ONTAP Discussions


On-Access vscan policy behavior when creating files



IHAC who wants to use on-access vsan policies with mandatory scan (ONTAP 9.1P5) and I would like to be sure about expected behavior whan AV servers are down.



Doc is not very verbose on expected behavior and just says that :

- standard profile triggers a scan for open, close and rename

- strict profile triggers a scan for open, close, read, rename

- write_only profile triggers a scan for close after modifcation.


When testing with all AV servers down, the customer is seeing that read and open files cannot be opened in all cases and file creation seems to be authorized.



I just want to be sure this behavior is normal (when scan is mandatory and AV servers down) , with standard or strict profiles.

- files can not be opened or read or renamed.

- files can not be modified (saved under the same name).

- new files can be created (by copying them from elsewhere)

- files can be modified when saved under a name, which means creating a new file.


With writes-only profile, files can be opened and modified (simple test using a notepad): I managed to modify a file without a problem, which is not normal IMHO.



Is this correct ?

Or is there a problem ?


Best regards






Re: On-Access vscan policy behavior when creating files



Hope this helps https://kb.netapp.com/support/s/article/ka11A0000001SRJ/cifs-read-reports-error-cant-read-from-source-file-or-disk-and-cifs-create-throws-get-error-a-...




If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Check out the KB!
NetApp Insights To Action
All Community Forums