Community maintenance is complete. Thank you for your patience!

ONTAP Discussions

SMB3 encrypt traffic


Looking for some information on SMB3. If I use it to encrypt data in motion is it an all or nothing? Can it be setup so clients that support SMB3 will access it encrypted and clients that only support SMB2 can also access data on the shares unencrypted?



The smb3 encryption feature can be enabled two different ways - at the SVM level or share level.  If applied at the SVM level it will require that all clients accessing SMB shares on the CIFS server be capable of negotiating encryption.  This is a global setting that effectively requires its use.  The second method by which it can be enabled is on a per share basis.  If you have a mixed environment that contains clients who do and do not support SMB Encryption, this provides the most flexibility to using SMB encryption.  This approach of both per SVM or per share is how Microsoft implemented the feature when the released SMB3.


ms blog about encryption in smb3:



NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner