Solved: Block some files related to CryptoLocker from ONTAP shares

ErikSteffensen · ‎2016-10-17

Hi

IHAC who wants to block some files related to CryptoLocker from ONTAP shares. It seems he can do that with native FPolicy, but they would like to be notified as well. Does anyone know if it's possible to find the block info in any log files and if it can be forwarded in any way?

Rgs Erik

hariprak · ‎2016-10-19

Hi,

fpolicy & vscan have the ability to call out to 3rd party applications which are compatible, such as antivirus, change management systems, etc.
Internal engine functionality is limited to things like blocking certain extensions, or simple logging.

Please refer below links for more details

https://community.netapp.com/t5/Technology/FPolicy-in-Clustered-Data-ONTAP/ba-p/82687

https://www.reddit.com/r/sysadmin/comments/3m52l1/cryptolocker_file_screening_when_using_netapp_cifs/

Thanks

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

hariprak · ‎2016-10-19

Hi,