Create a scanner pool on a single cluster

Contributors

A scanner pool defines the Vscan servers and privileged users that can connect to SVMs. You can create a scanner pool for an individual SVM or for all of the SVMs in a cluster.

What you’ll need
  • SVMs and Vscan servers must be in the same domain or in trusted domains.

  • For scanner pools defined for an individual SVM, you must have configured the ONTAP Antivirus Connector with the SVM management LIF or the SVM data LIF.

  • For scanner pools defined for all of the SVMs in a cluster, you must have configured the ONTAP Antivirus Connector with the cluster management LIF.

About this task

The list of privileged users must include the domain user account the Vscan server uses to connect to the SVM.

Steps
  1. Create a scanner pool:

    vserver vscan scanner-pool create -vserver data_SVM|cluster_admin_SVM -scanner-pool scanner_pool -hostnames Vscan_server_hostnames -privileged-users privileged_users

    • Specify a data SVM for a pool defined for an individual SVM, and specify a cluster admin SVM for a pool defined for all of the SVMs in a cluster.

    • Specify an IP address or FQDN for each Vscan server host name.

    • Specify the domain and user name for each privileged user. For a complete list of options, see the man page for the command.

    The following command creates a scanner pool named SP on the vs1SVM:

    cluster1::> vserver vscan scanner-pool create -vserver vs1 -scanner-pool SP -hostnames 1.1.1.1,vmwin204-27.fsct.nb -privileged-users cifs\u1,cifs\u2
  2. Verify that the scanner pool was created: vserver vscan scanner-pool show -vserver data_SVM|cluster_admin_SVM -scanner-pool scanner_pool

    For a complete list of options, see the man page for the command.

    The following command displays the details for the SP scanner pool:

    cluster1::> vserver vscan scanner-pool show -vserver vs1 -scanner-pool SP
    
                                        Vserver: vs1
                                   Scanner Pool: SP
                                 Applied Policy: idle
                                 Current Status: off
             Cluster on Which Policy Is Applied: -
                      Scanner Pool Config Owner: vserver
           List of IPs of Allowed Vscan Servers: 1.1.1.1, 10.72.204.27
    List of Host Names of Allowed Vscan Servers: 1.1.1.1, vmwin204-27.fsct.nb
                       List of Privileged Users: cifs\u1, cifs\u2

    You can also use the vserver vscan scanner-pool show command to view all of the scanner pools on an SVM. For complete command syntax, see the man page for the command.