The server itself does not perform any scanning of the files, but rather provides a connection with configured Virus Scan Engines on the network:
You can configure multiple Virus Scan Engines to enhance both the performance and to maintain high-availability of the server. If a Virus Scan Engine fails during a virus scan, the storage server automatically redirects the scan to another Virus Scan Engine.
The server maintains a list of file types, the Inclusion List, that allows the administrator to control which files are scanned (for example, .exe, .dll, .doc, and so forth). The default Inclusion List includes most file types commonly affected by viruses.
If virus scanning is temporarily disabled, files continue to be marked as needing to be scanned. In this way, if virus scanning is re-enabled, files that were changed are re-scanned the next time they are accessed by a CIFS client.
The Hitachi NAS platforms storage systems proactively submit files for scanning to the scan engine (SAVSE) on both read (open) and changes and modifications associated with a write (close). If a file has not been verified by a virus scan engine as clean, it will need to be scanned before it can be accessed. However, scanning for viruses when a client is trying to access the file can take time (on read only). To reduce this latency, files are automatically queued to be scanned as soon as they are created or modified, and then closed (on writes). Queued files are scanned promptly, expediting the detection of viruses in new or modified files and making it unlikely that a virus infected file will remain dormant on the system for a long period of time.
Virus Scanning statistics for the storage server (in 10-second time slices) are available for activity since the previous reboot or since the point when statistics were last reset.
You can also set a list of file types on a file system that will be excluded from being sent for scanning by antivirus servers. With an exclusion list you can scan all files except those with certain file extensions, for example, those containing application data. This helps reduce the load on the virus scanning engines and network.
As with the inclusion list, the exclusion list will support wildcarding. The exclusion list is configurable using the command line interface.