In order to protect Nutanix files users from malware and viruses, you need to address both the client and the file server. Nutanix currently supports third party vendors that use Internet Content Adaptation Protocol ( ICAP ) servers.
ICAP, which is supported by a wide range of security vendors and products, is a standard protocol that allows file and web servers to be integrated with security products. Nutanix chose this method to give customers wide latitude in selecting the antivirus solution that works best for their specific environment.
Following is the workflow for an ICAP-supported antivirus solution:
-
An SMB client submits a request to open or close a file.
-
The file server determines if the file needs to be scanned, based on the metadata and virus scan policies. If a scan is needed, the file server sends the file to the ICAP server and issues a scan request.
-
The ICAP server scans the file and reports the scan results back to the file server.
-
The file server takes an action based on the scan results:
-
If the file is infected, the file server quarantines it and returns an “access denied” message to the SMB client.
-
If the file is clean, it returns the file handle to the SMB client.
For more information on the ICAP workflow please refer to the following document:
To find out the compatible ICAP servers please check the below discussion:
https://next.nutanix.com/nutanix-files-71/icap-antivirus-server-37110