Read more.Quote:
Incremental upgrades to an already solid foundation.
Printable View
Read more.Quote:
Incremental upgrades to an already solid foundation.
What's the security like on these? I keep hearing horror stories about NAS attacks.
When you register your device on QNAP's myQNAPcloud service the number of Admin Login attacks are Non-Stop mainly from Russia - I had to turn mine off it got so bad.
I'm on my second Qnap never had an issue
I've had a few QNAP boxes (currently, a TS-453D) and have never experienced any problems but, after their recent fumbles, I might stop and think before buying another.
All major NAS brands have had their issues though QNAP were most recently hit, with QLocker ransomware. What's not entirely clear is how it got in, though current belief is via two bits of buit-in software.
What is security like? Umm, how long is a bit of string? Who administers a NAS? Have they kept firmware uo to date? Have they kept app's up to date? How do they have the security settings set, what is turned on and what is turned off? And so on.
There are a LOT of settings in these that can be and should be disabled, .... unless you are going to use those facilities. Some, but not all, are, right out of the box.
For instance, do you need to be able to administer the NAS from a non-local location? No? Turn the ability to do so off. Do you need UPnP-type services running? No? Turn it off so apps on your systems can't just request port so-and-so be opened, and have it happen.
And so on.
There are plenty of online guides are to locking the NAS down, and plenty of tutorial videos. There is also some online help built in to the NAs itself BUT .... the responsibility for doing some legwork rests with the owner.
So, if you're going to put all your data in one place, for gawd's sake put in a decent tiered backup system. These boxes come with a variety of tools designed to let you do just that, but you still have to think about your data and how important different types are, and what is necessary to protect those different types.
Overall security? Secure login set up? Not by default,so get or create self-certificates and enable it. Folder-level encryption turned on? Not by default, but it's there to use. Access locked down to MAC addresses defined by you? Not by default but you can. Two-factor authentication (key files, codes, Yubikey, etc) enabled? Not by default but the provision is there. Have you disabled the HTTP server? No? Do so unless you need it. FTP server? Make sure it's turned off unless you need it.
The tools are all there ... if you understand them, and use them. If you buy one, plonk all your dataon it, don't lock it down and don't keep it up to date? Well, the risk factor goes rght up. All IMHO, of course.
Is anything entirely safe? Not if it has an internet connection at all. Can the risk be pretty small? Yes, if you look after security settings, on an on-going basis (not set and forget), AND do regular and carefully considered backups, yes.
As a TS-251D user, re using HDMI 2.0 for direct 4K60 output. This is no longer possible with Plex/Qnap-QTS (unsupported by QTS for at least 18 months). Qnap stance is that Plex for HD-Station is outdated and abandoned... you use the NAS as a server not a player.