File Gateway adds options to enforce encryption and signing for SMB shares
AWS Storage Gateway now supports security level options for data transferred between the File Gateway and SMB clients. You can enforce encryption and signing on client requests, or use client-negotiated defaults, helping you meet organizational requirements for security and client compatibility.
File Gateway provides on-premises applications file-based, cached access to virtually unlimited cloud storage in Amazon S3. With this launch, you have three options for securing data between your SMB clients and gateway’s file shares: Enforce Encryption, Enforce Signing and Client Negotiated. For environments where you only want to accept encrypted or signed requests, you can use the Enforce Encryption or Enforce Signing options. To expand applicability to a broader range of Windows operating systems and SMB clients, you can select the Client Negotiated option.
This feature is available in every region where AWS Storage Gateway is available. Starting today, you can configure these options for file shares on new gateways. For existing gateways, a software update will be made available in the console by July 21st, 2019, and it will be applied during your gateway’s maintenance window.
Learn about the security level options here, and try these new AWS Storage Gateway features today.