We are using TrendMicro's ServerProtect for NetApps to virus scan all files incoming/outgoing from our NetApps Filers. As expected, when a user attempts to store a file containing malware on a Filer, ServerProtect appropriately takes action on the file (attempting to clean it, then, if that fails, quarantining or deleting the file). While ServerProtect does have some limited alerting capabilities and we do have it setup to alert our IS group when a file is quarantined or deleted, ServerProtect is apparently unable to alert the user - the person who was attempting to store the file on the Filer. Vscan on the Filer initiates the scan of the file, handing it off to the ServerProtect server for scanning, apparently without user information. From the user's perspective, they copy or move a file to the Filer and the file completely disappears with no explanation.

The Filer's Vscan does give ServerProtect the originating computer's name. However, using something like "net send <computer name>" is not an option for us as the Messaging service is disabled on our user's Windows workstations. Additionally our users work from a variety of OSes, making an e-mail based solution most desirable.

If you've faced this situation, we'd like to know what you've successfully setup to alert users.

Thank you for your ideas -