...
| Adv | Dis | Speed | |
|---|---|---|---|
| NFS V3 | Speed Simplicity | MiTM attack. Compromised Credential Attack | 10Gbps+ |
| Kerberos | Relatively Secure Stops MiTM Attack Can reduce Compromised Credential attack Configure on a per share basis so some shares can be "raw" Standard | Requires NFSv4 Kerberos credentials expire Complicated keytabs can be stolen | 50%(untested) 100% if unsecured |
| IPSEC | Stops MiTM attack Can be used for other ports (but not required) Standard | Does not stop Compromised Credential Attack | 25% |
| STUNNEL | Faster(currently) then ipsec (as tested) Can be used to secure a single machine (or set ) against MiTM attack | Hard to use to stop MiTM attack with multiple trust boundriesboundaries Does not stop Compromised Credential Attack | 50% |