CIFS/SMB 2.x have security holes
Are you using SMB 3.x in your storage environment? If not, your data could be stolen using a simple man in the middle attach on the network and this can happen even if you are printing a document using the SMB2.0 protocol.
With the unveiling of SMB 3.0 a couple of years ago Microsoft introduced end-to-end encryption support of the SMB data, protecting it from any eavesdroppers on the network.
- Full SMB 3.0 compliance currently
- SMB 3.1.1 compliance by May 2016
- User Authentication
- Domain Authentication
- Message Signing
- Message Encryption
- Can be configured on a per-share basis,
- Can be configured for the entire file server,
- Can be enabled for transferring data over untrusted networks.
- No additional software for security as it is natively built into the MoSMB SMB stack
- Use of AES-128-CCM algorithm ensuring superior performance because of CPU AES acceleration.
SMB 3.1.1 compliance by May 2016 (including AES-128-GCM algorithm) ensuring advanced security and higher IOPS and throughput.
You too can test drive the evaluation version of MoSMB with the security features on Ryussi Cloud without any hassles of setting it up for various use cases.