Original network protocols are starting to age out of usefulness. HTTP is being replaced by HTTPS, people are trying to replace DNS with DNSSEC, and TLS just got its first update in 8 years. Now it’s time to update SMB. Introducing SmarTransfer.
Eitan Bremler, Co-Founder and VP Technology of Safe-T, a leading security provider of software-defined access solutions for the hybrid cloud from Israel is discussing the question
"Why Would You Want to Replace SMB?"
He is discussing some of the drawbacks of SMB1: This is an old version of the SMB protocol with roots in the 1980s. While it’s still active on many computers, it’s generally only needed to communicate with Windows XP and Server 2003 operating systems – and if you’re going your job right, that equipment has already been uprooted from your environment. In most cases, you can disable SMB1 on throughout your network without encountering many issues.
SMB 2 and SMB 3 are a different story. They’re modern, full-featured secure file transfer protocols with strong encryption and robust failover. The major issue is that using these protocols, along with a similar protocol known as NetBios, requires administrators to open ports 339 and 445. Keeping ports open is bad practice for a secure network but closing these ports or disabling SMB causes a host of other issues.
Most notably, a vulnerability in the SMB protocol led to 2017’s mass ransomware attack known as Wannacry, which caused a total of $4 billion in damage. Frustratingly, even after the this vulnerability was widely disclosed, there are approximately 5.5 million devices that are still exposed to the internet in this manner.
Augmenting SMB with SmarTransfer
At its heart, Safe-T developed a new file access solution called SmarTranser (SMTR for short), which lets administrators close ports 339 and 445, and disable SMB from user segments, and replicate their functionality using the secure HTTPS protocol.
To the end user, nothing about their usual workflow changes. Accessing webmail, printing a document, or accessing a file on remote server will all look the same. Behind the scenes, however, an entirely different workflow will take place – one that administrators will ultimately find easier and more secure.
For example, SMTR comes with a smart access permissions console that lets administrators easily control how users use the files they can access. They can delineate who can read which files, who has read and write permissions, and who can create and delete files. With its simple UI, SMTR even lets administrators provide auditable access permissions to customers and vendors outside the network. This ensures secure and controlled access to any file types and content.
In addition, SMTR encrypts files at rest, making it difficult for unauthorized users to read or copy their contents. The product can also prevent unauthorized users from moving or deleting the file, or from uploading potentially compromised/malicious files.
SMTR is an Updated File Transfer Protocol for an Age that Requires Security
Protocols like SMB and NetBios have inescapable origins in an earlier era of information technology. They were created in an age where leaving open ports on your network was acceptable. Nowadays, leaving any open port on your network – even the ubiquitous port 80 – is an invitation to disaster.
When used in combination with other Safe-T technologies, SMTR makes it possible to do business on the internet without opening any ports to the outside world – and without significantly changing your normal workflows or impacting your end users. For more information on this technology, and how to start using it today, contact Safe-T for a free trial.
Safe-T® (www.safe-t.com), a wholly owned subsidiary of Safe-T Group Ltd. (Nasdaq, TASE: SFET), is a provider of software-defined access solutions to reduce attacks on mission-critical services and sensitive corporate data. Safe-T solves the data access challenge. Its patented, multi-layer software-defined access solution masks data at the network perimeter, keeping information assets safe and limiting access only to authorized and intended entities, on premises or in the cloud. Safe-T enhances productivity, efficiency, security, and compliance by protecting enterprises from data exfiltration, leakage, malware, ransomware, and fraud. Companies and governments around the world trust Safe-T to secure their data, services, and networks from internal and external data threats. Safe-T operates in North America, APAC, Africa, Europe, and Israel.
For more information, visit www.safe-t.com.