


Greetings -

If you are using a Netapp FAS device to replace windows servers utilizing CIFS shares how are you scanning those files on the Netapp CIFS side for viruses?



Hi Peter,

Here's TR-3107 which will provide you with the architecture best practices for doing Virus scanning in a NetApp CIFS environment.

Cheers, Tony


Thank you for the response. After reviewing the doc it appears that I will need several AV servers versus one. So I will have to ADD to our server inventory by creating even more AV servers ?


You will only need 2 vscan servers for redundancy.  These can easily be VMWare instances.

Virus scanning is much more efficient this way than they way it has to be done on windows.  Read the TR.  'vscan' functionality doesn't scan the entire filesystem like you have to do on Windows.  It just makes sure that new writes are scanned and that reads are scanned if the vscan server has newer virus definition files.

You will be able to manage 10's of TB with just 2 vscan servers.  You'll never get close to that using windows servers for file server, not to mention the extra server/power/heat load of having to dig through everything once a week.

The only really challenge is learning to tune your vscan software.




Has anyone configured Scanner Servers with Clustered Data ONTAP® 8.2 using the doc link specified


Basically we have a Filer configured with Clustered ONTAP 8.2 and trying to use McAfee Scanning solution, the McAfee side is configured with connector installed and ONTAP Management LIFs for polling configured but strugling with NetApp side of things. We have followed the guide but keep getting error -

10/31/2014         10:46:12:709       3224       Error      SCAN RESULT - : File to scan ="\\?\UNC\\ontap_admin$\restore_test\StorageCapacityIssues.pptx result is Error the file is locked and could not be scanned. Status Code 222200020


Will appreciate any advise.