Technical Requirements for Shared File Services
Technical requirements, including confidential data considerations and accessibility
This article applies to: Shared File Services
- Cornell NetID and password are required to access SMB/CIFS. For more information about NetIDs, see the NetID Management page.
- For the best user experience, it is recommended that computers are joined to the Cornell Active Directory.
- Can be accessed from Windows or Mac.
- Access to port 445 (TCP & UDP).
- Allowed to store confidential data including HIPAA data. (See Security section below.)
- Managed UID/GID space is required for NFS (v3).
- NFS (v3) “exports” are configured to comply with your managed systems.
- Can be accessed from Unix servers or desktops.
- Allowed to store confidential data. (See Security section below.)
Accessibility
- Available only to Ithaca Campus networks (VPN connection required) or from off-campus locations via CU VPN. See networks listed under:
- Cornell Campus Private Networks
- Cornell Campus Public Networks (Ex. Computer labs)
- Shared file services may be used to store high-risk/confidential data as defined by Policy 5.10 Information Security with certain limitations:
- CIFS shares from SFS may be configured to store high-risk/confidential data. Note: High-risk/confidential data is only allowed on specially configured shares.
- NFSv3 shares/exports that are “Campus-facing” are not allowed to store high-risk/confidential data because there is no encryption on the session-authentication or the data flow. Note: NFSv3 shares/exports that are only accessible by servers in the Extra Tier of the CIT managed Server Service may receive Cornell IT Security Office approval for storage of high-risk/confidential data.
- PCI data storage is not allowed on Shared File Services.
- Shared file services may be used to store HIPAA data as defined by the HIPAA Administrative Simplification Regulation Text. See HIPAA data for additional information.
What to use a share for? See Appropriate Uses for Shares.
Comments?
To share feedback about this page or request support, log in with your NetID