Update 8/17/2021: this is all available now, come and get it! https://aka.ms/smboverquic
Hi folks, Ned Pyle guest-posting today about SMB over QUIC, a game-changer coming to Windows, Windows S...
Updated Aug 17, 2021
Version 3.0
Blog Post
Hi Ned,
Does conditional access figure into this in any way? For example, I would prefer that a work-from-home employee only be able to connect to the file server on his work laptop, and one that is also "compliant". In that scenario there would need to be more than just a username and password required to connect (otherwise the user could potentially connect from his personal laptop, etc.). I would guess this sort of scenario could work by requiring Microsoft Intune enrollment of the client device for device compliance checks (as is already possible) and leverage Azure conditional access. There would need to be some communication between Intune / Azure and the on-premises Windows server, letting the server know the device the user is connecting from is compliant before allowing the user to connect to SMB. With Azure conditional access, over course, many other things could be "checked" in addition to device compliance, such as location client is trying to connect from. For example, we may want to limit connections to only those inside the United States and Canada.