Skip to main content

Create a scanner pool on a single cluster

Contributors netapp-powr netapp-ahibbard

A scanner pool defines the Vscan servers and privileged users that can connect to SVMs. You can create a scanner pool for an individual SVM or for all the SVMs in a cluster.

What you'll need
  • SVMs and Vscan servers must be in the same domain or in trusted domains.

  • For scanner pools defined for an individual SVM, you must have configured ONTAP Antivirus Connector with the SVM management LIF or SVM data LIF.

  • For scanner pools defined for all the SVMs in a cluster, you must have configured ONTAP Antivirus Connector with the cluster management LIF.

  • The list of privileged users must include the domain user account the Vscan server uses to connect to the SVM.

  • Once the scanner pool is configured, check the connection status to the servers.

Steps
  1. Create a scanner pool:

    vserver vscan scanner-pool create -vserver data_SVM|cluster_admin_SVM -scanner-pool scanner_pool -hostnames Vscan_server_hostnames -privileged-users privileged_users

    • Specify a data SVM for a pool defined for an individual SVM, and specify a cluster admin SVM for a pool defined for all of the SVMs in a cluster.

    • Specify an IP address or FQDN for each Vscan server host name.

    • Specify the domain and user name for each privileged user. For a complete list of options, see the man page for the command.

    The following command creates a scanner pool named SP on the vs1 SVM:

    cluster1::> vserver vscan scanner-pool create -vserver vs1 -scanner-pool SP -hostnames 1.1.1.1,vmwin204-27.fsct.nb -privileged-users cifs\u1,cifs\u2
  2. Verify that the scanner pool was created:

    vserver vscan scanner-pool show -vserver data_SVM|cluster_admin_SVM -scanner-pool scanner_pool

    For a complete list of options, see the man page for the command.

    The following command displays the details for the SP scanner pool:

    cluster1::> vserver vscan scanner-pool show -vserver vs1 -scanner-pool SP
    
                                        Vserver: vs1
                                   Scanner Pool: SP
                                 Applied Policy: idle
                                 Current Status: off
             Cluster on Which Policy Is Applied: -
                      Scanner Pool Config Owner: vserver
           List of IPs of Allowed Vscan Servers: 1.1.1.1, 10.72.204.27
    List of Host Names of Allowed Vscan Servers: 1.1.1.1, vmwin204-27.fsct.nb
                       List of Privileged Users: cifs\u1, cifs\u2

    You can also use the vserver vscan scanner-pool show command to view all of the scanner pools on an SVM. For complete command syntax, see the man page for the command.