NAS: Tips That Home Users Should Pay Attention To When Buying And Using NAS
Network Attached Storage (NAS) Allows Access To Files Hosted On A Storage Device Using Computers Or Mobile Devices.
This access can be local or through the Internet. In general, NAS presents storage media such as hard disks, solid-state memories, or a combination of both media in an aggregated form and based on a single configuration to the local network so that it feels like you are using a large local hard disk.
What is NAS?
NAS can be considered similar to a cloud storage solution like Google Drive or Dropbox, except you have complete control over it. NAS provides unified storage space for networked devices and allows multiple devices and users to access it simultaneously.
In this case, if there is a problem with the computer or computers on the network or if the files are damaged, the clients on the web will have access to the files without issues because the files are stored on the NAS, and any changes to the files are made in this single location.
Of course, NAS capabilities are not limited to the local network; if configured correctly, it can connect to a NAS via the Internet. To be more precise, network storage allows you to implement a personal cloud storage server.
Why do we need NAS?
You might want to have a NAS at home or work for several reasons. Among these reasons, the following should be mentioned:
- Are you a professional photographer who regularly takes high-quality photos that require high-capacity storage space for archiving, editing, and quick access?
- As a network expert, you must make backup copies of data so that everything can be restored quickly in case of natural disasters or hacker attacks.
- Your field of work is compiling and editing video files; whenever you make changes to the file, the previous version should be kept. In such a situation, you need sufficient and integrated storage space to share information so company employees can access it simultaneously.
In all these cases, NAS eliminates the dependence on a personal computer for data storage. It also provides automatic backup and wireless transfer options to simplify the process. The model you intend to buy depends on your usage and budget.
For example, a small business may need a small NAS with basic features. Larger organizations connect their servers to networked storage to provide unified storage space for all servers.
If you are an average home user who has just entered the network world and intends to buy and use a NAS, you do not need to think about buying expensive models because there are various options in the market to meet the needs of home users.
What points should we pay attention to when buying?
In the product description, you should consider the term Disk-Included vs. Diskless. Seagate and Western Digital are the two largest storage drive manufacturers worldwide, and they sell NAS with pre-installed disks. Since you’re buying an all-in-one product with the basics already installed and configured, you likely won’t need to do anything special when connecting the NAS to the network.
To get the NAS up and running, you’ll only need to make minor adjustments. To be more precise, plug the device into a power outlet, plug in the network cable, and follow the on-screen instructions. Typically, these devices are provided to users with an app that can be installed on mobile phones.
The downside of some NASs with a disk is that they may be limited to the manufacturer’s hardware and software ecosystems.
For example, some Western Digital My Cloud models require an active Internet connection for the initial NAS setup.
It may be challenging if you are looking for a completely offline device. In addition, some models, albeit few in the market, come with non-replaceable drives pre-installed. So if the drives get damaged, replacing them is impossible; to be more precise, you have to buy a disposable device.
Some users prefer to buy the NAS and its disks separately. To be more precise, they are looking for a diskless NAS. In this case, you will have to configure some settings to use the NAS, but in return, you will achieve the highest level of flexibility in terms of hardware and software.
Diskless NAS solutions come in various models. Some can only support two disks, while others can support many different disks. The advantage of this storage model is that you can add the required drives based on your work needs.
Synology is the most well-known manufacturer of diskless NAS.
Other diskless storage brands include QNAP, Asus, Western Digital, Netgear, etc. While diskless NAS models are more expensive than pre-configured ones, they give you more features. For example, when NAS disks fail and must be repaired, you won’t have a problem with this.
Most diskless NNASs come with an entire operating system and applications. For example, applications installed on the NAS can be used on Synology devices. These programs provide services related to e-mail servers, video surveillance systems, video streaming servers, etc. Usually, managing and monitoring diskless devices is done through a web browser, which is not that difficult.
For example, Synology-branded NAS devices come with the company’s DiskStation Manager operating system. This brand provides a simulated version of its operating system in a test form for users who want more detailed information about Synology’s performance before purchasing its products.
The most straightforward NAS implementation: use your router’s USB port
You can implement a home NAS most easily if you have purchased external hard drives. Most high-end routers have a USB port. You can easily set up a high-speed home NAS if your router has such a feature. Once you have connected the hard disk to the router, you should go to the router settings and enable the file server feature.
Popular brands such as TP-Link, D-Link, and similar examples have the above feature with the same name. For instance, in Netgear routers, this feature is called ReadySHARE. Since most routers only have one USB port, you can only connect one hard drive. However, routers do not have enough memory or a powerful processor like NAS, so they do not offer additional features such as data backup.
Use a Raspberry Pi board to build a NAS.
Another low-cost option is to use a Raspberry Pi board as a NAS. Since Raspberry Pi is a low-cost and low-power computer that can run a Linux operating system, it is used for special applications, including NAS. Of course, Raspberry Pi-based NAS has its drawbacks, including limited access to USB ports and a lack of support for high-power Ethernet networks.
However, it’ll do the trick if you’re looking to hook up a drive or two and don’t need very high transfer speeds. Since Raspberry Pi is an entire computer, it can host various services. It doesn’t matter whether you use a router or a Raspberry Pi; both options are basic NAS capabilities provided to you. Also, they provide complete services as long as you use them for everyday tasks.
Security tips that you should pay attention to when using NAS
As you might have guessed, NAS is one of the most critical network hardware because it hosts essential data. For this reason, you must observe safety precautions when using it.
If you ignore potential and straightforward security, network storage can be easily hacked or infected with malware, just like the SynoLocker ransomware that victimized Synology network storage a few years ago. Fortunately, there are simple solutions to protect NAS from hacker attacks; we will mention six below.
Don’t forget to update the NAS firmware.
Perhaps the easiest way to secure your NAS is to keep the firmware that acts as the NAS‘s operating system up to date. Companies like Synology provide users with the efficient DiskStation Manager tool, which provides a report on the device’s firmware status and available updates (Figure 1).
figure 1
Updates provide users with new and exciting features and fix security problems and vulnerabilities in devices. Consider, for example, the SynoLocker ransomware that exploited a vulnerability in DiskStation Manager to infect users’ devices.
Newer versions don’t have this problem, but if you haven’t updated your device’s software in years, chances are you’re in the crosshairs of hackers. Hackers constantly test critical software for vulnerabilities, so you must always get the latest updates.
Deactivate the default admin account.
Network storage devices are marketed with a default administrative account, which is usually admin (Figure 2). The problem is that you cannot change the username of this default account.
Therefore, we recommend deactivating the default administrator account and creating a new user account. In this case, hackers need the username and password to break into the device, whereas if the default account is enabled, they would only focus on cracking the password.
Unfortunately, some home users never change the default user account on their NAS and routers and use the admin username and password by default. Creating an administrative user account with a unique username and using a strong password reduces the possibility of cracking both parameters.
figure 2
Enable two-step authentication
We recommend doing so if you haven’t already used a two-factor authentication mechanism for your online accounts (Figure 3).
Figure 3
Most NASs support two-factor authentication. This powerful mechanism requires a username and password to log in to a device and a PIN code sent to another device, such as a phone, to confirm the login. The above approach prevents hackers from accessing your account.
Use HTTPS
When you access your NAS remotely, you most likely connect to the device via the HTTP protocol, which is not a secure solution and can implement an open connection. To fix this problem, you can configure the NAS always to use an HTTPS connection (Figure 4).
Figure 4
However, you must first install an SSL certificate on your NAS. To get started, you’ll need a domain name to associate an SSL certificate with, and then, you will have to bind the IP address of your NAS to the domain name. To benefit from an SSL certificate, you need to purchase it, the annual cost of which is not high. Of course, some NAS support Let’s Encrypt free SSL certificates.
Configure the firewall
Firewalls are the best defense against hacking attacks because they block connections automatically. Based on predefined policies defined by the user, firewalls can keep only specific contacts open and block other connections (Figure 5).
Figure 5 Some devices do not have firewalls enabled by default. For this reason, they allow data packets to enter or leave the network without inspection.
Therefore, check your firewall settings on the NAS and define policies that suit your needs. For example, you can specify a specific approach to block all IP addresses belonging to certain countries or explain a procedure to allow particular ports corresponding to IP addresses in Iran to access the NAS.
If possible, do not connect the NAS to the Internet
If you follow the security recommendations we mentioned, the security of the NAS will increase significantly, but you are still not completely secure. The best thing you can do is completely disconnect the NAS from the outside world.
Some users and organizations may not be able to do this, especially if they host multiple services or run virtual machines on NAS. A typical example is setting up a NAS as a cloud storage service.
If the NAS will communicate with the world outside the local network, you must be fully aware of the security risks. For example, you should know how to block unused ports, check the methods that hackers use to attack the NAS and investigate this whenever you see a suspicious sign of unusual use.
In general, if you want to keep your NAS secure, you should only use it on your local network.