Thursday, November 4, 2021

SMB over QUIC is GA and we have lots of news!

Heya folks, Ned here again. As you might have heard now in all the MS Ignite hullabaloo, Windows Server 2022 Datacenter: Azure Edition is now generally available and that means that SMB over QUIC is now generally available too! I have a ton of news to share, let's crack on.

 

SMB over QUIC offers an "SMB VPN" for telecommuters, mobile device users, and branch offices, providing secure, reliable connectivity to edge file servers over untrusted networks like the Internet. QUIC is an IETF-standardized protocol used in HTTP/3, designed for maximum data protection with TLS 1.3 and requires encryption that no one can disable. SMB behaves normally within the QUIC tunnel, meaning the user experience doesn't change. SMB features like multichannel, signing, compression, continuous availability, and directory leasing work normally. 

 

If you deploy a new IaaS VM and use Automanage and WS2022 Azure Edition, SMB over QUIC is ready for production use with Windows 11. Your users can get back to work on their... important... docs.

 

Untitled Project (Time 0_02_56;06).png

 

But wait, there's more! In addition to Windows 11, our partners at Visuality Systems have been working on an SMB over QUIC client for Android devices. You can find more info on Visuality's site and in this pair of demos we made together for MS Ignite (here set to skip forward to our section):

 

 

But wait there's even more! My teammates at Automanage machine best practices for Windows Server have been busy creating a preview SMB over QUIC management policy. QUIC uses certificates to provide its encryption and everyone in IT knows expiration tracking is tricky. This best practice rule makes sure certs are passing validity checks and don't expire without warning, and that SMB over QUIC stays enabled like you wanted it. This is just the initial pass, more best practices are coming here. 

 

smboverquic-bestpractices-2a.png

 

But wait, there's even more! The new Windows Admin Center version 2110 just released and we've been busy updating the Files & File Sharing extension for more SMB over QUIC usefulness, including the ability to configure KDC proxy server settings right in WAC automatically instead of following Ned's horrid long setup guide (which I will update soon).

 

Untitled Project (Time 0_01_59;21).png

 

It's pretty slick. You still have to deploy your KDC proxy settings onto clients using group policy or whatever but this takes a lot of the tiresome out of deploying delicious Kerberos.

 

Untitled Project (Time 0_02_19;22).png

 

But wait there's --- no, that's it, there's no more. If you're interested in more Windows Server 2022 and Windows 11 file services tech besides SMB over QUIC, check out Windows Server 2022 is full of new file services! It's written by some guy who likes exclamation points. 

 

Until next time,

 

Ned Pyle

Posted at https://sl.advdat.com/302Y1E5