• SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Recent content by jmichael

  1. J

    Firewall for NAS

    It does seem like something like the EdgeRouter Lite (reviewed on SmallNetBuilder) might do the job, and only costs about $90. if I understand correctly, it's a high-throughput router with a basic (not UTM)) firewall. Any thoughts would be sincerely appreciated. I'm a bit afraid of the...
  2. J

    Firewall for NAS

    Thanks very much for your response. No, not that we control. From our point of view it is a direct connection. It's a big enterprise, and wouldn't be feasible to work at the gateway. Yes, though I couldn't find a firewall that would do only that. If the wisdom is that UTM is needed in...
  3. J

    Firewall for NAS

    It is connected via 10Gb ethernet with a routable IP. Nothing on our network is assigned private IPs. I know the above goes against everything you (and others) so kindly taught me previously. So, I'm now using the QNAP iptables interface to limit access to the IPs in our netblock and...
  4. J

    Firewall for NAS

    Thanks v. much sinshiva. Since I don't quite know what I'm doing, I appreciate the confirmation that at least this would be a reasonable option. I did hope that there was some sort of very simple, inexpensive firewall with high-throughput, but I guess (usually) you get what you pay for...
  5. J

    Firewall for NAS

    Hello, I'm using a QNAP 870 Pro. I need to allow non-local FTPS access to the device. The firewall interface provided in the NAS won't do this: the QNAP interface only seems to offer all-or-none per-IP range. So, to allow an IP range FTPS, I have to allow SSH and the web interface too...
  6. J

    Mistaken Purchase: How to Mitigate?

    Thanks Tim. I can also report back as I went ahead and opened the T870 Pro. I have loads of data comparing the QNAP 870 Pro to the Synology 1513+ and some Ubuntu servers (all using the same cables, host, files and even ssl certificate to reduce the number of variables). A bit anecdotal I...
  7. J

    Mistaken Purchase: How to Mitigate?

    Thanks for the help. Why is that? I am starting to see that it is axiomatic that a NAS is not used to serve outside the local network, and there are probably good reasons for that. But, why could the NAS not be trusted to authenticate users and encrypt transmission just as well as VPN...
  8. J

    Mistaken Purchase: How to Mitigate?

    Thanks Tim. So, I guess I do fundamentally misunderstand how these devices are usually implemented. From this thread, I take it they are typically only accessible via the intranet (i.e. either local or VPN required). I'm now wondering if trying to replace a sharing service like Box...
  9. J

    Mistaken Purchase: How to Mitigate?

    Thanks again for your patience and helpfulness... this is a great forum. To be clear, they claim 100 MB/s for their new i3-based systems, not for the Atoms. For example, see this comparison of the 669 Pro and the 670 Pro. The main difference seems to be the 669 Pro has an Atom and the 670...
  10. J

    Mistaken Purchase: How to Mitigate?

    Yes, now that I understand this idiom, that is the most likely cause. :D So, it is true then that these Atom-based devices just cannot handle on-the-fly encryption? So much so that it is "pilot error" (aka stupid) to expect them to do it reasonably well (either drive encryption or TLS or...
  11. J

    Mistaken Purchase: How to Mitigate?

    Just remote users, and just to replace their Box enterprise account i.e., FTPS and HTTPS sharing mostly. That's part of the issue. They are on Internet2 and get insane speeds between peers. They even achieve near 1 gigabit with regional non-peers, at least according to speedtest.net. In...
  12. J

    Mistaken Purchase: How to Mitigate?

    Sorry, what's cockpit trouble? English isn't my native language, sorry.
  13. J

    Mistaken Purchase: How to Mitigate?

    Hi Thiggins- that was my initial thought, but they also want to replace an (insanely expensive) Box enterprise account which they use for sharing files and data with external collaborators. So, they don't want external collaborators to have to login to VPN in order to access shared resources...
  14. J

    Mistaken Purchase: How to Mitigate?

    After much research, I bought a Synology 1513+ unit and a DS414 (for backup) for an internet-facing SMB-class system. I got 5x3TB WD Re enterprise drives (12 GB in RAID-5) for the primary unit and 3x4TB WD Red NAS drives for the backup (12 GB in JBOD), a UPS and so forth. Total cost: $3000...
Back
Top