SMB1 only
Wow SMB1 ripped out.
Lets rip out NetBIOS over TCP/IP and run SMB over so called directly hosted port 445 (goodbye WINS)
But better still disable, NTLMv1 and NTLMv2 and just do Kerberos only. NTLM is arguably a much bigger problem than SMB1.
Then we can start talking about how you are addressing security issues!
Does it take a widely exploited flaw before MS disables some of this old crap. Flaws in NTLMv1 and v2 have been widely discussed in hacker conferences for years.