ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

SMB3 encrypt traffic

ECEDERGREN
‎2016-06-01 01:21 PM
4,320 Views

Looking for some information on SMB3. If I use it to encrypt data in motion is it an all or nothing? Can it be setup so clients that support SMB3 will access it encrypted and clients that only support SMB2 can also access data on the shares unencrypted?

0 Kudos
View By:
Tags (2)
1 REPLY 1

Jeff_Yao
NetApp
‎2016-06-21 02:38 AM
4,147 Views

The smb3 encryption feature can be enabled two different ways - at the SVM level or share level.  If applied at the SVM level it will require that all clients accessing SMB shares on the CIFS server be capable of negotiating encryption.  This is a global setting that effectively requires its use.  The second method by which it can be enabled is on a per share basis.  If you have a mixed environment that contains clients who do and do not support SMB Encryption, this provides the most flexibility to using SMB encryption.  This approach of both per SVM or per share is how Microsoft implemented the feature when the released SMB3.

 

ms blog about encryption in smb3:

https://blogs.msdn.microsoft.com/openspecification/2012/06/08/encryption-in-smb3/

 

 

0 Kudos
Announcements
All Community Forums
Public