ONTAP Discussions

On-Access vscan policy behavior when creating files




IHAC who wants to use on-access vsan policies with mandatory scan (ONTAP 9.1P5) and I would like to be sure about expected behavior whan AV servers are down.



Doc is not very verbose on expected behavior and just says that :

- standard profile triggers a scan for open, close and rename

- strict profile triggers a scan for open, close, read, rename

- write_only profile triggers a scan for close after modifcation.


When testing with all AV servers down, the customer is seeing that read and open files cannot be opened in all cases and file creation seems to be authorized.



I just want to be sure this behavior is normal (when scan is mandatory and AV servers down) , with standard or strict profiles.

- files can not be opened or read or renamed.

- files can not be modified (saved under the same name).

- new files can be created (by copying them from elsewhere)

- files can be modified when saved under a name, which means creating a new file.


With writes-only profile, files can be opened and modified (simple test using a notepad): I managed to modify a file without a problem, which is not normal IMHO.



Is this correct ?

Or is there a problem ?


Best regards









Hope this helps https://kb.netapp.com/support/s/article/ka11A0000001SRJ/cifs-read-reports-error-cant-read-from-source-file-or-disk-and-cifs-create-throws-get-error-a-...




If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner