Skip to main content

Configuring on-access scanning

You can use on-access scanning to check for viruses when clients open, read, rename, or close files over CIFS. Your setting in the -vscan-fileop-profile option for the vserver cifs share create command defines which operations on a CIFS share can trigger virus scanning.

  • Creating an on-access policy
    An on-access policy defines the scope of an on-access scan. You can specify the maximum size of the files to be scanned, the extensions of the files to be included in the scan, and the extensions and paths of the files to be excluded from the scan. You can create an on-access policy for an individual SVM or for all the SVMs in a cluster.
  • Enabling an on-access policy
    You must enable an on-access policy on an SVM before its files can be scanned. If you created an on-access policy for all the SVMs in a cluster, you must enable the policy on each SVM individually. You can enable only one on-access policy on an SVM at a time.
  • Modifying the Vscan file-operations profile for a CIFS share
    The Vscan file-operations profile for a CIFS share defines which operations on the share can trigger scanning. By default, the parameter is set to standard. You can adjust the parameter as necessary when you create or modify a CIFS share.
  • Commands for managing on-access policies
    You can modify, disable, or delete an on-access policy. You can view a summary and details for the policy.