No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V300R005C00 File System Feature Guide 11

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
InfoScanner Configuration

InfoScanner Configuration

This section describes the process for configuring InfoScanner to protect CIFS or NFS shared directories from virus attacks. The process includes the following steps: install Antivirus Agent Software on antivirus servers, configure antivirus servers, add scan authentication users to AntivirusGroup, create a shared root directory, configure antivirus service parameters, create scan policies, and configure scan directories.

Configuration Process

This part describes the process of configuring InfoScanner for the first time.

  • Figure 8-20 shows the configuration process.
    Figure 8-20  InfoScanner configuration process
    Table 8-9 describes the steps.
    Table 8-9  Description of InfoScanner configuration steps

    No.

    Operation

    Description

    1

    Install Antivirus Agent Software.

    The Antivirus Agent Software triggers antivirus servers to scan files in shared directories.

    2

    Configure antivirus servers.

    Configure antivirus servers and check the connectivity between OceanStor 9000 and antivirus servers.

    3

    Add scan authentication users and antivirus servers to AntivirusGroup.

    Add scan authentication users (AD domain users) and antivirus servers to AntivirusGroup (a local authentication user group).

    4

    Create a CIFS share for the root directory.

    Antivirus servers only support access to scan directories using the CIFS protocol. To ensure that antivirus scanning can be implemented for NFS shared directories in the storage system, you need to create a CIFS share for the root directory (/). Only after a CIFS share is created for the root directory, can antivirus servers obtain the share names of periodical scan directories to implement antivirus scanning.

    5

    Set antivirus service parameters.

    Enable the antivirus service, and enter an isolation directory, share name of the isolation directory, and share name of the root directory. The system will create an isolation directory and the share of this isolation directory based on the input values.

    6

    Create a scan policy.

    You can select default scan policy Default or create a new scan policy and set its parameters including Non-scan Period, Excluded File Types in Scan, and Max. File Size for Scan.

    7

    Configure scan directories.

    You can configure a scan directory as a real-time or periodical scan directory and configure a scan policy for the scan directory.

  • Table 8-10 lists the preparations for the configuration.
    Table 8-10  Configuration preparations

    No.

    Item

    1

    Confirm the account and password for logging in to DeviceManager.

    2

    Confirm the number of antivirus servers to be configured and collect their IP addresses.

    3

    Confirm the AD domain account and password of the scan authentication user.

    4

    Confirm information about the directories to be scanned, including the scan type (real-time or periodical).

    5

    Confirm the scan policy for each scan directory:
    • Non-scan Period
    • Excluded File Types in Scan
    • Max. File Size for Scan

    6

    After installing Antivirus Agent Software on antivirus servers, contact antivirus software providers to install antivirus software on antivirus servers.

Installing Antivirus Agent Software

Installed on antivirus servers, the antivirus agent software simulates the scenario where users open shared files to trigger the virus scan function of the antivirus software.

Prerequisites

  • The login account and password of the antivirus server have been obtained.
  • The login account and password of DeviceManager have been obtained.
  • The .NET Framework 3.5.1 has been installed on the antivirus server.

Procedure

  1. Go to the antivirus agent software download page.
    1. Log in to DeviceManager on the antivirus server.
    2. Choose Settings > InfoScanner > Antivirus Server.

      The Antivirus Server page is displayed.

  2. Download the antivirus agent software.
    1. In the lower area of the Antivirus Server page, click Download.

      The security alert dialog box is displayed.

    2. Carefully read the content of the dialog box and select I have read the warning message carefully.
    3. Click OK. The system starts downloading the software installation package of the antivirus agent software.
  3. Decompress the installation package and double-click AntivirusAgentSetup.exe. Then install the antivirus agent software as prompted.

Adding an Antivirus Server

This operation allows you to add an antivirus server that is connected to the storage system.

Prerequisites

  • Antivirus software and antivirus agent software have been installed on the antivirus server to be added.
  • The antivirus software and its antivirus agent software are running correctly and the network communication between them and the storage system is normal.

Context

The number of the deployed antivirus servers is the same as the one of nodes in the storage system. A maximum of 32 antivirus servers can be deployed for one storage system.

Procedure

  1. Log in to DeviceManager.
  2. Optional: Configure the Network Time Protocol (NTP) service.

    NOTE:
    The time difference between the antivirus server and cluster cannot be greater than 5 minutes. If the time different between them is greater than 5 minutes, you cannot configure the antivirus server, antivirus service parameters, scan policies, and scan directories.

  3. Choose Settings > InfoScanner > Antivirus Server.
  4. Add an antivirus server.
    1. Click Add.

      The Add Antivirus Server dialog box is displayed.

    2. Set antivirus server parameters.

      Table 8-11 describes related parameters.

      Table 8-11  Antivirus server parameters

      Parameter

      Description

      Value

      Name

      Name of the antivirus server.

      [Value range]

      • Contains 1 to 127 characters.
      • Contains only letters, digits, underscores (_), hyphens (-), and periods (.).
      • Must be unique.

      [Example]

      AVServer001

      Vendor

      Vendor of antivirus software installed on the antivirus server. Currently, only Rising antivirus software is supported.

      [Example]

      Rising

      IP Address

      IP address of the antivirus server. Currently, only the IPv4 address is supported.

      [Example]

      192.168.1.100

      Port

      Number of the port on the antivirus server used to communicate with the storage system.
      NOTE:
      • You can click Test to test whether the network communication between the storage system and antivirus server is normal. Please refer to the relevant alarm for fault location if you are prompted that the antivirus server can not be connected.
      • The configured port number must be the same as the one used by the antivirus agent.

      [Value range]

      The value is an integer from 1 to 65,535.

      [Example]

      26,810

  5. Confirm the adding of the antivirus server.
    1. Click OK.

      The Success dialog box is displayed, indicating that the operation succeeded.

    2. Click OK.

Follow-up Procedure

After the antivirus server is added, you can configure antivirus processing policies on the antivirus software installed on the server.

Adding Scan Authentication Users and Antivirus Servers to AntivirusGroup

When scan authentication users trigger antivirus scanning, you need to add scan authentication users and antivirus servers to AntivirusGroup. You can observe the following procedure to complete the addition.

Prerequisites

  • Scan authentication users which are also AD domain users have been created.
    NOTE:
    For details about how to create AD domain users, see Appendix C Setting Up an AD Domain Environment > Creating AD Domain Users and Groups in File System Administrator Guide.
  • Antivirus servers and OceanStor 9000 have been added to the AD domain.

Context

  • An AntivirusGroup is the default local antivirus authentication user group used to authenticate scan authentication users. It cannot be changed.

Procedure

  1. Add an antivirus server to AntivirusGroup.

    NOTE:
    All configured antivirus servers need to be added to the AntivirusGroup.

    1. Log in to an antivirus server.
    2. Click Start. Right-click Computer and choose Properties.
    3. In the Computer name,domain, and workgroup settings area of the System window, record Computer name and domain.
    4. Log in to DeviceManager.
    5. Choose Provisioning > User Authentication > Local Authentication User Group.
    6. Click AntivirusGroup and click the Domain User tab on the lower part of the page. Click Add. The Add Domain User dialog box is displayed.
    7. Set Name to domain\Computername$ and click Add.

      $ indicates that the domain user is a device but not an AD domain user.

    8. Confirm the information and click OK. The antivirus server is added to the AntivirusGroup successfully.
  2. Add a scan authentication user to AntivirusGroup.
    1. Log in to DeviceManager.
    2. Choose Provisioning > User Authentication > Local Authentication User Group.
    3. Click AntivirusGroup and click the Domain User tab on the lower part of the page. Click Add. The Add Domain User dialog box is displayed.
    4. In Name, enter the name of a scan authentication AD domain user and click Add.
    5. Confirm the information and click OK. The scan authentication user is added to the AntivirusGroup successfully.

Creating a CIFS Share for the Root Directory

This operation enables you to create a CIFS share for the root directory.

Context

Antivirus servers only support access to scan directories using the CIFS protocol. To ensure that antivirus scanning can be implemented for NFS shared directories in the storage system, you need to create a CIFS share for the root directory (/). Only after a CIFS share is created for the root directory, can antivirus servers obtain the share names of periodical scan directories to implement antivirus scanning.
Scan authentication users in AntivirusGroup have full control. Risks exist if you create a CIFS share for the root directory (/). Security of the shared data is threatened if any scan authentication user account is lost. Ensure that the accounts are safe.

Procedure

  1. Log in to DeviceManager.
  2. Choose Provisioning > Create Share.
  3. Create a CIFS share for the root directory.
    1. Select CIFS (Windows/MAC) for Share Type and / for Share Path, and click Next.
    2. In Share Name, enter a share name. You do not need to set Users/User Groups and Permission Level. Retain default values for other parameters.

      Figure 8-21  Creating a CIFS share for the root directory

    3. Click Next. On the dialog box that is displayed, click OK. A CIFS share is created successfully for the root directory.

Setting Antivirus Service Parameters

This operation allows you to set parameters required by antivirus servers to scan for viruses for scan directories.

Prerequisites

  • At least one antivirus server has been configured and it is running correctly.
  • The static domain name has been configured. If no static domain name is configured, configure one by performing the following procedure:

    Choose Settings > Cluster Settings > InfoEqualizer > Basic Information.

  • A CIFS share whose share path is the root directory (/) has been created. If no common Internet file system (CIFS) share is configured, configure one by performing the following procedure:

    Choose Provisioning > Create Share.

Context

  • The antivirus software uses the static domain name of the antivirus server and CIFS share name to access shared directories in the storage system in CIFS mode.
  • Currently, storage systems do not allow antivirus software to access shared directories using NFS. Therefore, the share names of root directories must be the names of CIFS shared directories whose share paths are root directories (/). In this way, NFS shared directories can be accessed indirectly.
  • By default, the storage system uses accounts in local authentication user group AntivirusGroup as authentication accounts for the antivirus software to access the storage system.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > InfoScanner > Scan Service.
  3. Configure the antivirus scan service.
    1. Click Enable the antivirus service to enable the antivirus scan service.

      NOTE:
      If you deselect Enable the antivirus service and save the settings, the antivirus scan service is stopped.

    2. In the Configuration Parameter area, configure related parameters.

      Table 8-12 describes related parameters.

      Table 8-12  Antivirus scan service parameters

      Parameter

      Description

      Value

      Isolation Path

      Archive path of shared files infected with viruses. The isolation path must be a newly created level-1 directory. The isolation path cannot be changed. The system will automatically create a CIFS share whose share path is the isolation path.
      NOTE:

      After the isolation path is configured, configure the same isolation path on the antivirus software and restart the antivirus server.

      [Example]

      /test001

      Isolation Directory Share Name

      Name of the CIFS share whose share path is the isolation path. The parameter value must be different from share names of other directories.

      [Example]

      isolatePath

      Root Directory Share Name

      Name of the CIFS share whose share path is the root directory (/).

      [Example]

      RootDirShare

      Subnet Name

      Please select a subnet. Real-time scan is not implemented for storage nodes that do not reside on the selected subnet. You can choose Settings > Cluster Settings > InfoEqualizer > Subnet Management to create a subnet.

      [Example]

      default

    3. Optional: In the Configuration Parameter area, click View scan authorization users/user groups to view whether antivirus user group AntivirusGroup contains AD domain users.

      If no AD domain users are contained, go to Choose Provisioning > User Authentication > Local Authentication User Group. add AD domain users to antivirus user group AntivirusGroup.

  4. Click Save.

    The Execution Result dialog box is displayed indicating that the operation succeeded.

  5. Click Close.
  6. Create the AntivirusAgent.ini file and write the isolation path into it.
    1. Log in to the antivirus server.
    2. Choose Local drive (C:)\Windows.
    3. Choose Organize > Folder and search options. In the Folder Options dialog box, click the View tab and ensure that Hide extensions for known file types is not selected.
    4. Right-click a blank spot and choose New > Text Document. Change the text name to AntivirusAgent.
    5. Open the AntivirusAgent file and write the content as shown in Figure 8-22 to the file (A indicates the static domain name of InfoEqualizer and B indicates the isolation path.) Click Close and then Save.

      Figure 8-22  Content written to the AntivirusAgent file

    6. Right-click the AntivirusAgent file and choose Properties. On the General page, change the file type to .ini. Click OK and then Yes.
    7. To ensure that the Antivirus Agent Software can access the isolation path, restart the Antivirus Server.

Follow-up Procedure

By default, the virus infected files are hidden in the isolation directory. You need to select Show hidden files, folders, and drives to show them so as to check which virus infected files are isolated.

Create a Scan Policy

This operation allows you to create a scan policy that is used by antivirus servers to scan virus for shared files.

Prerequisites

The storage system and the antivirus server are working properly.

Context

  • A default scan policy named Default exists in the system. This policy allows full-time scan of any file. This policy cannot be deleted but can be modified.
  • A maximum of 32 scan policies can be configured.
  • Only one scan policy can be configured for a directory at a time.

Procedure

  1. Log in to DeviceManager.
  2. Select Settings > InfoScanner > Scan Policy.
  3. Click Create.

    The Create Scan Policy dialog box is displayed.

  4. Set parameters of the scan policy.

    Table 8-13 describes related parameters.

    Table 8-13  Scan policy parameters

    Parameter

    Description

    Value

    Name

    Name of the scan policy. The name cannot be changed after being determined.

    [Value range]

    • Contains 1 to 127 characters.
    • Contains only single-byte letters or digits, underscores (_), hyphens (-), and periods (.).
    • Must be unique.

    [Example]

    AVScanPolicy

    Non-scan Period

    Period during which antivirus scan is not implemented.

    [Value range]

    • The start time must be earlier than the end time.
      NOTE:
      If the parameter is set to 23:00-00:00, 00:00 indicates 24:00.
    • A maximum of five non-scan periods are supported and the non-scan periods cannot conflict with each other.

    [Example]

    00:00–01:00

    Excluded File Types in Scan

    Type of files that do not need to be scanned. In Excluded File Types in Scan, manually enter file name extensions and click Add. You can define types of files that do not need to be scanned.

    [Value range]

    • The file type contains 1 to 8 characters.
    • One scan policy supports a maximum of 500 types of files that do not need to be scanned.
    • One file type can be added once only.

    [Example]

    .txt or txt

    Max. File Size for Scan

    Files whose size is smaller than the parameter value are scanned.
    NOTE:
    If the parameter value is set to Unlimited, there is no limit on the size of files to be scanned.

    [Value range]

    The value ranges from 1 MB to 4096 MB.

    [Example]

    40 MB

  5. Click OK.

    The Success dialog box is displayed, indicating that the operation succeeded.

Creating a Scan Directory

This operation allows you to create a scan directory and set scan policies for it.

Prerequisites

  • The storage system and antivirus server are running correctly.
  • A directory has been shared in CIFS or NFS mode.

Context

  • Only one scan policy can be configured for a directory at a time.
  • One directory can be scanned in real time and periodically at the same time. You need to create two scan directories for the directory so that you can configure different scan policies for the directory.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > InfoScanner > Directory Scan.
  3. Create a scan directory.
    1. Click Create.

      The Create Scan Directory Wizard dialog box is displayed.

    2. Select the directory that you want to scan and click Next.

      NOTE:

      The system can scan a CIFS or NFS share directory only.

    3. Set scan parameters.

      Table 8-14 describes related parameters.

      Table 8-14  Scan directory parameters

      Parameter

      Description

      Value

      Scan Policy

      Scan policy used by the scan directory.
      NOTE:
      • Click Create to create a scan policy based on site requirements.
      • Only one scan policy can be created for one directory at a time. The system provides default scan policy Default.

      [Example]

      Default

      Default status

      Whether the antivirus service is enabled for the directory by default. The value of the parameter can be:
      • Enabled: The system will automatically scan for viruses based on the preset scan type.
      • Disabled: By default, the system disables the antivirus service of this directory.

      [Example]

      Enabled

      Scan type

      Antivirus scan type. The value of the parameter can be:
      • Periodic: The system scans shared files in off-peak hours based on scan policies.
      • Real time: The system scans shared files in real time.

      [Example]

      Real time

    4. Click Next.

      The Summary page is displayed.

  4. Confirm the information and click Finish.

    The Execution Result dialog box is displayed indicating that the operation succeeded.

  5. Click Close.
  6. Optional: Configure the scan interval of periodical scan directories.

    NOTE:
    The scan interval is set only for periodical scan directories. There is no need to set a scan interval for real-time scan directories. By default, the scan interval is 24 hours.

    1. Use PuTTY to log in to a system node as user omuser through the management IP address of OceanStor 9000.
    2. Run the command cli_start -u admin to log in to the CLI. Enter the password of user admin when prompted.
    3. Run change task_policy. Press Ctrl+A as instructed to query policy_id of the process whose policy_name is antivirus_scan.

      admin:/>change task_policy
      <policy_id>         ID string using alphanumeric, _(underscore), .(dot) , or -(hyphen)(length is from 1 to 127), press Ctrl+A to view available list
      -----------------------------------
        policy_id   : 114
        policy_name : antivirus_scan

    4. Run change task_policy <policy_id> dispatchTime=<time>.

      policy_id indicates the ID of the antivirus scan process. time indicates the scan interval. The unit is minutes. For example, run changetask_policy 114 dispatchTime=60. The scan interval of periodical scan directories is 60 minutes.

      admin:/>change task_policy 114 dispatchTime=60
      Command executed successfully.

Translation
Download
Updated: 2019-03-30

Document ID: EDOC1000101823

Views: 14404

Downloads: 97

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next