Abstract: Malware scanning for network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a file identification component that obtains an identifier for a target file stored by the data storage system; a lookup component that searches a scan status data structure for a malware scan result corresponding to the identifier for the target file; and a file access component that grants access to the target file in response to the lookup component obtaining the malware scan result from the scan status data structure and the malware scan result indicating that the target file contains no malware.

Abstract: Priority scanning of files written by malicious users in a data storage system is described herein. A data storage system as described herein can include a user lookup component that obtains identities of users that have made at least one modification to a first file stored on the data storage system, resulting in a set of modifying users; a comparison component that compares respective modifying users of the set of modifying users to respective malicious users of a set of malicious users; and a scan priority component that, in response to the comparison component identifying at least one match between a modifying user of the set of modifying users and a malicious user of the set of malicious users, assigns a first scan priority to the first file that is higher than a second scan priority assigned to a second, different file stored on the data storage system.

Abstract: Identification and control of malicious users on a data storage system is described herein. A data storage system as described herein can include a file tracking component that records identities of users that have made at least one modification to a file stored on the data storage system, resulting in a set of recorded users; a user monitor component that increments respective malware counts associated with respective users of the set of recorded users in response to a malware scan of the file indicating that the file contains malware; and an access control component that restricts usage of the data storage system by a first user of the set of recorded users in response to a malware count associated with the first user exceeding a first threshold.

Abstract: Efficient heartbeat with remote servers by network-attached storage (NAS) cluster nodes is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a node assignment component that generates assignments for NAS nodes resulting in respective associated NAS nodes, the assignments associating respective ones of the NAS nodes with respective distinct anti-malware servers, and a heartbeat messaging component that instructs the respective associated NAS nodes to transmit heartbeat request messages to the respective distinct anti-malware servers according to the assignments.

Abstract: Server selection for optimized malware scanning on network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a load determination component that determines respective available capacities of anti-malware servers based on loading information obtained from the anti-malware servers and a task assignment component that assigns a malware scan task to a selected anti-malware server of the anti-malware servers based on the respective available capacities of the anti-malware servers.

Abstract: Malware scan status determination for network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a data creation component that creates a scan status data structure associated with a network-attached storage (NAS) device, the scan status data structure comprising respective records that indicate a file identifier and a malware scan status for respective files stored on the NAS device, and a data update component that updates a record in the scan status data structure corresponding to a target file stored on the NAS device in response to receiving a malware scan result for the target file.

Abstract: An adaptive connection policy for dynamic load balancing of client connections is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a watermarking component that defines operating ranges and connection policies for respective performance parameters associated with the data storage system, a performance monitoring component that tracks respective performances of computing nodes of the data storage system with respect to the respective performance parameters, and a policy selection component that selects a connection policy for a performance parameter of the respective performance parameters, resulting in a selected connection policy, in response to a performance of at least one computing node of the data storage system being outside of an operating range of the operating ranges for the performance parameter.

Abstract: Priority scanning of files written by malicious users in a data storage system is described herein. A data storage system as described herein can include a user lookup component that obtains identities of users that have made at least one modification to a first file stored on the data storage system, resulting in a set of modifying users; a comparison component that compares respective modifying users of the set of modifying users to respective malicious users of a set of malicious users; and a scan priority component that, in response to the comparison component identifying at least one match between a modifying user of the set of modifying users and a malicious user of the set of malicious users, assigns a first scan priority to the first file that is higher than a second scan priority assigned to a second, different file stored on the data storage system.

Abstract: Identification and control of malicious users on a data storage system is described herein. A data storage system as described herein can include a file tracking component that records identities of users that have made at least one modification to a file stored on the data storage system, resulting in a set of recorded users; a user monitor component that increments respective malware counts associated with respective users of the set of recorded users in response to a malware scan of the file indicating that the file contains malware; and an access control component that restricts usage of the data storage system by a first user of the set of recorded users in response to a malware count associated with the first user exceeding a first threshold.

Abstract: An adaptive connection policy for dynamic load balancing of client connections is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a watermarking component that defines operating ranges and connection policies for respective performance parameters associated with the data storage system, a performance monitoring component that tracks respective performances of computing nodes of the data storage system with respect to the respective performance parameters, and a policy selection component that selects a connection policy for a performance parameter of the respective performance parameters, resulting in a selected connection policy, in response to a performance of at least one computing node of the data storage system being outside of an operating range of the operating ranges for the performance parameter.

Abstract: Efficient heartbeat with remote servers by network-attached storage (NAS) cluster nodes is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a node assignment component that generates assignments for NAS nodes resulting in respective associated NAS nodes, the assignments associating respective ones of the NAS nodes with respective distinct anti-malware servers, and a heartbeat messaging component that instructs the respective associated NAS nodes to transmit heartbeat request messages to the respective distinct anti-malware servers according to the assignments.

Abstract: Server selection for optimized malware scanning on network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a load determination component that determines respective available capacities of anti-malware servers based on loading information obtained from the anti-malware servers and a task assignment component that assigns a malware scan task to a selected anti-malware server of the anti-malware servers based on the respective available capacities of the anti-malware servers.

Abstract: Malware scan status determination for network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a data creation component that creates a scan status data structure associated with a network-attached storage (NAS) device, the scan status data structure comprising respective records that indicate a file identifier and a malware scan status for respective files stored on the NAS device, and a data update component that updates a record in the scan status data structure corresponding to a target file stored on the NAS device in response to receiving a malware scan result for the target file.

Abstract: Malware scanning for network-attached storage systems is provided herein. A data storage system as described herein can include a memory that stores computer executable components and a processor that executes computer executable components stored in the memory. The computer executable components can include a file identification component that obtains an identifier for a target file stored by the data storage system; a lookup component that searches a scan status data structure for a malware scan result corresponding to the identifier for the target file; and a file access component that grants access to the target file in response to the lookup component obtaining the malware scan result from the scan status data structure and the malware scan result indicating that the target file contains no malware.