Policy Pages Reference : Optimization Policy Settings : CIFS (SMB1)
  
CIFS (SMB1)
You can display and modify CIFS optimization feature settings for the selected optimization policy in the CIFS page.
CIFS (SMB1) optimization performs latency and SDR optimizations on SMB1 traffic. Without this feature, SCCs perform only SDR optimization without improving CIFS latency.
For detailed information about CIFS(SMB1), see the SteelHead Management Console User’s Guide for SteelHead CX.
Important: You must restart the client appliance optimization service after enabling SMB1 latency optimization.
Settings
Complete the configuration as described in this table.
Control
Description
Enable Latency Optimization
Enables SMB1 optimized connections for file opens and reads. Latency optimization is the fundamental component of the CIFS module and is required for base optimized connections for file opens and reads. Although latency optimization incorporates several hundred individual optimized connection types, the most frequent type of file opens is where exclusive opportunistic locks have been granted, and read-ahead operations are initiated on the file data. RiOS optimizes the bandwidth used to transfer the read-ahead data from the server side to the client side.
This is the default setting.
Only clear this check box if you want to disable latency optimization. Typically, you disable latency optimization to troubleshoot problems with the system.
Note: Latency optimization must be enabled (or disabled) on both SteelHeads. You must restart the optimization service on the client-side SteelHead after enabling latency optimization.
Disable Write Optimization
Prevents write optimization. If you disable write optimization, the SteelHead still provides optimization for CIFS reads and for other protocols, but you might experience a slight decrease in overall optimization.
Select this control only if you have applications that assume and require write-through in the network.
Most applications operate safely with write optimization because CIFS allows you to explicitly specify write-through on each write operation. However, if you have an application that does not support explicit write-through operations, you must disable it in the SteelHead.
If you do not disable write-through, the SteelHead acknowledges writes before they are fully committed to disk, to speed up the write operation. The SteelHead does not acknowledge the file close until the file is safely written.
Optimize Connections with Security Signatures (that do not require signing)
Prevents Windows SMB signing. This is the default setting.
This feature automatically stops Windows SMB signing. SMB signing prevents the SteelHead from applying full optimization on CIFS connections and significantly reduces the performance gain from a SteelHead deployment. Because many enterprises already take additional security precautions (such as firewalls, internal-only reachable servers, and so on), SMB signing adds little additional security, at a significant performance cost (even without SteelHeads).
Before you enable this control, consider these factors:
•  If the client-side machine has Required signing, enabling this feature prevents the client from connecting to the server.
•  If the server-side machine has Required signing, the client and the server connect but you cannot perform full latency optimization with the SteelHead. Domain Controllers default to Required.
Note: If your deployment requires SMB signing, you can optimize signed CIFS messages using the Enable SMB Signing feature.
For details about SMB signing and the performance cost associated with it, see the SteelHead Deployment Guide - Protocols.
Enable Dynamic Write Throttling
Enables the CIFS dynamic throttling mechanism that replaces the current static buffer scheme. When there is congestion on the server side of the optimized connection, dynamic write throttling provides feedback to the client side, allowing the write buffers to be used more dynamically to smooth out any traffic bursts. Riverbed recommends that you enable dynamic write throttling because it prevents clients from buffering too much file-write data.
This is the default setting.
If you enable CIFS dynamic throttling, it is activated only when there are suboptimal conditions on the server-side causing a backlog of write messages; it does not have a negative effect under normal network conditions.
Enable Applock Optimization
Enables CIFS latency optimizations to improve read and write performance for Microsoft Word (.doc) and Excel (.xls) documents when multiple users have the file open. This setting is enabled by default in 6.0 and later.
This feature enhances the Enable Overlapping Open Optimization feature by identifying and obtaining locks on read write access at the application level. The overlapping open optimization feature handles locks at the file level.
Enable the applock optimization feature on the client-side SteelHead.
Enable Print Optimization
Improves centralized print traffic performance. For example, when the print server is located in the data center and the printer is located in the branch office, enabling this option speeds the transfer of a print job spooled across the WAN to the server and back again to the printer. By default, this setting is disabled.
Enable this control on the client-side SteelHead. Enabling this control requires an optimization service restart.
This option supports Windows XP (client), Vista (client), Windows 2003 (server), and Windows 2008 (server).
Both the client-side and server-side SteelHead must be running RiOS 6.0 or later.
Note: This feature does not improve optimization for a Windows Vista client printing over a Windows 2008 server, because this client and server pair uses a different print protocol.
Overlapping Open Optimization (Advanced)
You can configure the client-side SteelHead with overlapping open optimization.
Complete the configuration as described in this table.
Control
Description
Enable Overlapping Open Optimization
Enables overlapping opens to obtain better performance with applications that perform multiple opens on the same file (for example, CAD applications). By default, this setting is disabled.
Note: Enable this setting on the client-side SteelHead.
With overlapping opens enabled the SteelHead optimizes data where exclusive access is available (in other words, when locks are granted). When an oplock is not available, the SteelHead does not perform application-level latency optimizations but still performs SDR and compression on the data as well as TCP optimizations.
Note: If a remote user opens a file that is optimized using the overlapping opens feature and a second user opens the same file, they might receive an error if the file fails to go through a 3.x.x or later SteelHead or if it does not go through a SteelHead (for example, certain applications that are sent over the LAN). If this occurs, disable overlapping opens for those applications.
Use the radio buttons to set either an include list or exclude list of file types subject to overlapping opens optimization.
Optimize only the following extensions
Specify a list of extensions you want to include in overlapping open optimization.
Optimize all except the following extensions
Specify a list of extensions you do not want to include. For example, specify any file extensions that Enable Applock Optimization is being used for.
SMB Settings
Complete the configuration as described in this table.
Control
Description
Enable SMB Signing
Enables CIFS traffic optimization by providing bandwidth optimizations (SDR and LZ), TCP optimizations, and CIFS latency optimizations, even when the CIFS messages are signed. By default, this control is disabled. You must enable this control on the server-side SteelHead.
Note: If you enable this control without first joining a Windows domain, a message tells you that the SteelHead must join a domain before it can support SMB signing.
NTLM Transparent Mode
Provides SMB1 signing with transparent authentication. The server-side SteelHead uses NTLM to authenticate users. Select transparent mode with Vista for the simplest configuration. You can also use transparent mode with Windows 7, provided that you join the server-side SteelHead as an Active Directory integration.
NTLM Delegation Mode
Re-signs SMB signed packets using the Kerberos delegation facility. This setting is enabled by default when you enable SMB signing. Delegation mode is required for Windows 7, but works with all clients (unless the client has NTLM disabled).
Delegation mode requires additional configuration. Choose Optimization > Active Directory: Service Accounts or click the link provided in the CIFS Optimization page.
Enable Kerberos Authentication Support
Provides SMB signing with end-to-end authentication using Kerberos. The server-side SteelHead uses Kerberos to authenticate users.
In addition to enabling this feature, you must also join the server-side SteelHead to a Windows domain and add replication users on the Optimization > Active Directory: Auto Config page.
The server-side SteelHead must be running RiOS 7.0.x or later. The client-side SteelHead must be running RiOS 5.5 or later.
No configuration is needed on the client-side SteelHead.
If you want to use password replication policy (PRP) with replication users, Kerberos authentication requires additional replication user configuration on the Windows 2008 Domain Controller.
Apply
Applies your settings.