Protection Engine for Network Attached Storage

 View Only
  • 1.  Unable to write files to network

    Posted May 23, 2013 10:41 AM

    All,

    Here is the situation Protection Engine has been implemented, two PE servers for EMC VNX, using ICAP protocol.

    Turned virus scanning on out of hours approx 20:00 at night, the next day it was ok until around 10:00am when users were no longer able to save files to CIFS shares on the NAS.  This was from applications like Office so updating an existing Word document would not be saved, and even when trying to create a new file, such as a text file.

    PE servers are set to scan and repair files only, there hasn't been any major performance issues on the PE servers, they've scanned just over 200K files between them.  In order to prevent issues to the users, virus scanning on the VNX has been turned off. Not blocking any access to containers just logging, same for files, URL and Mail scanning is not turned on.

    Whilst it was working for around 14hours, now if we enable virus scanning on the VNX it immediately prevents writing to the CIFS shares.

    Any advice appreciated.



  • 2.  RE: Unable to write files to network

    Broadcom Employee
    Posted May 23, 2013 02:43 PM

    Are there no logs on this VNX product? Have EMC certified that Protection Engine works with VNX?



  • 3.  RE: Unable to write files to network

    Posted May 24, 2013 03:19 AM

    EMC are engaged via a P1 call and looking at this, their Event Enabler document indicates VNX will work with Scan Engine/Protection Engine.  These have been configured as required by EMC.

    We have turned on virus checking on the VNX from 18:00 last night, but there were not many users in, and thus far we've had no reported errors by users, i.e. not being able to save files.  I've enabled Verbose logging on the Protection Engine servers so everything is written to the Application Log it might help with troubleshooting if we need it.

    We're seeing average requests way under the threshold monitors of 30 requests per second, I guess all we can do is monitor and see if we experience the same issue around 10:00am this morning...

    EMC say the only change they made was to exclude *.TMP files from being scanned... I'm not sure the impact and change this would have on the issue we are experiencing.

    We have an additional two PE servers attached to a VNX in another data centre but they're releluctant to turn these on after the impact to the users yesterday.



  • 4.  RE: Unable to write files to network

    Broadcom Employee
    Posted May 24, 2013 12:04 PM

    Here are some documents regarding suggested file extension exclusions:

    http://www.symantec.com/business/support/index?page=content&id=TECH96713

    http://www.symantec.com/business/support/index?page=content&id=TECH89267

    http://www.symantec.com/business/support/index?page=content&id=HOWTO79767



  • 5.  RE: Unable to write files to network

    Posted May 25, 2013 11:15 AM

    If the number of requests remain high you may also consider adding more Protection Engine servers to spread the scanning load.



  • 6.  RE: Unable to write files to network

    Posted May 27, 2013 02:22 PM

    Thanks for the input so far guys.  It seemed to be working until a certain point when folks were not able to write files back to the VNX, these were existing files.  Again I'm thinking some kind of caching issue.. but unable to confirm it until back on site Wednesday.  In meantime VNX has had virus scanning turned off....