What are the considerations when enabling SMB3 encryption on a CIFS server?
Applies to
- ONTAP 9
- SMB/CIFS
- SMB3 Encryption
Answer
- Before enabling SMB3 encryption at CIFS server level :
- SMB encryption must be supported and enabled on the SMB client
- Windows clients beginning with Windows Server 2012 and Windows 8 support SMB encryption
- After enabling SMB3 encryption at CIFS server level :
- Encryption will not be in effect unless terminating the CIFS session and reconnecting
- The existing sessions remains unencrypted
- Any new session will be encrypted
- SMB clients that do not support encryption, cannot connect to the SMB server where encryption is enabled
- Any SMB2 client would not be able to access to the share that requires encryption on this vserver