Network and Storage Protocols

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

vscan extensions and Scan Engine, which extension list is being followed?

mdvillanueva
‎2012-04-23 11:15 AM
6,744 Views

Hi Experts,

We are currently using Symantec Scan Engine to scan our CIFS environment in Netapp.  I have a few questions, I hope someone can shed some light.

1. I run command vscan and see the list of extensions we scan. I can also see in the Scan Engine configuration that there is a list of extensions to scan. Which one is being used? those in vscan extensions or the one in Scan Engine?

2. Does nfs volumes get scanned also? I would rather not.

thanks,

Maico

0 Kudos
View By:
6 REPLIES 6

scottgelb
NetApp A-Team
‎2012-04-23 11:30 AM
6,744 Views

I made a 1 page cheat sheet on vscan for our customers a while ago (attached).  CIFS only (unless that changed) and ONTAP will send scan requests for the extensions listed..shouldn't get to the scan engine at all if not in the ONTAP list.

NetApp+VSCAN+1+pager.pdf
Preview file
285 KB

mdvillanueva
‎2012-04-23 11:42 AM
In response to scottgelb
6,744 Views

Thank you Scott!

Maico

0 Kudos

mdvillanueva
‎2012-04-23 02:34 PM
In response to scottgelb
6,744 Views

Scott,

If I used ‘do?’, will it scan doc and docx

Maico

0 Kudos

scottgelb
NetApp A-Team
‎2012-04-23 03:40 PM
In response to mdvillanueva
6,744 Views

According to this KB, yes it will http://support.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=81989    The "do?" will check the first 3 characters only... both doc and docx meet the criteria.  To get the fourth character there is a list of bug fixes at the kb that support this, but you can use do? for the list to get both file types.

0 Kudos

mdvillanueva
‎2012-04-24 01:16 PM
In response to scottgelb
6,744 Views

Thanks Scott.

I was reading documentation of vscan and it mentioned this.

For example, putting C?? into the extension list would cause the filer to scan the files ABC.C, ABC.CPP, ABC.C++, ABC.CPLUS and so on.

For example, putting C? into the extension list would cause the filer to scan the files ABC.C, ABC.CP and so on; but not ABC.CPP

So I am confuse as to whats the real deal. My question is, which is a better practice? Using the inclusion or exclusion? Using exclusion seems more ideal because it means you don’t have to keep track of all extensions that are introduced in your network. You only have to know what you want to exclude.

Maico

0 Kudos

scottgelb
NetApp A-Team
‎2012-04-24 01:20 PM
In response to mdvillanueva
6,744 Views

I agree… exclusion is most often easier. The guide is correct with any match in the ? character position you list will match regardless of what follows but any extension matching that placeholder and prior fixed value.

0 Kudos
Announcements
All Community Forums
Public