Network and Storage Protocols

virus scan solution for nfs?



Does anyone here have a running virus scan solution for NFS volumes?  We have symantec for NAS handling the CIFS side of the house, but are looking for something to scan NFS mounted volumes.

- Scott




Same issue for us.

Currently I see no other solution than to use an external virus scanner host which runs the scan frequently on all files.

Definetly not the best solution.


- Gyuri -


The doc says no...

4.2 NFS Clients
Data accessed by UNIX® and NFS clients is not supported in this release and will not trigger a virus scan of
a requested file. The risk of virus attacks is low for UNIX and NFS data because few viruses are targeted at
platforms other than Windows.



Thanks Brendon. I have read that document, which is what brought me to

the question of what people would do? Mount your NFS exports on a *nix

system and use something like ClamAV to scan items? Share out the NFS

volume via CIFS as well so SAV for NAS can used? Kind of a

configuration headache.

If you have an FTP site hosted on a *nix system with the FTP root on

NetApp storage how does one make sure those files placed there by the

general public are safe before bringing them into the corporate network?

This is a pretty old post so I am hoping that this is still not the case. Regardless of what OS a virus is written for, you should not overlook the need for the ability to scan NFS volumes. Remember, these are shared storage devices. Some companies use this space for hosting web pages. All sorts of files and code are stored and should be scanned before being stored so that when they are called upon by a client system, they are not spreading infected files that they have been harboring. To add, just because there is not a lot of viruses for unix based OS's, does not mean tomorrow there will not be dozens more. If you look at Mac OS, they have touted that they do not get viruses. Well since they bragged, they have had hundreds of new viruses written for them. I think that your dev team at NetApp needs to be a little more forward thinking before they too get caught with their pants down.

Would be good to see some sort of av solution native to ontap as a add-on. Wishful thinking?