It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-6)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Site Security Scanner

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda SecureEdge

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Managed Security Awareness Training (Managed Phishline)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Intronis Backup (ECHOplatform)

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Site Security Scanner

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-6)

How to Access a Windows File Share Using SecureEdge Access

Last updated on 2025-06-30 23:00:36

This article covers the configuration of DFS file sharing using Kerberos authentication. To enable a Windows Share using the SMB/CIFS protocol, you must allow traffic to the server that hosts the share, as well as to its domain controller(s) for authentication purposes.

Requirements

You must have SecureEdge Access Agent version 2.0.2 or higher.

To enable a Windows file share for use with SecureEdge, follow these steps:

Add a Custom Network Application that opens port 445 on your file server.
After this configuration is complete, run a DNS SRV query on the Kerberos service associated with the domain of the file server. This will allow you to identify which domain controllers are responsible for managing the authentication.
These servers will not undergo automatic backhauling. Therefore, you will need your second Custom Network Application to manage these IPs, which open ports 88 (Kerberos), 389 (LDAP), and, if the user's domain controllers prefer LDAPs, port 636 as well.
Add the Zero Trust Access policies for your Custom Network Application and define the ZTNA condition. This includes specifying the users and groups permitted access, as well as assessing your device posture to ensure compliance with security standards.