Virus protection for NAStorage 8200



Similar documents
Norton Personal Firewall for Macintosh

Content Inspection Director

World-class security solutions for your business. Business Products. C a t a l o g u e

Symantec AntiVirus Enterprise Edition

4-Bay SATA NAS RAID Server with iscsi

Basics of Internet Security

Cisco Small Business ISA500 Series Integrated Security Appliances

Stateful Inspection Technology

HANTZ + PARTNER. The Upgrade Company! :: NAStorage Server ::

TREND MICROTM ServerProtectTM for EMC Celerra TM

Content Security Gateway Series Real-time Gateway Web Security Against Spyware and Viruses

How To Back Up A Computer To A Backup On A Hard Drive On A Microsoft Macbook (Or Ipad) With A Backup From A Flash Drive To A Flash Memory (Or A Flash) On A Flash (Or Macbook) On

Web. Anti- Spam. Disk. Mail DNS. Server. Backup

What you can do prevent virus infections on your computer

Check Point: Sandblast Zero-Day protection

Understanding Virus Behavior in 32-bit Operating Environments

WHITE PAPER. Home Directories on Snap Server GuardianOS

BitDefender Client Security Workstation Security and Management

Server Virtualization A Game-Changer For SMB Customers

Next Generation Firewalls and Sandboxing

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc

Database Security in Virtualization and Cloud Computing Environments

Network Instruments white paper

Selecting the Right NAS File Server

Protecting the Infrastructure: Symantec Web Gateway

THIS SERVICE LEVEL AGREEMENT (SLA) DEFINES GUARANTEED SERVICE LEVELS PROVIDED TO YOU BY INFRONT WEBWORKS.

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

File Services. File Services at a Glance

An Oracle Technical White Paper May How to Configure Kaspersky Anti-Virus Software for the Oracle ZFS Storage Appliance

TREND MICRO. InterScan VirusWall 6. SMTP Configuration Guide. Integrated virus and spam protection for your Internet gateway.

Automate your IT Security Services

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Engineering a NAS box

How To Build A Network Security Firewall

THE BEST WAY TO CATCH A THIEF. Patrick Bedwell, Vice President, Product Marketing

Database Security, Virtualization and Cloud Computing

Unified network traffic monitoring for physical and VMware environments

Top tips for improved network security

INSTANT MESSAGING SECURITY

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

FreeFlow Core, Version 4.0 August P Xerox FreeFlow Core Security Guide

HP StorageWorks Enterprise File Services Clustered Gateway. Technical Product Review. Sprawl Makes Inexpensive Servers Expensive

Technology Blueprint. Protect Your . Get strong security despite increasing volumes, threats, and green requirements

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

AV Management Dashboard

Information. Product update Recovery. Asset manager. Set console address Create recovery point. Client properties

IBM TotalStorage Network Attached Storage 100

Answer: Can be used on smart phones/ipad/tablets OR can be used anywhere that has an internet connection. Do not mention anything to do with cost

Building A Secure Microsoft Exchange Continuity Appliance

Deploying ACLs to Manage Network Security

CERN settings for Norton AntiVirus 7.6

Technical Note. ForeScout CounterACT: Virtual Firewall

An Oracle Technical White Paper January How to Configure the Trend Micro IWSA Virus Scanner for the Oracle ZFS Storage Appliance

Goals. Understanding security testing

TotalStorage Network Attached Storage 300G Cost effective integration of NAS and LAN solutions

2012 Endpoint Security Best Practices Survey

Configuring Symantec AntiVirus for NetApp Storage system

SmartSync NAS-to-NAS Data Replication

(Self-Study) Identify How to Protect Your Network Against Viruses

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Antivirus Solution Guide for Clustered Data ONTAP 8.2.1: McAfee

The Information Leak Detection & Prevention Guide

Clavister InSight TM. Protecting Values

Prinect. Is Your Prinect Workflow Safe from a Cyber Attack?

Symantec NetBackup Appliances

SECURE SHARING AND COMMUNICATION. Protection for servers, and collaboration

Configuring Security for FTP Traffic

Solution Brief FortiMail for Service Providers. Nathalie Rivat

Using VNX Event Enabler

Small and Midsize Business Protection Guide

Technical Note. CounterACT: Powerful, Automated Network Protection Inside and Out

Synology High Availability (SHA)

NETGEAR SMB Storage Line Update and ReadyNAS 2100 Introduction

IBM TotalStorage Network Attached Storage 300G

Securing Data in Network Attached Storage (NAS) Environments: ServerProtect for NAS...

PROTECTION FOR SERVERS, WORKSTATIONS AND TERMINALS ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Dynamic Honeypot Construction

A progressive and integrated approach to protecting corporate networks

Log Audit Ensuring Behavior Compliance Secoway elog System

ViRobot Desktop 5.5. User s Guide

OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010

Intrusion Detection Systems (IDS)

ZEN LOAD BALANCER EE v3.04 DATASHEET The Load Balancing made easy

Symantec Endpoint Protection Analyzer Report

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Transcription:

Virus protection for NAStorage 8200 1. Abstract 2003.6.13 Henry Ho As companies are deploying enterprise-wide anti-virus protection to prevent from losses caused by rapidly spreading deadly viruses, NAS servers are usually the most vulnerable systems because most of them do not include antivirus capabilities, nor can an antivirus software run on them. Data on NAS servers are often unprotected against virus threats. To address this issue, Ingrasys Technology and Trend Micro worked together to offer integrated antivirus solutions for our NAStorage servers. Running Trend Micro s best-of-class antivirus software, our NAStorage servers have now fast, economic and easily deployed virus protection. 2. Different approaches of protecting NAS servers from viruses Set up antivirus scanning servers to scan NAS servers on predefined schedules: For NAS servers with no antivirus capability, MIS people usually set up a Windows server running some antivirus software and set schedules for scanning the NAS servers regularly. There are some disadvantages as it causes heavy network traffic and the antivirus scanning servers must read all the files on the NAS servers in

order to scan them. Moreover, the NAS servers are heavily accessed during scanning which forces scanning tasks to be started in off-hours so that normal operations are not affected. Most importantly, there are chances that, by the time of scanning, all files on the NAS servers have already been infected or damaged by viruses. Set up antivirus scanning servers to scan NAS servers on file access Some NAS vendors take this approach. Network Appliance is an example. MIS people must also set up an antivirus scanning server. The difference is that, they can not only scan NAS servers on predefined schedules, but also scan files on access. See the diagram below. Same as the first approach, the file being scanned must be sent to the antivirus scanning server over the network. Clients will experience some lags in network performance but the NAS server can get real-time virus protection. Manually install an anti-virus software on the NAS servers For NAS servers running Windows SAK operating systems, MIS people can choose to install any Windows-compatible antivirus software on these NAS servers. The disadvantages are that companies must purchase extra licenses for those

NAS servers and deployment costs are high since MIS people must manually install the antivirus software on each NAS server. The advantage is that companies can deploy the same antivirus solutions from one antivirus vendor for both Windows PCs and NAS servers. Running built-in antivirus software directly on NAS servers This approach is to integrate the antivirus software into the NAS OS and run it natively. An example is the Snap Appliance s Guardian OS. It integrates CA s etrust antivirus software to provide manual and scheduled virus scanning capability. However, it lacks the most important real-time virus protection due to some integration difficulties. Using a similar approach, the NAStorage integrates the Trend Micro s antivirus software and takes advantage of Trend s services such as frequent virus pattern updates. In addition to a manual and scheduled virus-scanning, it also detects and protects from virus attacks on the fly when clients are accessing the NAS servers. Protection is around the clock and without interruption. 3. The advantages of integrating the antivirus software in the NAS More and more NAS vendors are considering integrating and running the antivirus software natively on NAS servers. The advantages are obvious. Better integration. Less deployment time and costs. Less degrading of network performance. With an antivirus software is integrated into the NAS servers, no extra licenses

are required. Moreover, MIS people do not have to install the software into each NAS server separately. The deployment costs are thus greatly reduced. By running the antivirus software directly on NAS servers, performance impacts are minimized and network traffic is largely reduced since data are not sent to the antivirus scanning servers over the network. 4. Performance impacts when the real-time virus protection is activated To protect the NAS servers from viruses at all times, it is necessary to have real-time virus protection, which scans for viruses when clients are accessing (writing to or reading from) the NAStorage servers. When clients are writing files, the data will be written to the NAS disks first and scanned for viruses. When clients are reading files, the data will not reach the clients until they are completely scanned. In both cases, NAS performance will be slowed down by a certain percentage. Below are test results using the NetBench 7.02 software for the NAStorage 8200. There are three situations the first is with the real-time virus protection turned off, the second is to scan the incoming files (i.e., during file writes), the third is to scan both incoming and outgoing files (i.e., during file writes and reads). Let s check the performance differences: RAID5 (HDD1,3,5,7) 8200 250.000 Throughput(MBit) 200.000 150.000 100.000 Virus_Disable 50.000 Virus_Scan_In Virus_Scan_In&Out 0.000 1 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 Number of Clients

Let us take 44 clients as an example. The network throughputs are respectively 198Mbps, 170Mbps and 143Mbps. As you see, the performance is reduced by ~ 14% when scanning incoming files. The performance is down by ~ 28% when scanning in both directions. 5. Which network protocols are protected and which ones not? The NAStorage server can be accessed through various network protocols SMB, AppleShare, FTP, HTTP and NFS. Of those protocols, SMB, AppleShare, FTP and HTTP are well protected by the real-time virus scanning function. All file reads or writes from any of those protocols will trigger the virus-scanning. On the other hand, the NFS service running on the NAStorage servers is executed in the kernel mode and will not be able to trigger the virus-scanning during file reads/writes. Although viruses written for the UNIX world are by far less than those for the Windows world, it is still suggested to set scanning schedules to regularly scan the NAStorage servers for viruses in order to screen out any infected files which could possibly enter through the NFS protocol. 6. Key features of the NAStorage virus protection software Real-time virus scanning protects the NAS server from virus attacks around the clock Features manual and scheduled virus scanning for screening out any infected files from your NAS sever Automatic virus pattern updates from the Trend Micro update server keeps your virus protection up to date Defines whether to quarantine, clean or delete the infected files when a virus is found Issue of email notifications, SNMP traps or web reminders when a virus is found using manual or scheduled scans Complete records of infected files and scan history

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information