"mandatory on" feature on VSCAN caused us a few time share access accidents when we lost connections to both scanners. just wonder if we can safely disable it, or we have other work around? believe we should scan the files on "write", by default, we have scan on "read", we have NAS replication in place, not sure this type of replication read traffic will trigger the scan activities? is the scan server talking to cluster with certificate? we lost connections to scan server when we had certificate issue.
... View more
My Security & Risk Oversight Director is asking how we can "install" Crowdstrike on NetApp - knowing that is not realistically possible. But the true ask here is, how do we protect the NetApp OS (ONTAP/Free BSD) using established Endpoint Detect & Response (EDR) or Managed Detect & Response (MDR) solutions? Our organization uses CrowdStrike Falcon. So I'm being asked to check with NetApp and other relevant vendors if they allow for the installation of EDR tools like CrowdStrike Falcon or are there established solutions to meet this need? Thank you in advance!
... View more
Hello all, Ontap 9.13.1 After enabling native fpolicy we encountered some quiestions: 1) How do we modify the disallowed extensions file. The current kb is a bit unclear about that. 2) After modifying the above file, how do we make sure this is the version used on all enabled svms. 3) What is the path of the original disallowed extensions file?
... View more
Hi, has anyone tried enabling SSO for Unified Manger in Azure Idp what are the SAML assertions values and claim rules that needs to be configured. any idea?
... View more
Dear Community, We would like to set up a separate role for our trainees on our cluster. This role should - Enable read-only access to the entire cluster - Complete access to a dedicated Test_SVM that is available for training purposes It is often said, that this is not possible for a specific SVM, but there is even a KB article that can serve as a basis for this ("How to set up and configure RBAC in ONTAP to limit administrator access to specific volumes or SVMs" From <https://kb.netapp.com/on-prem/ontap/Ontap_OS/OS-KBs/How_to_set_up_and_configure_RBAC_in_ONTAP_to_limit_administrator_access_to_specific_volumes_or_SVMs#>) The problem with this, however, is that when creating the role for ’-cmddirname DEFAULT -access readonly’ for the special Test_SVM “readonly” is not possible, but “none” is always suggested: FASxxxxx::> security login role create role -role Restricted_Azubi_Role -cmddirname DEFAULT -access readonly -query ‘’ -vserver SVM_TESTxxxxx Error: command failed: The only valid value for access is ‘none’ for a Vserver role when the specified command directory is ‘DEFAULT’ FAS27501::> What am I doing wrong? Any ideas? Many thanks and best regards Michael
... View more