SMB signing also has a large impact on windows servers, I have heard at least one story from the trenches about clients enabling smb signing with windows patches and the poor bewildered windows server operator wondering why his servers are suddenly so overloaded. So, I would imagine adding encryption would have a significant overhead. You might feel lucky that you know the cause and how to prevent it. I would say it all depends on what the other 70% of your cpu is doing. Also, assuming traffic does not increase alot with a faster filer, the percentage would most likely decrease.
To be clear, SMB signing is exactly what it says -- a signature, not encryption.
The SMB MAC is essentially an MD5 of { key | SMB packet }. If you think something is odd with NetApp's implementation and you have access to similar hardware it wouldn't be difficult to construct a test case.
-- Luke
--