【NetEyez Use Case #2】NAS Access Failure
〈Incident Description〉
At Company B, there was an access disruption to the on-premises NAS (Network Attached Storage) system located in the main office. This issue arose during the gradual migration of internal systems from the main office to the cloud infrastructure. Additionally, there was a problem that scanned data from scanner printers located in the main office could not be saved to the file server.
〈Company B’s Network Environment〉
At Company B, migration of the entire set of servers used for business purposes, including Active Directory (AD) servers and file servers, to the Azure cloud platform operated by Microsoft was underway.
The NAS (Network Attached Storage) system for the department within the headquarters, where issues occurred, was subject to user authentication and access control through single sign-on under the company’s network AD domain. Additionally, files scanned by the multifunction printers were configured to be stored on the migrated file server in the cloud platform.
〈Cause Investigation〉
To investigate the cause, a mirror port was set up on the core switch in the main office, and communication between the Azure cloud platform and the main office network was output to the network monitoring tool NetEyez for analysis (see Figure 1).
This revealed that the NAS generating the disruption and the multifunction printers were using SMB1.0 for communication (see Figure 2).
On Windows servers within the Microsoft Azure platform, SMB1.0 is not supported due to Azure’s security policies. Consequently, user authentication from the NAS using SMB1.0 to the AD server was failing. Similarly, due to SMB version mismatch, the multifunction printers were unable to write files to the file server in the Azure infrastructure.
〈Solution〉
The Lack of Support for the SMB1.0 Protocol
For the NAS, it was confirmed that the older model did not support SMB2.0. Consequently, a decision was made to replace it with a new NAS.
Regarding the multifunction printers, upgrading the firmware enabled compatibility with SMB2.0, allowing the successful saving of scan data to the file server in the Azure cloud platform.
↓
Monitoring the SMB Protocol Versions
The current issue was caused by the migration of AD servers and file servers to the Azure platform, resulting in the lack of support for the SMB1.0 protocol. SMB is a protocol that has been long used in corporate networks and is implemented not only on PCs and servers but also on various network devices.
Although Company B addressed the issue after it occurred, proactive measures using monitoring tools like NetEyez to identify the SMB protocol versions used by each device beforehand could have facilitated a smoother transition for network configuration changes or cloud migration.
NetEyez Use Case List
Click here for details about NeEyez.