Protection Engine for Network Attached Storage

 View Only
  • 1.  Symantec AV for NAS x Symantec End Point

    Posted Aug 03, 2011 05:57 AM

     

    Hi,
     
    I have configured the scan engine and scanning a Netapp Storage. 
    I did some tests of virus detection using the EICAR code and have two behaviors in two different scenarios. 
     
    First: When I test for accessing the shared folder via a workstation that has NOT AntVirus installed, the Scan Engine detects the threat and increases in the report. 
     
    Second: When I test for accessing the shared folder via a workstation that has antivirus installed, the Scan Engine NOT detects the threat, but Anti-Virus Station (SEP) yes. 
     
    Why in second scenario, is the SEP who detect the threat if the file with the virus being released to the workstation, it must pass through the Scan Engine for analysis?
     
    Kind regards,
    Daniel Stefani


  • 2.  RE: Symantec AV for NAS x Symantec End Point

    Broadcom Employee
    Posted Aug 05, 2011 05:35 PM

    You should test this scenario again with Scan Engine in Information logging mode. Tell us if Scan Engine logs scannign the file and if so what the log entry looks like.

    It is ultimately vscan that is responsible for blocking access to a file so there may be a configuration issue with vscan.

     

    It is expected behaviour for Scan Engine to not delete the file, so that may be what you are running into:

    http://www.symantec.com/business/support/index?page=content&id=TECH138199