Search

A Sneak Peek at Huawei NAS Antivirus

2023-03-23
734
0

This blog series on Network Attached Storage (NAS) looks under the hood of the latest tech in file services & storage and dives into how enterprises can skyrocket efficiency with NAS.

Sharing files with colleagues is a necessity in today’s office, but doing so is not as simple as transmitting data over networks. If a client and its files are infected with a virus, it can have a domino effect, infecting more and more clients.

Therefore, it has become crucial for enterprises to invest in premium security solutions that protect their data from malicious actors. As more user files are stored in storage systems, these systems must include robust antivirus safeguards. Antivirus scanning is an important method for removing threats from your system before they have a chance to strike.

Huawei storage comes with a NAS antivirus feature that provides incognito security protection for your data and enhances the security of the entire system. By working with a third-party antivirus engine for both on-access and on-demand file scanning, it allows you to configure scanning policies and servers. This feature does not process isolated files, but rather uses the isolation function provided by the antivirus software. If the system fails to scan certain files, you can export the antivirus logs to check for the files and determine the cause.

On-access scanning

On-access scanning is triggered by file access over CIFS to prevent clients from accessing virus-infected files.

After on-access scanning is enabled for a file system, virus scanning is executed in real time when you open or close a file after writing data. If a virus is detected in the file, the system will deny the access request. Otherwise, the system will deem the file to be safe or the threat is removed, and you’ll be able to proceed with subsequent operations. You can configure a scanning policy to specify the maximum scannable file size, scanning period, and types of files that you do not wish to scan.

On-demand scanning

This involves the system scanning for viruses based on a policy, period, and time window that you have specified. You can configure the file type or file path that you do not wish to scan, as well as the largest scannable file, and start time and duration. You can also trigger scans manually to better protect your data.

On-access or on-demand — which best meets your needs?

In applications that require high performance, it is recommended that you configure on-demand scanning, as it will have only a limited effect on your services.

On-access scanning is ideal when performance is not prioritized, as it will cause a slight read latency when scanning is triggered upon the opening of a file. This helps ensure that there are no viruses on the file. If you open a file multiple times but do not modify it, virus scanning is triggered only at the time of first access. Once the file is scanned, a flag will be added to the file indicating that its current status is safe, and will remain there until the file is modified. Any modification to the file will automatically remove this flag, and scanning will be executed the next time it is opened. You can also configure a policy to trigger virus scanning upon the closing of a file, which prevents this latency from occurring, but is not as safe as scanning upon opening.

Antivirus server management

In addition to on-access and on-demand scanning, Huawei storage also allows you to add or delete antivirus servers in the NAS antivirus feature. On a typical Huawei storage network providing NAS antivirus services, the storage system is connected via TCP/IP to the Windows antivirus server, which is responsible for removing viruses. Under this setup, you can add or delete antivirus servers, and configure up to 64 antivirus servers for a single vStore, and 2048 for the entire system.

Recommended configuration

When a large number of files are accessed concurrently, the antivirus workload increases instantaneously. Since the antivirus software consumes a lot of CPU resources, the antivirus server may become a performance bottleneck and the scan may time out. Therefore, it is recommended that you deploy two antivirus servers for NAS antivirus scanning to share the loads, as this prevents any single point of failure.

This blog provides an overview of the NAS antivirus feature, including on-demand and on-access scanning, and antivirus server management. To learn more about cybersecurity topics like ransomware protection, please visit our official webpage Huawei Ransomware Protection Storage Solution.

Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy, position, products, and technologies of Huawei Technologies Co., Ltd. If you need to learn more about the products and technologies of Huawei Technologies Co., Ltd., please visit our website at e.huawei.com or contact us.

TOP