跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

为什么在 SVM 上同时启用加密和 SMB 签名时、 CIFS 会话没有签名?

Views:
23
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

适用于

  • ONTAP 9
  • CIFS
  • SMB 签名
  • SMB 加密

解答

  • 如果 CIFS 会话同时标记为签名和加密,则 SMB 加密将取代 SMB 签名
  • 因此,在启用共享级别或服务器级别加密的情况下、 CIFS 会话中的 "is - session-signed" 不应返回 true

示例:

Cluster01::> cifs security show -vserver SVM1 -fields is-signing-required,is-smb-encryption-required
vserver     is-signing-required is-smb-encryption-required
----------- ------------------- --------------------------
SVM1        true                true

Cluster01::> cifs session show -vserver SVM1 -fields is-session-signed,smb-encryption-status
node         vserver    session-id          connection-id is-session-signed smb-encryption-status
------------ ---------- ------------------- ------------- ----------------- ---------------------
Cluster01-02 SVM1       5783747821497729909 952531972     false             encrypted
Cluster01-02 SVM1       5783747821497731202 952532894     false             encrypted
Cluster01-02 SVM1       5783747821497731343 952532985     false             encrypted
3 entries were displayed.

其他信息

有关详细信息,请参见 Microsoft 文档 SMB 安全增强。

 

Scan to view the article on your device