What Is SMB (Server Message Block)? Meaning, Working, and Features

Server message block or SMB is a communication protocol designed to provide shared access to data, files, devices, and other assets running on an interconnected network. This article explains the functioning of SMB, its key features, and applications. 

What Is SMB? 

Server message block or SMB is a communication protocol designed to provide shared access to data, files, devices, and other assets on an interconnected network.

Server message block (SMB) is a client/server communication protocol that provides shared access to files, whole directories, and network resources such as printers across a network. It is also used to carry transaction protocols for authenticated interprocess communication.

Since the development of SMB by Barry Feigenbaum in 1983, it has undergone several adjustments over various versions or dialects to improve the original implementation. These improvements have enabled it to deliver greater scalability, security, and efficiency. The following are seven unique dialects of the SMB protocol:

• Server message block 1.0 (1984): IBM introduced SMB 1.0 as the initial dialect for file sharing on disk-based operating systems (DOS). This dialect used adaptive locking like a client-side caching method, to reduce network traffic. Afterward, Microsoft included this protocol dialect in its local area network (LAN) manager product.
• CIFS (1996): The standard internet file system (CIFS) is an SMB dialect developed by Microsoft and released in Windows 95. This dialect of the SMB protocol has enhanced support for bigger file sizes, direct transfer over TCP/IP, direct links, and symbolic links. 
• SMB 2.0 (2006): SMB 2.0 was launched with the Windows Vista and Windows Server 2008 operating systems. It included decreased chattiness to increase speed, enhanced resilience and scalability, and WAN acceleration support.
• SMB 2.1 (2010): SMB 2.1 dialect was introduced with the introduction of Windows Server 2008 R2 and Windows 7. A client OpLock leasing model feature that supplanted the OpLock feature to increase caching and performance was added to this dialect. In addition, it offered assistance for larger high transmission modules and enhanced energy efficiency. 
• SMB 3.0 (2012): SMB 3.0 was introduced with Windows 8 and Windows Server 2012. This dialect had several additional upgraded features that led to improved performance, security, management, backup, and availability of the SMB protocol. These features include SMB direct, SMB multichannel, SMB encryption, remote volume shadow copy service support, and transparent failover of client access.
• SMB 3.02 (2014): In Windows 8.1 as well as Windows Server 2012 R2, an SMB 3.02 dialect was launched. This dialect included speed enhancements and the capacity to deactivate CIFS/SMB. 1.0 compatibility, including the removal of associated binaries.
• SMB 3.1.1 (2015): Windows 10 and Windows Server 2016 debuted the SMB 3.1.1 dialect. This dialect has enhanced capabilities, including supporting sophisticated encrypting and pre-authentication integrity to avoid man-in-the-middle (MitM) threats and cluster dialect fencing. 

See More: Why the Future of Database Management Lies In Open Source

Hardware requirements to run SMB

The following are the hardware requirements for SMB transparent failover:

• For SMB scale-out, one must build file sharing on CSV volume paths.
• Failover clusters with a minimum of two configured Windows Server 2012 nodes that have passed the validation tests.
• File shares must be built using the continuous availability (CA) attribute by default.
• On the customer’s computers that run Windows 8 and Windows Server 2012, an upgraded SMB client that provides continuous uptime and access must be installed.

 The following are the hardware requirements for SMB Direct:

• Minimum requirement of two Windows Server 2012-powered machines. As SMB technology is enabled by default, no additional features are required to be loaded.
• Network adapters with RDMA capability are needed. These adapters come in three distinct varieties: iWARP, Infiniband, and RoCE (RDMA over Converged Ethernet).
• For SMB multichannel, a minimum of two PCs running Windows Server 2012 is needed. SMB technology is enabled by default. Thus no additional features must be loaded.

See More: What Is Enterprise Data Management (EDM)? Definition, Importance, and Best Practices

Why do you need server message block (SMB)?

SMB enables users to share and access files remotely, thus enhancing productivity in an organization. This enables different teams in the organization to collaborate easily on different projects.

Further, it enables administrators to enable printer sharing in their organization. This feature allows multiple computers and devices on the same network to access one or more printers. Printer sharing streamlines operations in the organization as employees can print documents easily without manually setting up each computer for the printer.

SMB also enables network browsing, which uses the simple network protocol (SNMP) to browse a network for connected devices. Network browsing lets users see Windows and Samba servers in the Windows network neighborhood. Icons in the network neighborhood are modeled after servers. If opened, the shares and accessible printers on the servers are displayed.

Additionally, the SMB protocol enables inter-process communication (IPC) through named pipes or mailslot names over a computer network. IPC allows developers to create a distributed client-server application where the server component can run on any IPC-enabled system.

How Does SMB Work?

The SMB protocol allows network clients to connect with other users and get access to their data and functions. The SMB protocol is a response-request protocol; for it to work, the other system must also have services. The SMB protocol is just a response-request protocol. Also, for it to function, the other system must have likewise developed a network protocol and utilized an SMB server program to accept and execute client requests. Additionally, both parties must first establish a communication channel by exchanging corresponding messages.

Currently, SMB employs transmission control protocol/internet protocol (TCP/IP) and port 445, which needs a three-way handshake before client-server communication. The TCP protocol governs data transport.

Understanding the security aspects of SMB

In 2017, the National Security Agency (NSA) discovered a vulnerability known as EternalBlue in SMB 1.0. This exploit allowed an attacker to execute their code without the user noticing, in addition to allowing the attacker to gain access to all devices connected to the same network as the compromised device. The Shadow Brokers allegedly stole this information and leaked it online. While Microsoft released an update patch to patch the vulnerability, it was not enough. A month later, over 200,000 Windows devices across 150 countries were affected by the Petya and WannaCry ransomware attacks. Experts currently recommend that users disable SMB 1.0.

Similarly, in 2020, two more vulnerabilities of SMB, namely SMBGhost and SMBleed, were revealed. These two vulnerabilities, in combination, could provide hackers with remote code execution privileges to run any command on a target device over a network. These attacks led to losses of several million dollars.

For now, the SMB protocol is secure, but vulnerabilities could arise any day. SMB 3.0 and later dialects introduced several protections, making them more secure. For instance, they have end-to-end data encryption that protects data from eavesdropping attacks. SMB 3.0 also offers secure dialect negotiation, which protects against man-in-the-middle attacks.

SMB 3.1.1 further improved security by adding pre-authentication integrity to enhance its encryption capabilities. It also includes a mechanism for negotiating the crypto algorithm for each connection. Users and administrators should take the following procedures to reduce any security risks in SMBs. 

• When possible, they should use an up-to-date version of SMB (SMB 3.1.1) as it has more security measures than its previous dialects.
• They should restrict SMB access to only trustworthy networks and clients.
• If they do not need it, they should disable the SMB connection on their Windows device to decrease the total attack surface and provide minimal fingerprinting information to attackers.Since October 2017, SMB is not turned on as a default setting in Windows 10.
• They should consider installing a third-party security network.
• They should also consider changing the default administrator passcode and using longer and more complex passphrases to discourage attacks.

See More: What Is Data Security? Definition, Planning, Policy, and Best Practices

5 Applications of SMB

In addition to the usage of SMB programs in different Windows versions, it may be incorporated into a variety of software projects, including: 

• Samba: Andrew Tridgell began developing Samba in 1991 as a renowned open-source recompilation based on the SMB protocol on Unix computers and Linux distributions. Windows Samba enables non-Windows operating systems like Unix and Linux to interact with Windows. The Samba server allows file and printer sharing, authentication and authorization, and browsing across Unix-like and Windows clients. 

• Netsmb: Netsmb is a group of SMB client and server implementations found in the BSD operating system’s kernel. These implementations were first released for FreeBSD 4.4 but are now available for different BSD systems such as macOS and NetBSD.

• YNQ: YNQ was formerly known as NQ. YNQ has been developed by an Israel-based company known as Visuality Systems. It is an SMB library that implements the SMB client and server in embedded systems without Windows, which allows it to interoperate with Windows devices.

• FreeNAS: FreeNAS is open-source software that allows users to run their own network-attached storage (NAS) server that supports the SMB protocol. FreeBSD and the OpenZFS file system form the foundation of the NAS software.

• ConnectedNAS: ConnectedNAS software serves as an SMB server and client for Android devices. This application allows users to exchange data between a mobile device and an SMB device.

See More: What Is Data Governance? Definition, Importance, and Best Practices

Key Features Of Server Message Block

The following are eight essential features of the server message block:

1. SMB transparent failover

The SMB transparent failover capability enables administrators to perform hardware or software maintenance on the units of a clustered file server while not disrupting other server applications which store information on these file shares. If a software or hardware malfunction occurs on a cluster node, SMB clients reattach to another cluster node while not impacting server programs that store information on such file shares. 

2. SMB scale-out

The SMB scale-out feature enables administrators to utilize cluster sharing volumes (CSV) Version 2 to construct file shares that provide concurrent access to data files across all file server cluster nodes through direct input/output (I/O). This enables server programs to be tuned for improved speed, load balancing of file system users, and more efficient network capacity utilization. 

3. SMB multichannel

The SMB multichannel functionality enables bandwidth aggregation and error tolerance when several routes exist between the SMB server and the client. This allows server programmes to utilize the highest allowable network capacity and be robust against network loss. 

4. SMB direct

The SMB Direct feature enables the use of network adapters with remote direct memory access (RDMA) capabilities and the capacity to function at full speed with extremely low latency and little CPU use. This allows a distant file to seem as though it were stored locally on Hyper-V as well as Microsoft SQL servers.

5. Performance counters for server applications

The performance counters capability lets administrators assess the performance of their data-storing SMB 3.0 file shares. This is achieved as the performance counters provide comprehensive, per-share information about latency, throughput, and input/output per second (IOPS). These counters are intended for application servers that store and retrieve data on remotely located file shares. Examples of these servers are Hyper-V and SQL servers.

6. Performance optimizations

The SMB 3.0 client and server in server applications like structured query language (SQL) server OLTP is optimized for everyday tasks such as tiny random read or write I/O operations. In addition, a large maximum transmission unit (MTU) is enabled by default. This substantially impacts the speed of high-volume transfers, like SQL server data warehousing, backups or restorations, and installing or duplicating virtual hard drives. 

7. SMB encryption

The SMB encryption feature provides end-to-end data encryption and protects it from eavesdropping on unsecured networks. This feature can be enabled when data travels through an unsecured network and can be configured for the entire file server or on a per-share basis. It does not require new deployment costs, specialized hardware, or wide area networks (WAN) accelerators for internet protocol security (IPSec).

8. SMB directory leasing

The SMB directory leasing feature leads to improved application response time in branch offices. This feature enables users to obtain metadata from a directory cache with a longer lifespan, decreasing round-trips from client to server. The clients are alerted anytime the directories and files on the host change, ensuring cache consistency. 

See More: Top 10 Data Governance Tools for 2021

Top Features of SMB in Windows Server 2012 R2

The following are the most important characteristics of SMB 3.0 in Windows Server 2012 R2: 

• Automatic rebalanced scale-out file server clients: Rebalancing scale-out file server users automatically enhances the scalability and management of scale-out file servers. In addition, SMB client communications are monitored per file, and users are then directed to the cluster that provides the best accessibility to the volume. As redirection traffic across file server nodes is minimized, efficiency increases. When cluster storage is reconfigured after an initial connection, clients are routed.
• Enhanced performance of SMB Direct: This feature enables increased performance for tiny input and output workloads by increasing efficiency for hosting workloads with modest I/Os in virtual machines, such as online transaction processing databases. Users will see these enhancements using faster network connections, like 40 Gbps Ethernet. 
• Enhanced SMB event messaging: Windows Server 2012 R2’s SMB events are more thorough and offer useful information. This guarantees that users can diagnose problems simply and reduces the need to record network traces or activate additional diagnostic event logging. In this version of Windows, the most important event streams are always enabled by default, allowing users to collect all pertinent data. Additionally, many events provide users with problem remedies and setup information.
• Hyper-V virtual hard disk (VHDX files) shared for guest clustering: Windows Server 2012 R2 facilitates the creation of guest clusters with shared VHDX files and sharing data storage within the virtual servers. This capability applies to VHDX files saved in CSV and SMB scale-out files.
• Hyper- V live migration over SMB: This functionality allows users to migrate virtual machines in real-time using SMB 3.0. Utilizing SMB 3.0 as a transport allows users to use essential SMB technologies, like SMB Direct and SMB Multichannel, enabling high-speed migration with minimal CPU consumption.
• Boosted SMB bandwidth administration: This feature on Windows Server 2012 R2 allows users to modify bandwidth restrictions to regulate various forms of SMB traffic. There are three sorts of SMB traffic: live migrations, virtual servers, and default. 
• Assistance for several SMB instances: This SMB feature enables an additional instance per cluster node for CSV traffic exclusively on scale-out file servers. A default instance may handle incoming traffic via SMB users who access shared file folders, while a separate instance controls CSV communication between nodes. This functionality improves the reliability and scalability of communications between CSV nodes. 
• SMB 1.0 is optional: With Windows Server 2012 R2, the SMB 1.0 functionality, like the legacy computer browser services, is now distinct and may be disabled by the user. Eliminating SMB 1.0 functionality improves user security and reduces stringent patch management requirements.

See More: What Is a Data Catalog? Definition, Examples, and Best Practices

Takeaway 

Even though server message block was one of the first Windows protocols, it is still significant today. Microsoft continues to develop offerings based on SMB due to its considerable capacity advantage. By understanding and optimizing the functionality of SMBs, IT experts can improve network performance in their organization. 

Tell us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you! 

MORE ON DATA MANAGEMENT

• What Is Data Governance? Definition, Importance, and Best Practices
• Why the Future of Database Management Lies In Open Source
• Top 10 Data Governance Tools for 2021
• What Is Enterprise Data Management (EDM)? Definition, Importance, and Best Practices
• What Is a Data Catalog? Definition, Examples, and Best Practices