Prerequisites for a scan host
A scan host is a host machine that has the required malware tool configured. Once it is integrated with NetBackup, NetBackup initiates scanning on the scan host.
Ensure that you meet the following prerequisites:
The minimum required configuration for the scan host is 8 CPU and 32-GB RAM.
The malware tool must be installed and configured.
For the supported operating systems of the scan host, refer to the Software Compatibility List.
The scan host must have a share type configured, that is, an NFS or an SMB client.
If the scan host connectivity type is :
NetBackup footprint is not required on the scan host. The existing systems with the NetBackup client or media server can be used as scan host, too.
The scan host must be reachable from the media server over SSH.
Note:
SSH connection to scan host from the media server must be successful and this can be verified by running the following command from media server:
ssh scanuser@scanhost
If the scan host connectivity type is :
NetBackup footprint is required on the scan host.
The NetBackup primary server and the media server providing the Instant Access mounts must be reachable from the NetBackup client.
By default, the NetBackup client scan host would be in deactivate state. After adding NetBackup client scan host to scan host pool you must activate the scan host.
The malware tool uses the temporary location to store files created during malware scan. The path of temporary location is configured in Web UI under the Malware global settings. Ensure that the user has write permissions to this path.
For archive scanning purposes, it is recommended to have the free disk space of 10 GB on the scan host.
Note:
(Applicable for NetBackup version 10.0 and later) Any other malware scanner tools that are installed on the scan host with on-access/real time protection enabled can interfere with backup scanning. Disable or add NFS/SMB mounts on the scan host to the exclusion list of the scanner.
For example, on a Windows scan host, the user must disable the option of the Windows Defender while the malware scan is in progress.
Depending on the platform, ensure that the following additional prerequisites are met:
Windows:
Linux:
Note:
It is recommended to keep only the required ports open for malware scanning.
Allow NFS/SMB read from NetBackup storage server. Refer to NetBackup Network Ports Reference Guide.
Allow SSH From NetBackup media server (used for connecting to scan host).
Allow Malware signature updates. This depends on malware scanner used. For NetBackup Malware Scanner, update happens over HTTPS (https://oem.avira-update.com/update).