SMB Overview

Server Message Block (SMB) is a network file sharing protocol that allows applications and users to access resources on a remote server as if they were on the local machine. SMB uses a client-server architecture where the server hosts shared resources, and the clients access them over the network. SMB is widely used in Windows environments but is also supported by other operating systems through implementations like Samba.

VAST Cluster supports SMB 2.0 and SMB 3.0.

In SMB, "shares" refer to directories, files, or other resources that are made available to clients over the network. Each share is typically identified by a share name and can include both directories and individual files.

In VAST Cluster, shares are implemented as views, a multiprotocol access feature that enables you to provide concurrent access to clients using several storage and file system protocols.

Access control in SMB is handled through user authentication and permissions settings. When a client attempts to connect to an SMB share, they are required to authenticate using a username and password. Once authenticated, access to the share is determined by the permissions for files and directories.

SMB allows using both NTLM (NT LAN Manager) and Kerberos for user authentication. Kerberos is generally preferred due to its stronger security.

Access control permissions for SMB shares are set by configuring the view and by view policies. These permissions can be set at the file and folder level, allowing for granular control over who can read, write, or execute files within the share. Permissions are often managed through Access Control Lists (ACLs), which define what actions specific users or groups can perform on the shared resources.

VAST Cluster supports SMB signing, which ensures the integrity of the data being transmitted by adding a digital signature to each packet, protecting against man-in-the-middle attacks.

For more information about access control and security features supported by VAST Cluster, see: