Require Encryption

Information

This policy controls whether the SMB client will require encryption.

If you enable this policy setting the SMB client will require the SMB server to support encryption and encrypt the data.

If you disable or do not configure this policy setting the SMB client will not require encryption. However SMB encryption may still be required; see notes below.

Note: This policy is combined with per-share per-server and per mapped drive connection properties through which SMB encryption may be required. The SMB server must support and enable SMB encryption. For example should this policy be disabled (or not configured) the SMB client may still perform encryption if an SMB server share has required encryption.

Important: SMB encryption requires SMB 3.0 or later

Solution

Policy Path: Network\Lanman Workstation
Policy Setting Name: Require Encryption

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/windows-11-version-24h2-security-baseline/ba-p/4252801