protocol cifs secure-sig-opt enable
Enables Security Signature negotiations between the Windows client and the server.
Syntax
[no] protocol cifs secure-sig-opt enable
Parameters
None
Usage
The Secure-CIFS feature automatically stops Windows SMB signing. SMB signing prevents the appliance from applying full optimization on CIFS connections and significantly reduces the performance gain from a SteelHead deployment. Because many enterprises already take additional security precautions (such as firewalls, internal-only reachable servers, and so on), SMB signing adds little additional security, at a significant performance cost (even without SteelHeads).
Before you enable Secure-CIFS, you must consider the following factors:
• If the client-side machine has Required signing, enabling Secure-CIFS prevents the client from connecting to the server.
• If the server-side machine has Required signing, the client and the server connect but you cannot perform full latency optimization with the SteelHead. domain controllers default to Required.
If your deployment requires SMB signing, see the SteelHead Management Console User’s Guide for detailed procedures, including procedures for Windows.
The no command option enables Security Signature negotiations.
Example
amnesiac (config) # protocol cifs secure-sig-opt enable
Product
SteelHead CX, SteelHead EX, SteelHead-v, SteelHead-c
Related Commands