If SMB Barring is disabled globally, the entire HNAS can get blocked by the DCs if there are too many incorrect login attempts from a single user. This new feature allows the HNAS to block incorrect NTLM requests and not pass them on to the DC(s) for authentication if there are too many failed login attempts and allows all other SMB clients to continue access to the HNAS if they have valid login credentials.
Objective
Starting with Hitachi NAS code version 13.9.6918.02, HNAS Engineering introduced a new feature called smb-auto-barring, along with some other SMB barring commands (which are used for manual SMB client barring):
console-context --evs 2
smb-barred-client-add
smb-barred-client-remove
smb-barred-client-clear
smb-barred-client-list
smb-barred-client-remove 10.x.45.x
No comments:
Post a Comment