What are some best practices for implementing Symantec Protection Engine (SPE) for Network Attached Storage (NAS) with a NetApp Filer?
.\xmlmodifier.exe -s /configuration/ProtocolSettings/Protocol/@value "RPC" configuration.xml
.\xmlmodifier.exe -c /configuration/ProtocolSettings/RPC/ClientList/items 127.0.0.1 configuration.xml
.\xmlmodifier.exe -c /configuration/ProtocolSettings/RPC/ClientList/items <ip address of 7-mode filer> configuration.xml
Most of these settings must be set from the commandline. Follow the instructions under Using XMLModifier. The articles in that section contain the Centralized Console instructions if the setting can be set from the Centralized Console.
WMIC CPU Get DeviceID,NumberOfCores
.\xmlmodifier.exe -s /configuration/Resources/System/MaxThreads/@value <calculated threads> configuration.xml
.\xmlmodifier.exe -s /configuration/Resources/System/LoadMaximumQueuedClients/@value <calculated value> configuration.xml
Use the vscan scanner-pool show -instance command on the NetApp filer to view the timeouts:
::*> vscan scanner-pool show -instance
javascript:void('Edit Link')
Vserver: svm1
Scanner Pool: pool1
Applied Policy: primary
Current Status: on
Cluster on Which Policy Is Applied: node1
Scanner Pool Config Owner: vserver
List of IPs of Allowed Vscan Servers: 10.63.119.140
List of Host Names of Allowed Vscan Servers: 10.63.119.140
List of Privileged Users: domain\administrator
Request Service Timeout: 30s
Scan Queue Timeout: 20s
Session Setup Timeout: 10s
Session Teardown Timeout: 10s
Max Number of Consecutive Session Setup Attempts: 5
Take note of Request Service Timeout. You will use this value when configuring the Protection Engine timeout.
Note: The Request Service Timeout value is how long NetApp will wait for a scan verdict. For more information about this and other timeout settings, see NetApp's article regarding timeouts.
vscan on
To configure SPE timeout values for older versions of SPE
About Windows versions:
About certification
NetApp Filer certifies each version of ONTAP with Symantec Protection Engine. Certification information from NetApp specifies versions of ONTAP, but not versions of OnTap AV Connector. The latest matric of certified implementations can be found here: