No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

OceanStor 9000 V300R006C00 File System Feature Guide 12

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Restrictions

Restrictions

This section describes the impact of the InfoScanner feature on system performance, restrictions on the feature application, and interaction between the feature and other features.

Impact on the System

InfoScanner virus scanning affects system performance. You are advised to configure scan directories and scan policies based on service requirements.

Interaction Between InfoScanner and Other Features

Table 8-5 describes the interaction between the InfoScanner feature and other features.
Table 8-5  Interaction between InfoScanner and other features

Feature

Interaction with InfoScanner

InfoStamper

  • InfoScanner is unable to scan a snapshot directory for virus in real time.
  • You are advised not to configure InfoStamper for a scan directory. If InfoStamper is configured for a scan directory, even though viruses in the directory are killed, its snapshot directory may still be infected by viruses.
  • You are advised not to configure InfoStamper for an isolation directory. If InfoStamper is configured for an isolation directory, even though the virus-infected files backed up into the directory are deleted, its snapshot directory may still be infected by viruses.

InfoAllocator

  • You are advised not to configure InfoAllocator for an isolation directory. If InfoAllocator is configured for an isolation directory, no more virus-infected files can be backed up into the directory after the used storage capacity or number of files reaches the directory's hard threshold.

InfoLocker

  • You are advised not to configure InfoLocker for a scan directory. If InfoLocker is configured for a scan directory, the virus files in the scan directory can be backed up to the isolated directory during the file protection period but the antivirus server cannot kill viruses for the virus files. When the protection period ends, virus files can be backed up to the isolated directory. Expired files can only be deleted but cannot be modified. Therefore, for a file that is completely infected with viruses, you can delete it directly; for a file that is partially infected with viruses, you cannot kill its viruses.
  • You are advised not to configure InfoLocker for an isolation directory. If InfoLocker is configured for an isolation directory, the virus files that have been backed up in the isolation directory can be restored to the scan directory during the protection period but the virus files cannot be deleted from the isolation directory. When the protection period ends, the virus files that have been backed up can be restored to the scan directory and deleted from the isolation directory.

InfoReplicator

  • In read-only mode, remote replication secondary directories do not support antivirus scanning.

Application Restrictions

  • In OceanStor 9000:
    • An isolation directory must be a newly created level-one directory. The system creates a CIFS share automatically based on the isolation directory and share name of the isolation directory input during parameter setting for antivirus servers.
    • Antivirus servers only support access to scan directories using the CIFS protocol. To ensure that antivirus scanning can be implemented for NFS shared directories in the storage system, you need to create a CIFS share for the root directory (/). Only after a CIFS share is created for the root directory, can antivirus servers obtain the share names of periodical scan directories to implement antivirus scanning.
      Scan authentication users in AntivirusGroup have full control. Risks exist if you create a CIFS share for the root directory (/). Security of the shared data is threatened if any scan authentication user account is lost. Ensure that the accounts are safe.
    • Antivirus servers must be deployed in the same subnet of the front-end service network as the first three nodes in the cluster (the three nodes at the bottom of the base cabinet).
  • On Antivirus servers:
    • One antivirus server can be configured only for one cluster. You cannot configure the antivirus server for other clusters.
    • Antivirus Agent Software must be installed on antivirus servers running Windows Server 2008 R2 and Microsoft .Net Framework 3.5.1.
    • OceanStor 9000 itself cannot perform virus scanning. InfoScanner provides the virus scanning function using antivirus software. To ensure the integrity of the antivirus database and the accuracy of antivirus scan, update the antivirus software to the latest version in a timely manner.
    • The antivirus server can only scan common files for virus but cannot scan naming pipe files, local socket files, character special files, and block device files for virus.
    • An antivirus server can only real-time check and kill viruses on the files of the OceanStor 9000 that resides on the same subnet as the antivirus server. Periodic scan is not limited by the subnet.
Translation
Download
Updated: 2019-06-27

Document ID: EDOC1000122519

Views: 85616

Downloads: 151

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next