Hello
SMB is signed when:
- Both the SMB client and server have RequireSecuritySignature set to 1.
- The SMB client has RequireSecuritySignature set to 1 and the server has RequireSecuritySignature set to 0.
- The SMB server has RequireSecuritySignature set to 1 and the client has RequireSecuritySignature set to 0.
Signing isn't used when:
- The SMB client and server have RequireSecuritySignature set to 0.
You should also follow these recommendations to ensure your SMB signatures are effective at securing your data:
- Use Kerberos instead of NTLMv2.
- Don't connect to shares using IP addresses.
- Don't use CNAME DNS records. Instead, assign alternate computer names with NETDOM.EXE.
https://learn.microsoft.com/en-us/windows-server/storage/file-server/smb-signing-overview
Regards,
Karlie