• 7 July 2021
  • 0 replies

Userlevel 2
Badge +4
  • Nutanix Employee
  • 69 replies

Files supports AOS software encryption and in-flight message encryption for SMB3 shares.

You can only apply AOS software encryption to files by activating it through Prism. Refer to the file release Notes to ensure that you are running a compatible version of AOS.


SMB3 Message Encryption:


After enabling message encryption, the file encrypts messages on the file server side and decrypts them on the client side (only on the new connections for the share). Clients that do not support encryption (Linux, Mac, windows 7) cannot access a share with encryption enabled.




Active Directory with Kerberos provides secure authentication. File supports the following Kerberos encryption types.

  • Advanced Encryption Standard 128 with the Keyed-Hash Message Authentication code and Cryptographic Hash Function SHA1 

  • Advanced Encryption Standard 256 with the Keyed-Hash Message Authentication 

  • Message Authentication code and Cryptographic Hash function SHA1 (AES-256-HMAC-SHA1)

  • Rivet cipher 4 with the keyed-Hash Message Authentication code (RC4-HMAC).

  • Data Encryption Standard with Cyclic Redundancy check (DES-CRC).

  • Data encryption Standard with the cipher Block Chaining and a Message Digest Cryptographic Hash function (DES-CC-MD5)

The default Encryption type varies

For more info, please refer to Encryption-Files

This topic has been closed for comments