Skip to main content

Glossary

Access Based Enumeration

Access based enumeration allows you to control which shares, files, and folders are visible to users based on their permissions. When enabled, users see resources to which they have at least read access, as defined by their permissions or security descriptors.

Access based enumeration can be enabled either globally or on specific shares:

  • When enabled globally, users browsing the server root will only see shares they have permission to access.
  • When enabled on a share, users will only see files and folders they have permission to access within that share.

While improving both user experience and security, access based enumeration may affect performance, as the server must evaluate permissions for each share, file, and folder before displaying them.

Learn More

Access Control Lists (ACLs)

In Windows environments, Access Control Lists (ACLs) define the permissions that users and groups have on files and directories. When a user creates a new file or directory, Windows assigns it a default set of permissions, which can then be modified to allow or deny access to specific users or groups.

When a user attempts to access a file or directory, Windows checks its ACL and the ACLs of parent directories to determine whether the user has the necessary permissions to perform the requested operation. If the required permissions are missing, access is denied.

In standard Windows environments, ACLs are stored as part of the NTFS file system.

Learn More

Active-Active

Active-active is a clustering configuration for Fusion File Share Server that provides all three benefits of clustering: continuous availability, scale-out, and high availability. In this mode, multiple servers operate simultaneously, forming a cluster where connections and workloads are distributed across all nodes. This approach leverages the combined networking bandwidth of all servers. It ensures that, in the event of a node failure, only a small number of clients are affected and must wait for their connections to resume on another server.

This configuration is ideal for environments requiring minimal downtime and the ability to scale by adding more servers to handle increased loads, though it is more complex to set up and manage.

Common use cases for active-active clustering include:

  • Business-Critical Applications in Larger Environments:

    Active-active clustering is often used in large environments where downtime is costly and a single SMB server cannot handle the workload.

  • Environments with High Bandwidth and Low Latency Demands:

    Active-active clustering is commonly deployed where bandwidth demands are high. Examples include:

    • Video Production: Multiple users work on different projects simultaneously, requiring substantial bandwidth.
    • Low-Latency Media Streaming: Large numbers of clients require high bandwidth and cannot tolerate buffering delays.
Learn More

Active Directory

Microsoft Active Directory is a directory service that provides authentication and authorization services, primarily for Windows-based systems. It is a centralized platform that stores information about users, groups, and computers within a network, allowing administrators to efficiently manage access to resources.

Most organizations with Windows environments rely on Active Directory for user authentication and authorization. Fusion File Share Server integrates seamlessly with Active Directory to validate user identities, secure their access to shares, and enable users to access shares from their Windows devices without disruption.

Learn More

Active-Passive

Active-passive is a clustering configuration for Fusion File Share Server that is the easiest to set up. However, among the three benefits of clustering, it only provides continuous availability. In this mode, only one node is active at a time, with standby node(s) ready to take over in case of failure. This setup requires a failover process, during which existing SMB connections and file operations may hang for a few seconds until the failover is complete.

The simplicity of this configuration makes it ideal for environments where ease of setup and maintenance are a priority.

Active-passive clustering is suitable for business-critical applications where the cost of downtime is high, but a single SMB server is sufficient to handle the workload. It provides a cost-effective solution for ensuring continuous availability without complex configuration.

Learn More

Administrative Shares

Administrative shares, such as C$ and D$, are special hidden shares representing the root of a drive on a Windows machine. These shares are only accessible to members of the Administrators group.

In Fusion File Share Server, you can designate a share as administrative to simulate this behavior and potentially use it as a root for other shares.

Learn More

Anonymous Users

Anonymous users in SMB are those who connect without authentication. This type of connection is known as a null session. While useful for testing or accessing public resources, null sessions pose security risks and should be permitted only under specific, controlled circumstances.

Learn More

Apple Extensions

Fusion File Share Server supports Apple Extensions for SMB, enhancing interoperability with macOS clients. These extensions provide additional functionality, improve compatibility with macOS systems, and boost performance when accessing SMB shares from macOS devices. By enabling Apple Extensions, you can take advantage of features such as:

  • Improved Directory Enumeration: Enabled by the kAAPL_SUPPORTS_READ_DIR_ATTR capability, this allows the server to export macOS-specific metadata, such as resource forks and Finder information, improving performance.
  • Time Machine Support: Enabled by the kAAPL_SUPPORTS_FULL_SYNC capability, this feature allows macOS clients to use Time Machine for backup and restore operations on SMB shares.
Learn More

Audit Logging

Audit logging allows you to track and record events occurring on a share. These events can range from high-level user activities, such as file access and lookups, to more detailed system-level actions, including basic read and write operations.

When audit logging is enabled, you can specify the level of detail per share, allowing you to control which events are recorded to meet your monitoring and security needs.

Learn More

Byte-Range Locking

Byte-range locking allows a specific part of a file to be locked for read or write access, allowing users to edit portions of large files. For example, sections of a large video file can be locked during editing, allowing multiple editors to work on different parts simultaneously. Without byte-range locking, the entire file would need to be locked, preventing concurrent access by other users during the edit.

Fusion File Share Server supports byte-range locking at the VFS layer through file system-specific mechanisms.

Currently, byte-range locking is available for POSIX and Quantum file systems. This system-specific locking ensures cross-protocol compatibility, meaning locks applied through NFS or SMB will remain effective across the same file system regardless of the protocol used to access the file.

Learn More

Continuous Availability

Continuous availability ensures that, in the event of a cluster node failure, another node takes over, providing uninterrupted service to all clients. This feature is critical for SMB servers, where maintaining active connections without disruption is essential. If a node fails, continuous availability mechanisms enable the new node to take over both new client requests and existing SMB connections from the failed node.

Learn More

Case Sensitivity

In Windows environments, file operations are case-insensitive by default, meaning the file system does not differentiate between uppercase and lowercase characters in file or directory names. For example, MyFile.txt is treated the same as myfile.txt.

However, on Linux, where Fusion File Share Server operates, file operations are case-sensitive. When enabled, Fusion File Share Server first attempts to rely on the underlying file system's support for case-insensitive file name resolution. If not supported by the file system, Fusion File Share Server will fall back on performing a case-insensitive comparison of the file name against all the files in the directory.

For use cases that require case-insensitive operations, Fusion File Share Server allows you to modify the default behavior. You can configure case sensitivity globally for all shares or override it on a per-share basis to meet specific requirements.

important

Fusion File Share Server shares are case-sensitive by default, since processing case-insensitive requests can introduce significant overhead, especially on large datasets or complex directory trees.

Learn More

Change Notifications

SMB change notifications enable clients to subscribe to events that alert them to changes in files and directories on a share. This functionality is particularly useful for applications that need to monitor file changes in real-time, such as the Windows File Explorer or collaborative editing tools. Clients can receive notifications about both data changes and metadata updates, such as modifications to a file's name or attributes.

Learn More

Compression

SMB Compression, introduced in SMB 3.1.1, enhances file transfer performance by minimizing the size of transmitted data. When enabled, it optimizes communication between Fusion File Share Server and supporting clients, reducing bandwidth usage by 20% to 70%, and achieving up to three times faster data transfer speeds, depending on the data type and network conditions.

Fusion File Share Server supports SMB Compression using the LZ77 algorithm. This feature allows you to configure the number of compression threads, the minimum SMB message size for compression, and specify files to exclude. Excluding files is particularly useful for pre-compressed files or directories containing many small files that would not benefit from compression but could incur unnecessary CPU overhead.

Required SMB Dialect: SMB 3.1.1
Learn More

Direct TCP

In non-RDMA environments, Direct TCP is the preferred SMB transport method. It is supported by all modern Windows, macOS, and Linux clients when connecting to SMB servers. By removing the legacy NetBIOS layer used during the Windows NT 4.0 and 9x era, Direct TCP improves both performance and security.

SMB servers using Direct TCP typically listen on TCP port 445.

For more information, see [MS-SMB2] Section 2.1.

Required SMB Dialect: SMB 2.002 or higher
Learn More

Distributed File System (DFS)

The Distributed File System (DFS) in SMB simplifies the management and accessibility of network shares by consolidating multiple SMB file shares into a unified namespace. This functionality allows users to navigate shared folders without knowing which specific servers are hosting them.

To use DFS with Fusion File Share Server shares, the feature must be enabled both globally and on each share you want to include in the DFS namespace.

Learn More

Durable Handles

Durable handles enhance the reliability of file operations over network connections by enabling clients to maintain access to open files after temporary network disruptions. When a client requests a durable handle while opening a file, the SMB server assigns a unique handle identifier and retains its state. If the client disconnects unexpectedly, the server preserves the handle state for a defined timeout period, allowing the client to reconnect and continue operations without reopening the file or risking data loss.

  • Durable Handles V1, introduced in SMB2, provides a rudimentary mechanism for maintaining file handles during network disruptions.
  • Durable Handles V2, introduced in SMB3, extends functionality to support continuous and high availability scenarios, such as cluster failovers.

Fusion File Share Server allows you to configure the timeout period for durable handles requested by clients.

Clients using V1 and V2 durable handles are handled differently:

  • V1 clients cannot specify a timeout; Fusion File Share Server fully controls the timeout.
  • V2 clients can specify a timeout. If no timeout is provided, Fusion File Share Server controls the setting.
Learn More

Encryption in Transit

Access to SMB shares can be encrypted to protect data in transit. Clients that support encryption, and send encrypted requests, will receive an encrypted response from Fusion File Share Server.

However, Fusion File Share Server can be configured to encrypt all outgoing SMB messages, regardless of the client's preference. This can be configured globally or on a per-share basis.

Additionally, Fusion File Share Server can be configured to reject unencrypted SMB messages from clients. This option is only available globally.

Required SMB Dialect: SMB 3.1.1
Learn More

Extended Attributes

Extended attributes (xattrs) are a feature of many modern UNIX file systems, that allow storing additional metadata on files and directories beyond traditional POSIX permissions, ownership, and timestamps.

Fusion File Share Server can use xattrs to store Windows- and SMB-specific metadata:

File Attributes

In Microsoft environments, file systems such as FAT and NTFS traditionally support file attributes that define how the operating system should handle a file. These attributes are Hidden, System, and Archive:

  • Archive (A): Indicates that the file has been modified since the last backup and should be included in the next backup operation. Backup software clears this attribute after backing up the file, and the operating system sets it again when the file is modified.
  • Hidden (H): Marks the file as hidden, preventing it from appearing in directory listings, such as when in the DIR command output or when browsing in Windows File Explorer and file dialogs.
  • System (S): Marks the file as a system file, protecting it from being modified or deleted. This attribute safeguards critical files from accidental changes. System files are typically treated as hidden as well.
Learn More

File-Backed User Database

The file-backed user database is a text file located on your Fusion File Share Server's file system that stores usernames and password hashes for users managed entirely by Fusion File Share Server. Managing users in a locally-stored file is useful in environments without centralized user management, such as Active Directory or LDAP, or when granting access to additional users (e.g., UNIX users or a guest account).

When Fusion File Share Server is configured to use LDAP, it uses NTLM for authentication.

Learn More

File Security Mode

The file security mode is a global setting that controls how Fusion File Share Server handles file permissions. For each share, you can choose one of the following three modes:

  • Windows: In Windows mode, Fusion File Share Server stores and enforces file permissions based on Windows ACLs. This is the default mode, and it conforms to the behavior expected by Windows clients.
  • POSIX:
    In POSIX mode, Fusion File Share Server stores and enforces file permissions based on the connected user's UID/GID (see POSIX ID Mapping) and the file's mode bits (i.e., the standard UNIX rwx permissions).
  • None:
    In None mode, Fusion File Share Server does not enforce file permissions, making all files accessible to users according to the share permissions.
Learn More

FSA

File System Algorithms (FSA) are a set of guidelines published by Microsoft (MS-FSA Specification) that define how file system operations should be implemented, particularly for protocols like SMB. These algorithms ensure consistent behavior across operations such as file creation, access, modification, and deletion across different platforms.

FSA provides an abstract model for developers to implement object stores compatible with SMB versions, including SMB2 and SMB3. It covers advanced scenarios like caching, leasing operations, and state management, which are essential for ensuring consistency and high availability across network protocols. This framework also supports features like lease breaks to manage file locks and caching during disruptions.

Guest Account

The Guest account is a special local account in Windows, commonly used to grant access to shared resources for users who are unknown to the server. This account allows access without requiring a password (or with an empty password).

Fusion File Share Server supports creating a local guest account and allows guest access to shares on the server. However, access is still subject to the permissions set for each share.

warning

Enabling guest access can be a security risk, and is not recommended beyond testing purposes.

Furthermore, Microsoft discourages the use of guest accounts:

  • The built-in guest account is disabled by default in Windows.
  • Windows 10, Windows Server 2019, and later versions do not allow use of guest authentication by default even when the guest account is enabled.
  • Windows 11 24H2, Windows Server 2025, and later versions require SMB Message signing by default, which prevents guest authentication. 
Learn More

Hidden Shares

Fusion File Share Server allows you to mark shares as hidden. Hidden shares are not listed when browsing the server, but users with the share's name and proper permissions can still access them.

Learn More

High Availability

High availability combines continuous availability with scale-out, allowing the system to handle increased loads by adding more nodes while maintaining uninterrupted service during node failures. This approach is ideal for environments where both performance and fault tolerance are critical, ensuring scalability without compromising availability.

Learn More

IPC$ Share

The IPC$ share in Windows is a hidden, system-managed share managed by the Windows Server service (srvsvc) for remote administration and communication between networked computers via named pipes. It facilitates administrative tasks like listing available shares, enumerating users, and managing services through Remote Procedure Calls (RPC).

Fusion File Share Server provides an IPC$ share to enable share administration, which is enabled by default.

Learn More

LDAP

LDAP (Lightweight Directory Access Protocol) is an open standard protocol used to access and manage directory services over a network. It is typically used to centrally manage user accounts, groups, and other objects such as computers and printers.

While Microsoft Active Directory is also LDAP-based, there is typically a distinction between it and "other LDAP" implementations. Active Directory is primarily used in Windows environments, while other LDAP implementations, such as OpenLDAP, are more generic and commonly used in non-Windows environments for centralized user management.

When Fusion File Share Server is configured to use LDAP, it uses NTLM for authentication.

Learn More

Link-Local Multicast Name Resolution (LLMNR) is is a protocol or resolving hostnames to IP addresses on local networks and is particularly useful when no DNS server is available. It uses multicast to enable devices on the same subnet to discover each other, providing decentralized name resolution. LLMNR enhances network usability, particularly in home and small business networks. For more information, see RFC 4795.

While supported in current Windows versions, Microsoft has announced plans to deprecate LLMNR, which may impact future Windows clients' ability to discover Fusion File Share Server if no other name resolution method is available.

SMB servers using LLMNR typically listen on UDP port 5355.

Learn More

Message Signing

SMB message signing is a security feature that ensures the authenticity of messages exchanged between clients and servers. When a message is signed, the recipient can verify that it has not been altered in transit. The signature is a cryptographic hash generated from the session key (derived from the user's credentials at the time of connection) and the message content, ensuring any tampering is detected.

The hashing algorithm used for message signing depends on the SMB dialect:

  • SMB2: Uses HMAC-SHA256.
  • SMB3: Uses AES-CMAC or AES-GMAC for enhanced security.
Learn More

Microsoft Management Console (MMC)

Microsoft Management Console (MMC) provides a unified interface for managing Windows system components. MMC uses snap-in modules—specialized tools for specific administrative tasks—to allow administrators to monitor and control key aspects of the system, such as hardware, software, and network settings, from one place. These snap-ins streamline tasks like configuring system policies, managing users, monitoring performance, and overseeing network services, making MMC a core tool for both local and remote system management in Windows.

Some features of Fusion File Share Server can be configured using MMC through the Shared Folders snap-in. This allows administrators to manage shares, monitor open files, and oversee active sessions.

Learn More

Multichannel

SMB3 Multichannel enables SMB 3.x clients to establish multiple network connections to a server, enhancing performance and reliability.

Fusion File Share Server can support Multichannel when:

  • Using multiple NICs on the server: When the server has multiple NICs, the client can establish multiple connections to the server.

  • Using RSS-capable NICs:

    Receive Side Scaling (RSS) is a feature of modern NICs that distributes incoming packets across multiple CPU cores. This enhances performance by balancing the load across available cores, reducing bottlenecks. Windows clients can leverage RSS to boost throughput by opening multiple channels to Fusion File Share Server.

When these conditions are met, clients with multiple NICs or at least one RSS-capable NIC can establish multiple connections to the server.

Multichannel results in:

  • Increased throughput: By utilizing multiple connections, clients can simultaneously send and receive data across multiple paths.

  • Fault tolerance: In multi-NIC configurations, if one connection fails, the client can continue data transfer via the remaining connections, ensuring uninterrupted service.

  • Reduced tail latency: By distributing the load across multiple connections, tail latency–the delay caused by waiting for the slowest TCP packet in a sequence of transmissions–is significantly reduced.

Required SMB Dialect: SMB 3.0 or higher
Learn More

Named Streams

Named streams, also known as alternate data streams, allow files to contain multiple streams of data in addition to the default stream ($DATA). Both the default and alternate streams can be independently opened, written to, and read from.

Fusion File Share Server supports named streams by leveraging extended attributes provided by the underlying file system.

Required SMB Dialect: SMB 2.002 or higher
Learn More

NetBIOS Datagram Service (NBDS)

NetBIOS Datagram Service (NBDS) is a legacy transport protocol used for NetBIOS communication over UDP. It is typically needed only for supporting legacy clients (Windows XP, Windows Server 2003, and older). For more details, see RFC 1001 and RFC 1002.

NBDS requires the NetBIOS Name Service (NBNS) to be enabled.

SMB servers using NBDS typically listen on UDP port 138.

Required SMB Dialect: SMB 1

NetBIOS Name Service (NBNS)

NetBIOS Name Service (NBNS) is a legacy name resolution protocol that predates DNS in Windows networking. It resolves NetBIOS names to IP addresses and is required when using NetBIOS Session Service (NBSS) or NetBIOS Datagram Service (NBDS). For more details, see RFC 1001 and RFC 1002.

SMB servers using NBNS typically listen on UDP port 137.

Required SMB Dialect: SMB 1

NetBIOS Session Service (NBSS)

NetBIOS Session Service (NBSS) is a legacy transport protocol used for SMB communication. It is primarily required for legacy clients, such as Windows XP, Windows Server 2003, and older, or in rare cases where Direct TCP is unavailable. For more information, see RFC 1001 and RFC 1002.

SMB servers using NBSS typically listen on TCP port 139.

Required SMB Dialect: SMB 1

Opportunistic Locking

Opportunistic locks (oplocks) enable a client to cache file data locally, boosting performance by reducing the need for frequent network communication. When a client obtains an oplock, the client can perform certain operations on the file locally without immediately notifying the server, minimizing network requests.

If another client attempts to access the same file, the server revokes the oplock, prompting the original client to flush its cached data to the server to maintain data consistency.

Oplocks improve performance in single-client scenarios while ensuring data integrity in multi-client environments.

Learn More

POSIX ID Mapping

Since Fusion File Share Server is designed to behave as a Windows file server, it authenticates users against its file-backed user database or external sources such as Active Directory. However, because the shares are backed by a UNIX file system, the files and directories created by users are owned by UNIX users and groups.

POSIX ID mapping, when enabled, maps authenticated SMB users to corresponding UNIX users and groups (UIDs and GIDs). This ensures that files created on a share are owned by the UNIX user mapped to the SMB account.

note

In Fusion File Share Server, POSIX ID mapping is optional and can be left unconfigured unless specifically required for your use case.

If ID mapping is not enabled, files and directories created by users will be owned by the UNIX user and group under which the Fusion File Share Server server is running as (typically root). In these cases, file access authorization is managed through Windows ACLs.

Learn More

RDMA

RDMA (Remote Direct Memory Access) is a network protocol that enables direct data transfer between the memory of two systems without involving the CPU, reducing latency and increasing throughput. Both the server and clients must have RDMA-capable network adapters, and the network infrastructure must support RDMA for it to function.

When available, Fusion File Share Server fully utilizes RDMA capabilities through the SMB Direct protocol.

Required SMB Dialect: SMB 3.0 or higher
Learn More

Receive Side Scaling (RSS)

Receive Side Scaling (RSS) is a feature of modern NICs that distributes incoming packets across multiple CPU cores. This enhances performance by balancing the load across available cores, reducing bottlenecks. Windows clients can leverage RSS to boost throughput by opening multiple channels to Fusion File Share Server.

Learn More

Scale-Out

Scale-out is a strategy characterized by adding nodes to a system to handle increased load, rather than enhancing the existing nodes' capacity. This distributes workloads across multiple servers, allowing the system to handle more requests and efficiently serve more clients.

In the context of an SMB server, scale-out enables seamless expansion as demand increases, ensuring high performance and maintaining service reliability.

Learn More

Security Descriptors

Security descriptors provide more granular control over share access than standard permissions. Administrators can use SDDL (Security Descriptor Definition Language) strings to define detailed access rules, specifying who can access a share and what actions they can perform based on a wide range of criteria and attributes.

Learn More

Share

A share is a network resource accessible to clients via the SMB protocol. Typically, shares are directories containing files, but they can also include entire disk drives, printers, or other devices.

Learn More

Share Scoping

Share scoping allows you to restrict access to a share based on the server name (or alias) the client uses to connect. When enabled, the share is only accessible if the client connects using the specified server name or alias. This feature is particularly useful for compartmentalizing access based on the server's DNS records, similar to the concept of virtual hosts in HTTP servers.

If share scoping is configured but the server is not accessible using the specified name (e.g., no DNS record resolves the name to any of the server's IP addresses), the share will not be available to clients.

Learn More

Share Permissions

Share permissions are the primary method for controlling access to shares. Configured at the share level, they apply uniformly to all files and directories within the share. While share permissions provide a simple way to manage access, they lack the granularity of more advanced access control mechanisms.

Learn More

SMB

SMB (Server Message Block), previously also known as CIFS, is a network protocol that enables shared access to files, printers, and other resources (collectively called shares) on the network. Originating from the Microsoft ecosystem, SMB has become a cross-platform standard, used in Linux and macOS environments as well. Fusion File Share Server is an SMB server for Linux.

SMB1 (a.k.a. CIFS)

SMB1 is the earliest version of the SMB protocol. Originally developed by IBM in the 1980s, it was used primarily in Microsoft's and IBM's operating systems of the time. The 1980s and 1990s saw the introduction of several SMB1 dialects, extending its functionality and enabling support for more operating systems.

Windows NT shipped with an enhanced SMB1 dialect called CIFS (Common Internet File System)–identified as NT LM 0.12 in the protocol specification–which extended SMB1 with new capabilities such as large file support. CIFS became widely popular in the Windows ecosystem during the 1990s and 2000s. Due to this popularity, the terms SMB1 and CIFS are often used interchangeably.

important
  1. Fusion File Share Server only supports the CIFS dialect of SMB1.
  2. All mentions of SMB1 in this documentation refer to the CIFS dialect.

Microsoft officially deprecated SMB1 in 2014, and stopped shipping it with Windows in 2017. Consequently, enabling SMB1 is strongly discouraged.

Fusion File Share Server supports SMB1 primarily for compatibility with legacy clients.

Important considerations regarding SMB1:

  • SMB1 Requires NetBIOS: To support clients relying on SMB1, NetBIOS must be enabled.
  • SMB1 is Insecure: SMB1 is widely regarded as insecure and should be avoided whenever possible.
  • SMB1 is Obsolete: Modern operating systems, including recent versions of Windows, Linux, and macOS, do not enable SMB1 by default.

All modern Windows, Linux, and macOS versions that are currently supported by their respective vendors, include support for SMB2 or later. In environments consisting only of modern clients, SMB1 can be disabled.

SMB2

SMB2 was introduced by Microsoft in 2006 to address the limitations of SMB1. It provides substantial security and performance improvements.

Fusion File Share Server supports the following SMB2 dialects:

  • SMB 2.002: Introduced in Windows Vista and Windows Server 2008.
  • SMB 2.1: Introduced in Windows 7 and Windows Server 2008 R2.

SMB3

SMB3 is the latest version of the SMB protocol, introduced by Microsoft in 2012 and refined through subsequent updates. It offers significant security and performance enhancements over earlier versions, along with advanced features, including:

  • Encryption: Encrypts data in transit to protect, protecting against eavesdropping and man-in-the-middle attacks.
  • Multichannel: Supports multiple concurrent connections between the client and the server, increasing SMB session throughput.
  • Compression: Compresses data intransit to reduce the amount of data transferred, improving overall performance.
  • RDMA: Leverages Remote Direct Memory Access (RDMA) for high-speed data transfers using the SMB Direct protocol.
  • Scale-out: Distributes the SMB workloads across multiple nodes to improve performance, scalability, and fault tolerance, ensuring high availability.

Fusion File Share Server supports the following SMB3 dialects:

  • SMB 3.0: Introduced in Windows 8 and Windows Server 2012.
  • SMB 3.02: Introduced in Windows 8.1 and Windows Server 2012 R2.
  • SMB 3.1.1: Introduced in Windows 10 and Windows Server 2016.

SMB Direct

SMB Direct combines the SMB 3.0 protocol with RDMA technology to deliver high-performance, low-latency data transfers with minimal CPU overhead. It is ideal for demanding applications and environments requiring fast, large-scale data transfers, including virtualization, high-performance computing, and database management.

By leveraging zero-copy networking, which enables data to move directly between memory and network without CPU intervention, SMB Direct enhances both performance and reliability for modern enterprise storage solutions.

Required SMB Dialect: SMB 3.0 or higher
Learn More

Veto Files

The veto files feature allows administrators to hide files from clients and restrict access to them. It controls both visibility and access, ensuring that even if a user knows the name of a restricted file, they cannot access it unless it matches the allowed pattern set.

Files that are permitted through the veto rules remain subject to the share's permissions and the ACLs applied to the files.

Learn More

Volume Shadow Copy Service (VSS)

Volume Shadow Copy Service (VSS) is a framework that enables manual or automatic snapshots of files or volumes, even while in use. This feature allows for point-in-time recovery (PITR), letting users browse the contents of a share as they were at a specific point in time.

Fusion File Share Server's support for VSS depends on the underlying file system's VSS capabilities (private VSS implementation), or by mounting snapshots in a directory accessible to Fusion File Share Server (default VSS implementation).

You can configure the default VSS behavior globally for all shares or override it on a per-share basis.

Required SMB Dialect: SMB 3.0 or higher
Learn More

Windows Privileges

Windows privileges control permissions for system-related operations. They are distinct from share permissions or ACLs, which control access to objects such as files and directories.

In Windows, privileges are stored in the Security Account Manager (SAM) database or in Active Directory. In Fusion File Share Server, they are stored in a file called the privilege database.

Learn More

Web Services Dynamic Discovery (WS-Discovery)

Web Services Dynamic Discovery (WS-Discovery) is a protocol that enables SMB services to be discovered on local networks. It enables devices to automatically find and connect to available SMB shares and other network resources without manual configuration. Using UDP multicast, WS-Discovery allows SMB servers to announce their presence, enabling clients to discover these servers dynamically.

This simplifies network setup and management, particularly in environments with many devices or frequent changes, ensuring seamless access to shared files and resources. For more information, see OASIS Standard | WS-Discovery 1.1.

SMB servers using WS-Discovery typically listen on UDP port 3702.

Learn More

Zero-Copy

Zero-copy is a technique that enhances data transfer performance by minimizing the number of memory copies and system calls. Fusion File Share Server leverages zero-copy in the following ways:

  • Client's write operations: when write operations reach the operating system's network socket buffers, Fusion File Share Server attempts to use zero-copy to transfer the data directly to the file system page cache, minimizing intermediate copies.
  • Client's read operations: during read operations, when the data is retrieved from the disk into the file system page cache, Fusion File Share Server uses zero-copy to send the data directly from the cache to the network socket buffer.
Learn More