Views:
The main components of the EMC VNX/VNXe antivirus system include:
  • Data Mover (includes the VC Client) located on the EMC VNX/VNXe File Server
  • AV Server (includes ServerProtect for Storage and Common Event Enabler (CEE)) located on a machine separate from the EMC VNX/VNXe File Server
Scanning is done on a separate AV Server rather than on the File Server. This ensures virus scanning will not impact the File Server's processing power. Connecting multiple AV Servers with the File Server evenly distributes the scanning workload. Scan requests and files are sent to AV Servers in a "round-robin" method. This evenly distributes the workload and improves scan performance.
Remote Procedure Call (RPC) connections maintain constant communication between the File Server and the AV Server(s) for round-the-clock assurance that only virus-free files are saved to the EMC data storage system.
spemc-cava-architect.jpg
ServerProtect for Storage with EMC CAVA Scanner Architecture
The following is a description of the ServerProtect and EMC VNX/VNXe antivirus system workflow:
  1. A user or application running a Windows client accesses the file from EMC VNX/VNXe using the Common Internet File System (CIFS) protocol.
  2. When a client attempts to modify, close, or save a file to the EMC VNX/VNXe system, the EMC VNX/VNXe File Server triggers a request.
  3. The Virus Checking (VC) Client on the EMC VNX/VNXe will request a virus check by sending the Universal Naming Convention (UNC) path name to the CEE of the AV Server.
  4. The request is sent to AV Servers in a round-robin fashion.
  5. On the AV Server, CEE requests ServerProtect to scan the file for viruses using the Real-time Scan function.
  6. Simplified scan results:
    • NON-INFECTED: file not infected, or disinfected (file can be opened)
    • INFECTED: infected and not cleanable (file access is denied)
Protecting the EMC VNX/VNXe File Server is the main focus of SPFS. In SPFS, virus scanning is made in "on-access" mode, and takes place on a separate machine (AV Server) that is running Windows Server 2008, 2012, 2016, 2019, 2022, or 2025. The AV Server protects the File Server. This differs from the regular version of ServerProtect whose focus is to protect the Normal Server.
Note
Note
Microsoft Windows Server 2008 and 2008 R2 are no longer supported since ServerProtect for Storage 6.0 Patch 3.
When a client attempts to modify, close or save a file to the Server, the VC Client on the EMC VNX/VNXe Server will request a virus check by sending the Universal Naming Convention (UNC) path name to CEE on an AV Server. CEE then requests ServerProtect to scan the file using Real-time Scan mode.
If the file is infected, ServerProtect performs a designated virus action. If CEE reports the file has been successfully cleaned, the File Server lets clients access the file or saves it to its attached data storage system.
Related information