In 7 Mode:
There are 2 options:
1) If speed of access is more important than safety:
We can turn scanning off for read-only access on the cifs share by setting "novscanread" on the share.
Virus scanning will not occur when clients open files on this share for read access.
2) If safety is more important than speed of access then we can keep the scanning on for read-only access.
In C mode :
Vscan File-Operations Profile for CIFS Share parameter specifies which operations performed on the CIFS share can trigger virus scanning
Profile: Type File Operations That Trigger Scanning
1) no_scan : None
2) standard : Open, close, and rename
3) strict: Open, read, close, and rename
4) writes_only : Close (only for newly created or modified files)
Use the default, standard profile.
To further restrict scanning options, use the strict profile. However, using this profile generates more scan requests and affects performance.
To maximize performance with liberal scanning, use the writes_only profile. This profile scans only the files that have been modified and closed.
Reference : https://www.netapp.com/us/media/tr-4286.pdf
When you said turning off “When files are opened for reading” does this mean you are using "novscanread" as the CIFS share property ?