CIFS vs SMB: What's the Difference?

CIFS, SMB, Samba, and NFS are technolgies used to network client and server systems. Learn the difference between them and which to use when.
Rob Sobers
3 min read
Last updated April 6, 2023

I’ve received quite a few questions from both new and experienced sysadmins about networked filesystems and file sharing protocols. One question that comes up frequently is “What is the difference between CIFS and SMB ?”

There are many idiosyncrasies, and the terminology can be confusing, so I’m going to boil down the essentials in an easy-to-follow blog post.

Here we go.

Get a Free Data Risk Assessment

SMB

So what is SMB? SMB stands for “Server Message Block.” It’s a file sharing protocol that was invented by IBM and has been around since the mid-eighties. Since it’s a protocol (an agreed upon way of communicating between systems) and not a particular software application, if you’re troubleshooting, you’re looking for the application that is said to implement the SMB protocol.

The SMB protocol was designed to allow computers to read and write files to a remote host over a local area network (LAN). The directories on the remote hosts made available via SMB are called “shares.”

CIFS

CIFS stands for “Common Internet File System.” CIFS is a dialect of SMB. That is, CIFS is a particular implementation of the Server Message Block protocol, created by Microsoft.

CIFS vs SMB

Most people, when they use either SMB or CIFS, are talking about the same exact thing. The two are interchangeable not only in a discussion but also in application – i.e., a client speaking CIFS can talk to a server speaking SMB and vice versa. Why? Because CIFS is a form of SMB.

While they are the same top level protocol, there are still differences in implementation and performance tuning (hence the different names). Protocol implementations like CIFS vs SMB often handle things like file locking, performance over LAN/WAN, and mass modification of file differently.

CIFS vs SMB: Which One Should I Use?

In this day and age, you should always use the acronym SMB.
I know what you’re thinking – “but if they’re essentially the same thing, why should I always use SMB?”

Two reasons:

1.) The CIFS implementation of SMB is rarely used these days. Under the covers, most modern storage systems no longer use CIFS, they use SMB 2 or SMB 3. In the Windows world, SMB 2 has been the standard as of Windows Vista (2006) and SMB 3 is part of Windows 8 and Windows Server 2012.

2.) CIFS has a negative connotation amongst pedants. SMB 2 and SMB 3 are massive upgrades over the CIFS dialect, and storage architects who are near and dear to file sharing protocols don’t appreciate the misnomer. It’s kind of like calling an executive assistant a secretary.

Samba and NFS: Bonus Material

CIFS and SMB are far from the entirety of file sharing protocols and if you’re working to make legacy systems interoperate, it is quite likely that you’re also going to run into situations where others are necessary. Two other prominent file sharing protocols you should know about are Samba and NFS.

SAMBA

What is Samba? Samba is a collection of different applications with when used together let a Linux server perform network actions like file serving, authentication/authorization, name resolution and print services.

Like CIFS, Samba implements the SMB protocol which is what allows Windows clients to transparently access Linux directories, printers and files on a Samba server (just as if they were talking to a Windows server).

Crucially, Samba allows for a Linux server to act as a Domain Controller. By doing so, user credentials on the Windows domain can be used instead of needing to be recreated and then manually kept in sync on the Linux server.

NFS

The acronym NFS means “Network File System.” The NFS protocol was developed by Sun Microsystems and serves essentially the same purpose as SMB (i.e., to access files systems over a network as if they were local), but is entirely incompatible with CIFS/SMB. This means that NFS clients can’t speak directly to SMB servers.

So what does NFS mean in terms of your network communications toolkit? You should use NFS for dedicated Linux Client to Linux Server connections. For mixed Windows / Linux environments use Samba.

Practical Next Steps

If you’re reading this, you’re quite likely sorting out all sorts of issues with the storage, security, and availability of the data on your network. Whether it’s controlling access across different data stores or just cleaning up existing systems, these are precisely the kinds of problems that the Varonis Data Security Platform was meant to resolve.

Get a 1:1 demo of how Varonis can tie together the different pieces of your network into a secure whole.

Other CIFS and SMB Resources

 

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

arp-poisoning:-what-it-is-&-how-to-prevent-arp-spoofing-attacks
ARP Poisoning: What it is & How to Prevent ARP Spoofing Attacks
ARP Poisoning is a type of cyberattack that abuses weaknesses in the widely used Address Resolution Protocol (ARP) to disrupt, redirect, or spy on network traffic. In this piece, we’ll…
ssl-and-tls-1.0-no-longer-acceptable-for-pci-compliance
SSL and TLS 1.0 No Longer Acceptable for PCI Compliance
The PCI Council released version 3.1 of their Data Security Standard (DSS), stating that SSL and TLS 1.0 can no longer be used after June 30, 2016.
how-to-detect-dropbox-on-your-network
How to Detect Dropbox on Your Network
The University of Liverpool recently found over 3,000 individual instances of Dropbox running on their network. These unmanaged file sharing points throughout their network were causing an ever growing list...
what-is-an-smb-port-+-ports-445-and-139-explained
What is an SMB Port + Ports 445 and 139 Explained
An SMB port is a network port commonly used for file sharing. IBM programmer Barry Feigenbaum developed the Server Message Blocks (SMB) protocol in the 1980s for IBM DOS. SMB continues to be the de facto standard network file sharing protocol in use today.