4.9.2 Nutanix Files

Overview

Nutanix Files supports the Internet Content Adaptation Protocol (ICAP) to enable communication with MetaDefender ICAP Server. ICAP Server can scan files stored on file shares in real time when files are opened, closed, read from, or written to.

Nutanix Files performs the following task when working with ICAP Server:

  1. A client requests to read, write, open, or close a file.

  2. Files determines that the file requires scanning.

  3. Files sends files that require scans to the ICAP Server and with a scan request.

  4. The ICAP Server scans the file and reports the scan results to Files.

  5. Files quarantines and denies access to unsafe files.

  6. If the file is clean or disarmed & reconstructed, then Files allows the client access to the file.

Further reading

For details about ICAP Server configuration in Nutanix Files see the Nutanix Files Guide.

Configuration

Disabled by default

By default, shares have antivirus scan disabled. After configuring the antivirus scan, you must enable the scan for each share that you want scanned.

More ICAP Servers recommended

Nutanix recommends two or more MetaDefender ICAP Servers for each share.

Configure scanning

To configure scanning for SMB shares:

  1. Log on to the Prism web console and go to Home > File Server.

  2. In the action links, click Antivirus settings. The Antivirus window appears.

  3. Click + Connect ICAP Server
    images/download.nutanix.com/documentation/v510/images/fs-view-antivirus-tab-icap.png

    1. Enter the IP address or hostname of ICAP Server.

    2. Enter the ICAP Server port number. The default port is 1344.

    3. Click Save.

    4. Ensure the connection status automatically updates to OK. For a detected antivirus server, the software tests the validity of the configured server and updates the status to OK.
      012ec5a8-8168-4a71-aec3-b75f584cacce

    5. Click Next.

  4. Complete the Scan Settings. Override settings for individual shares through the share-level antivirus settings.

    1. Scan on Write: Scans saved and updated files (a write operation).

    2. Scan on Read: Scans opened files (read operation).Nutanix recommends to always enable Scan on Read.

    3. Click Save.

ICAP Server parameter

Description

Values

IP Addresses

Displays the IP addresses for the ICAP servers.

(IP addresses)

Port

Displays the port number.

(port number)

Description

Displays the server description (if one was included when the server was added).

(text string)

Files Scanned

Displays the number of files scanned by the server.

(integer)

Disconnect Count

Displays the number of times the server disconnected.

(integer)

Avg Latency (ms)

Displays the average response latency.

xx [ms]

Connection Status

Indicates whether the server is connected.

[Yes|No]

Action

Click the pencil icon to edit the server configuration or the X icon to delete it.

n/a

Enable scanning

Disabled by default

By default, shares have antivirus scan disabled.

To enable scanning on each share:

  1. From the Home page, go to File Server > Share.

  2. Select the share from the list and click Antivirus Settings. The antivirus setup window displays.

  3. Check the box Enable antivirus scan for this share.

  4. Click Save.