More secure data transfer with current SMB settings on NAS systems
15.07.2024
Stefan Kaysersberg
Stefan Kaysersberg
In many companies, NAS (Network Attached Storage) systems are essential for backing up large amounts of data. These systems allow files to be stored and accessed over the network, with the SMB (Server Message Block) protocol being widely used. Unfortunately, many still use outdated SMB1 or SMB2 settings, which poses a significant security risk.
Outdated SMB protocols: A security risk
SMB1 and SMB2 are older versions of the SMB protocol that have known security vulnerabilities. In particular, SMB1, which was developed in the early 1990s, is vulnerable to various types of attacks, including ransomware. These vulnerabilities can allow attackers to encrypt data and demand a ransom.
Performance problems with outdated SMB protocols
A recent entry in our Release Notes shows that the use of outdated SMB protocols is not only a security issue, but can also lead to performance problems. A bug in the latest kernel led to increased resource consumption and higher server load on certain installations, up to a complete standstill when backing up large files to SMB-based backup targets that used SMB1 or SMB2. On the other hand, servers using the newer SMB3 were not affected by these problems.
Advantages of SMB3
SMB3, which is used by Collax as standard for the integrated backup, offers significant security and performance improvements:
Security:
SMB3 supports AES-based encryption of data transmission. This protects your data from unauthorized access during transmission in the network.
Performance:
SMB3 allows multiple SMB actions to be combined into a single request, increasing the efficiency and speed of data transfer.
Fault tolerance:
With features such as continuous availability and improved fault tolerance, SMB3 minimizes downtime and increases the reliability of your data access.
Recommendation
Given the known security vulnerabilities and potential performance issues, we strongly advise against using SMB1. Instead, you should check your NAS systems and make sure they are using the newer SMB3 protocol. By switching to SMB3, you will not only benefit from more secure data transfer, but also from improved performance and reliability.
Support
Our support team will be happy to answer any questions you may have.
We look forward to hearing your experiences and feedback. Please feel free to contact us.