About SMB3 encryption
If the SMB server and client negotiate SMB3 and the server is configured for encryption, you can configure share-level encryption. Share-level encryption marks a specific share on the server as encrypted so that if a client opens a connection to the server and tries to access the share, RiOS encrypts the data that goes to that share. RiOS does not encrypt the data that goes to other shares on the same server.
Enabling SMB3 also enables support for the SMB3.02 dialect.
Encrypting SMB3
1. Choose Optimization > Active Directory: Domain Join on the server-side SteelHead and join the domain.
2. Choose Optimization > Protocols: SMB2/3 and enable SMB3 optimization on the client-side appliance and server-side SteelHead.
3. Enable SMB3 signing.
4. Restart the optimization service.
An SMB3 encrypted connection shows as SMB3-ENC on the Current Connections report. When some shares are marked for encryption and others are not, if a connection accesses both encrypted and nonencrypted shares, the Current Connections report also shows the connection as SMB3-ENC.