What You Need to Know About Server Message Block

Server Message Block (SMB) is a protocol used to share hardware and software between computers. With SMB, a client device sends requests to a server that provides responses. The server allows multiple computers and devices (the clients) to share networked resources stored on the server, such as printers and filing systems. SMB is primarily used for Windows systems and is currently updated to support Windows 10. Linux systems can also interface with SMB protocol using a secondary system called Samba.

History of SMB

IBM published the earliest recorded use of the SMB protocol in May 1985. A document detailing Microsoft’s file-sharing protocol was published in 1987.

How SMB Works

With SMB protocol, the client devices use Transmission Control Protocol/Internet Protocol (TCP/IP) to connect to the network server. TCP/IP is a programming language that facilitates network connections by breaking down messages into smaller segments of information called packets, then sending this information to another computer using a unique IP address.

After the connection is established, the client computers send commands to the server to access files, print documents, share work on the network and perform other functions.

Different versions of the SMB protocol are known as dialects. For example, most operating systems and networks use a dialect called Common Internet File System (CIFS). The terms CIFS and SMB are now often used interchangeably.

Terms to Know

A full understanding of SMB requires knowledge of specific technological terms. Here are some of the most common SMB protocol-related words used in the tech industry.

  • The American Standard Code for Information Interchange (ASCII) is an 8-bit code used by computers to represent letters in the English alphabet. Another character encoding system, UNICODE, can be used to represent most world languages.
  • Authentication is the process one computer or server uses to recognize another.
  • A broadcast occurs when one client sends a request to all network clients and servers at the same time.
  • A dialog is the communication between the server and the client. A single request and response within a dialog are known as an exchange.
  • Discretionary access control list (DACL) specifies the users that can access a particular resource. This is an important tool for network security.
  • Encryption is the technology used to send messages securely using SMB protocol so they can not be decoded by anyone without access.
  • A file is a collection of data on the SMB server, designated by a unique directory name and described by specific properties. Clients can send a request to the server to access, modify, save or delete the file.
  • IPv6 is the latest version of IP, offering expanded privacy and authentication support, as well as increased routing utility.
  • A named pipe is a conduit for sending data between the client and the server. Pipes in byte mode provide an ongoing stream of data, while pipes in message mode separate data transmissions into individual messages. When a client requests a pipe to open this is called a pipe instance.
  • An object store allows a remote client to access a resource on the local server.
  • Opportunistic lock, commonly known as oplock, is a system through which clients can optimize the file transmission process. With exclusive oplock, the client can restrict others’ access to the file. With batch oplock, a resource can remain open on the server even after it has been closed on the client device. Level II oplock means several clients are accessing a file, but none are modifying it.
  • A path is a series of folders through which a client can access a specific file.
  • Security context is the data the server uses to authenticate client access.
  • A session is an ongoing association between a server and a client. A session key is the authentication data entered to open a session.
  • A share is any resource available for access on a server. When a server accesses that file, it’s known as a share connect.
  • An SMB command is a set of messages with a unique command code used to conduct a specific function. A message is a single data unit consisting of a header, data and parameters.
  • An SMB connection is the link between a client and a server that allows messages to be sent.
  • Switches are used to connect devices to create a network, while the router links these smaller networks into one.
  • A unique identifier, or UID, is a sequence number that tracks a specific resource even as it is changed or renamed.

SMB Networking for Small Businesses

Most businesses with more than two employees can benefit from installing a server network. If you plan to create a computer network for your small business and use Windows machines, your network will rely on SMB protocol. Setting up a small business network is relatively simple with some basic computer know-how, but it’s important to create security provisions to protect your company’s sensitive information. Before moving forward, think about the number of devices that will have access to your network, the type of data and files you will need to save and share, the applications and programs you’ll use frequently and whether employees will need to access the network remotely from off-site locations. Here are the steps to take in building your network, as recommended by PC Magazine:

  1. Select a Network Router

The router is the component that connects your local area network (LAN) with the public internet. Although wired routers are still available, most modern routers provide wireless connection to your other system components. All computers and devices on your LAN can connect to the internet via the router. Most routers double as the server for your LAN and provide each device with its unique IP address, a number used for identification that allows the devices to send and receive messages to other network devices and the server. Choosing a router with built-in firewalls protects your network from unauthorized access. You should also shield the router’s wireless connection using a WPA or WPA2 security system and choose a unique administrator password that only you can access. Because routers can be complicated to set up properly, you might want to engage an information technology professional to assist.

  1. Consider Wiring Your Network

Even if you choose a wireless router, it’s best to wire your LAN using Ethernet cables to provide faster data transfers and command response rates, particularly if you send or stream multimedia files often. Determine whether your devices support Fast Ethernet, which uses Cat5 cables, or Gigabit Ethernet, which uses Cat5e cables. While faster options are available, these Ethernet versions are sufficient for most small business uses and are less expensive than upgraded versions.

  1. Outfit Devices With Client Adaptors and Other Peripherals

Each client device must have an adaptor that allows it to connect to the wireless router. Most laptops and computers have both Ethernet ports and integrated wireless capabilities, and smartphones and tablets have wireless, as well. If your devices don’t have these built-in capabilities, you can purchase adaptors separately. Most routers come with four Ethernet ports, so you can also purchase a switch to expand the number of wired devices you can connect. A hub can also provide more connections but doesn’t have the administrative capabilities of the router switch.

  1. Set up the File Sharing System

Once your devices are connected, you can set up the SMB protocol directly in Windows. The operating system allows you to automatically create and administer a small network using the homegroup feature, available in the Control Panel under Network and Internet. Once the homegroup is created, any file, printer or resource on a connected device can be shared by right-clicking on the icon for the object in question and selecting the Sharing option under Properties.

For a larger client-server network than the homegroup feature can support, you’ll need to establish a separate Windows server to manage the SMB protocol. Choose a system that’s easy to set up and offers seamless networking functions; one popular option for small businesses is NAS, or network-attached storage, which can function as a server and requires you only to configure your necessary services and settings. This provides a manageable learning curve for business owners who are new to networking. In addition, NAS can double as an email server, web server and FTP (file transfer protocol) system. However, this type of system only lets you control access and permissions for items stored locally on NAS, while a traditional service allows you this control for the entire network.

Although rack-mount servers are more expensive, their durability makes them a good investment for small businesses. Tower servers are designed to be stacked with other peripherals, but this often creates a mess and the potential for hazards such as trips and spills. For best results, place servers in a separate, secure room to reduce noise and prevent tampering. If that’s not possible, choose a server with integrated sound-dampening properties. You’ll need a separate air conditioner to cool the server (one that’s not tied to the building’s central HVAC system).

  1. Establish Protection for Your Network

Power surge protection keeps your devices safe in the event of a lightning storm or other extreme weather conditions that affect your electricity. Establishing this type of protection along with battery backup should keep you from losing data. Schedule regular automatic data backups, and check the backed-up data periodically to make sure it isn’t corrupted. Most servers integrate these services; if you have a peer-to-peer network, consider cloud-based backup.

With these five basic steps as the foundation, you can augment a starter network to suit the needs of your small business. As your business grows and if it expands to additional locations, you can connect several local area networks in different locations to create a wide area network without reinventing your entire system.

In addition to network security, many small business networks offer productivity features such as internal messaging software, business intranets and content filtering.

Security Concerns

In January 2017, Microsoft issued a security advisory for its Windows SMB protocol. Businesses and organizations using SMB version 1 were advised to disable and block all versions of the protocol to avoid infiltration by the Shadow Brokers hacking network. This group exposed a zero-day vulnerability, which is a software or hardware flaw that allows unauthorized access and is unknown to the administrator. Networks should also upgrade to SMB version 3.0, which includes enhanced security features and updated patches. Businesses running Windows 7 are at increased security risk and should consider upgrading to the advanced security available with Windows 10.

Score, a resource network for small businesses supported by the U.S. Small Business Association, recommends the following networking best practices for small businesses to enhance data and system security:

  • Change the default administrator password to something long and complex, with a combination of capital and lowercase numbers, letters and special characters.
  • Make sure the firewall and wireless encryption are engaged at all times.
  • Use a virtual private network, or VPN, if remote access is required.
  • Develop a password protocol for all network users, and require them to change passwords at regular intervals.
  • Create a separate guest network if you plan to provide visitor access. This password should also be changed frequently.
  • Consider installing third-party security software.
  • Keep the router in a secure location to prevent intruders from physically resetting the router to gain access.

Information technology initiatives can provide incredible benefits for your small business, but they can also be costly. If you need capital funds for your SMB network, consider applying for a flexible line of credit with an online small business lender. With access to working capital, you could hire an IT consultant for your small business, purchase SMB hardware and software and fund other technological and operational needs that will support healthy growth.

Want to dig deeper?