This website uses cookies to make your use of the site more convenient. For continuing to browse the site, please accept the use of cookies. For details, please read our Privacy Policy.
Packet Capture Solution
Network Monitoring Solution
JPN

NEWS&EVENT

【NetEyez Use Case #2】NAS Access Failure

〈Incident Description〉

At Company B, there was an access disruption to the on-premises NAS (Network Attached Storage) system located in the main office. This issue arose during the gradual migration of internal systems from the main office to the cloud infrastructure. Additionally, there was a problem that scanned data from scanner printers located in the main office could not be saved to the file server.

〈Company B’s Network Environment〉

At Company B, migration of the entire set of servers used for business purposes, including Active Directory (AD) servers and file servers, to the Azure cloud platform operated by Microsoft was underway.
The NAS (Network Attached Storage) system for the department within the headquarters, where issues occurred, was subject to user authentication and access control through single sign-on under the company’s network AD domain. Additionally, files scanned by the multifunction printers were configured to be stored on the migrated file server in the cloud platform.

NetEyez│Use Case#2 NAS Access Failure|Network Monitoring Solution|TOYO Corporation【Offical Site】
NetEyez deployment diagram for existing environment (Figure 1)

〈Cause Investigation〉

To investigate the cause, a mirror port was set up on the core switch in the main office, and communication between the Azure cloud platform and the main office network was output to the network monitoring tool NetEyez for analysis (see Figure 1).

This revealed that the NAS generating the disruption and the multifunction printers were using SMB1.0 for communication (see Figure 2).

NetEyez│Use Case#2 NAS Access Failure|Network Monitoring Solution|TOYO Corporation【Offical Site】
Hosts using SMBv1 (Figure 2)
NetEyez│Use Case#2 NAS Access Failure|Network Monitoring Solution|TOYO Corporation【Offical Site】
Application Distribution Screen (Figure 3)

On Windows servers within the Microsoft Azure platform, SMB1.0 is not supported due to Azure’s security policies. Consequently, user authentication from the NAS using SMB1.0 to the AD server was failing. Similarly, due to SMB version mismatch, the multifunction printers were unable to write files to the file server in the Azure infrastructure.

〈Solution〉

The Lack of Support for the SMB1.0 Protocol

For the NAS, it was confirmed that the older model did not support SMB2.0. Consequently, a decision was made to replace it with a new NAS.
Regarding the multifunction printers, upgrading the firmware enabled compatibility with SMB2.0, allowing the successful saving of scan data to the file server in the Azure cloud platform.

Monitoring the SMB Protocol Versions

The current issue was caused by the migration of AD servers and file servers to the Azure platform, resulting in the lack of support for the SMB1.0 protocol. SMB is a protocol that has been long used in corporate networks and is implemented not only on PCs and servers but also on various network devices.
Although Company B addressed the issue after it occurred, proactive measures using monitoring tools like NetEyez to identify the SMB protocol versions used by each device beforehand could have facilitated a smoother transition for network configuration changes or cloud migration.

Click here for details about NeEyez.