Links

EFS Volumes

The EFS Protection page will show you any EFS volumes that are associated with the account that you have deployed our solution in. Here you'll be able to create Antivirus scanning and Data classification schedules for EFS Volumes.
Currently you can only scan EFS volumes in the account that you deployed our solution in. If you have EFS volumes in other accounts you'll need to deploy a separate deployment in those accounts to scan those volumes.
EFS Protection

Creating an EFS volume scan or classification schedule

You can create a schedule within the Schedules page, or you can create a schedule for EFS volumes directly from the EFS Volumes page.
  1. 1.
    Select the EFS volumes you want to protect through a schedule
  2. 2.
    Click actions and select either Create AV Schedule or Create DC Schedule
  3. 3.
    You can select any additional EFS volumes and add EBS volumes or S3 buckets to the schedule through the schedule popup
  4. 4.
    Once you have all of the resources you want to add to a schedule selected, click on the Create Schedule tab
  5. 5.
    Name your schedule, add the scan period and make any additional changes you need
  6. 6.
    Click Save once you're done
Create an EFS Schedule
After your schedule is created you'll want to go to the Schedules page and activate the schedule.
Activate your EFS Schedule
When activating the schedule you will be asked to select the VPC and Subnets where the EFS Volume being scanned resides. This step is critical, as we must place an agent within the same VPC as the Volume to run a scan of the Volume. If the selected VPC for the agent differs from the EFS Volume VPC, the two VPCs must be peered for our scan to execute.
Also note that the chosen VPC and Subnets must allow outbound internet traffic, and mount targets for the EFS Volume(s) must exist in the selected subnets' availability zones.
We have a known issue that you may experience if you attempt to setup an EFS schedule for two volumes in the same region, when the volumes are in different VPCs. The scanner will only scan one of those volumes.
We will fix this in an upcoming release. Please Contact Us if you have any questions or issues related to this.
Now your schedule will run per the scan period that you originally configured. If you need to add or remove volumes, or make any other configuration changes you can always edit the schedule on the Schedules page.