CIFS

• Cornell NetID and password are required to access SMB/CIFS. For more information about NetIDs, see the NetID Management page.
  • For the best user experience, it is recommended that computers are joined to the Cornell Active Directory.
  • Can be accessed from Windows or Mac.
  • Access to port 445 (TCP & UDP).
  • Allowed to store confidential data including HIPAA data. (See Security section below.)

NFS

• Managed UID/GID space is required for NFS (v3).
  • NFS (v3) “exports” are configured to comply with your managed systems.
  • Can be accessed from Unix servers or desktops.
  • Allowed to store confidential data. (See Security section below.)

Accessibility

• Available only to Ithaca Campus networks (VPN connection required) or from off-campus locations via CU VPN. See networks listed under:
  • Cornell Campus Private Networks
  • Cornell Campus Public Networks (Ex. Computer labs)

Security

• Shared file services may be used to store high-risk/confidential data as defined by Policy 5.10 Information Security with certain limitations:
  • CIFS shares from SFS may be configured to store high-risk/confidential data.  Note: High-risk/confidential data is only allowed on specially configured shares.
  • NFSv3 shares/exports that are “Campus-facing” are not allowed to store high-risk/confidential data because there is no encryption on the session-authentication or the data flow. Note: NFSv3 shares/exports that are only accessible by servers in the Extra Tier of the CIT managed Server Service may receive Cornell IT Security Office approval for storage of high-risk/confidential data.
  • PCI data storage is not allowed on Shared File Services.
• Shared file services may be used to store HIPAA data as defined by the HIPAA Administrative Simplification Regulation Text. See HIPAA data for additional information.

What to use a share for? See Appropriate Uses for Shares.