What Is SMB Protocol and How Does It Work?
Author: Kostas Tsakiridis, 2BrightSparks Pte. Ltd.
The Server Message Block (SMB) protocol is a network file-sharing protocol that allows applications and users to read, write, and request services from various devices on a network. If asked to categorize the SMB protocol, one can categorize it as an application-layer network protocol that is primarily utilized for providing shared access to files, printers, and serial ports.
Originally developed by IBM in 1983 to run on PC DOS, SMB has gone through numerous development stages. Microsoft took over and developed the protocol further and came out with SMB 1.0 in 1996. Subsequent versions have progressively improved performance, security, and feature support on a range of Windows platforms.
SMB Versions by Windows OS
Understanding SMB versions is crucial when working with compatibility in a network SMB environment. Here's a rundown:
| SMB Version | Supported Windows Versions |
|---|---|
| SMB 1.0 | Windows 2000 |
| SMB 2.0 | Windows Vista, Windows Server 2008 |
| SMB 2.1 | Windows 7, Windows Server 2008 R2 |
| SMB 3.0 | Windows 8, Windows Server 2012 |
| SMB 3.0.2 | Windows 8.1, Windows Server 2012 R2 |
| SMB 3.1.1 | Windows 10, Windows Server 2016 and later versions |
When a connection is established, the server and client negotiate the highest version of SMB that they both support. For instance, two Windows 10 computers will communicate using SMB 3.1.1, and a connection from Windows 8 to Windows 10 will use SMB 3.0.
How to Check SMB Version in Use
To check which SMB version is being used over an existing connection between two computers, run the following PowerShell command Get-SmbConnection which will show the SMB connections and the version being used.
PowerShell Command:
PS C:\Windows\system32> Get-SmbConnection
Command Output:
| ServerName | ShareName | UserName | Credential | Dialect | NumOpens |
|---|---|---|---|---|---|
| PC_01 | c$ | 2BS\alex | 2.10 | 1 | |
| PC_02 | c$ | 2BS\alex | 3.00 | 2 | |
| PC_03 | public | 2BS\alex | 3.00 | 5 |
For more details regarding the connections a connection you can use this command in PowerShell: Get-SmbConnection | Select-Object -Property *
PowerShell Command:
PS C:\Windows\system32> Get-SmbConnection | Select-Object -Property *
Command Output:
| ContinuouslyAvailable | False |
|---|---|
| Credential | domain\administrator |
| Dialect | 3.00 |
| Encrypted | False |
| NumOpens | 3 |
| ServerName | PC_03 |
| ShareName | public |
| UserName | 2BS\alex |
| PSComputerName | |
| CimClass | ROOT/Microsoft/Windows/SMB:MSFT_SmbConnection |
| CimInstanceProperties | {ContinuouslyAvailable, Credential, Dialect, Encrypted...} |
| CimSystemProperties | Microsoft.Management.Infrastructure.CimSystemProperties |
SMB vs CIFS: What Is SMB CIFS?
What is SMB CIFS? CIFS stands for Common Internet File System, which is a dialect of the SMB protocol used primarily with SMB 1.0. While often employed interchangeably, CIFS is employed to refer to older, less secure and less efficient implementations. Modern networks ought to use SMB 2.0 or newer to avoid vulnerabilities that are associated with CIFS.
Learn More
Microsoft provides detailed guidance on how to detect, enable, or disable different SMB versions:
Microsoft SMB Version Management Guide
SyncBackPro + SMB: A Powerful Combination for Network File Backup
If you are using SMB for file sharing across your network, then you'll want a reliable backup and sync tool that handles all the current versions of SMB. That's where SyncBackPro comes into play.
SyncBackPro is trusted by countless IT personnel and companies all over the world to securely back up, synchronize, and restore data in SMB-enabled environments, including Windows networks and NAS devices.
Whether you are backing up in a small office or across an extended enterprise, SyncBackPro makes it easy to protect your files across any network SMB installation, without the need for cryptic scripts or operator intervention.
Frequently Asked Questions About SMB Protocol
What is SMB protocol used for?
The Server Message Block (SMB) protocol allows for the sharing of files, printers, and other networked resources between devices. Users and applications can both securely and reliably access data over a network.
What type of protocol is SMB?
SMB is an application-layer network protocol that operates over TCP/IP. It facilitates shared access to resources like files and printers within a local or wide area network.
What is the difference between SMB and CIFS?
CIFS (Common Internet File System) is a legacy version of SMB, specifically referring to SMB 1.0. It’s slower and less secure than newer SMB versions. Modern systems should use SMB 2.0 or above to avoid security vulnerabilities associated with CIFS.
How do I check which SMB version is in use?
You can use PowerShell on Windows to run the command: Get-SmbConnection
What are the different SMB versions?
Here’s a quick breakdown of key SMB versions:
SMB 1.0 – Legacy (CIFS)
SMB 2.0 – Improved performance and reduced commands
SMB 2.1 – Added leasing and caching
SMB 3.0+ – Introduced encryption, multi-channel, and secure dialect negotiation
Is SMB still used today?
Yes, SMB is widely used in business and enterprise environments for file and printer sharing. However, older versions like SMB 1.0 (CIFS) are often disabled by default in modern systems due to security risks.
Is SMB secure?
Newer SMB versions (3.0 and above) contain improved security features like encryption, pre-authentication integrity, and secure dialect negotiation. SMB 1.0 (CIFS), however, is not secure and should not be used.
