Remote backup to NAS

[trauts14]

Does anybody have a link or can anybody explain if I can remote backup to NAS. Foe example, if I buy a NAS that lives at my house, can I Backup files from the work computer to this NAS? or maybe can my family in another state backup to my NAS? If so does this require any special software?

 

[stevech]

no special software. A NAS such as made by Synology and QNAP can be configured to present a password protected shared folder to the Internet.

You'll need to config. your router to open the firewall/ports to permit this. Not difficult but confusing to do 1st time. We'll help.

Other NASes can do this, but personal opinion, the two above are the best for casual users.

 

[claykin]

All good if security of your data/home LAN is not important to you.

Keep in mind that NAS appliances run Linux and when exploits are discovered you can be exposed to attacks that can take control over your NAS.

Just my 2 cents.

I recommend you use a VPN to connect to your NAS.

no special software. A NAS such as made by Synology and QNAP can be configured to present a password protected shared folder to the Internet.

You'll need to config. your router to open the firewall/ports to permit this. Not difficult but confusing to do 1st time. We'll help.

Other NASes can do this, but personal opinion, the two above are the best for casual users.

 

[stevech]

As an alternative to the hassles of VPN...
How about using a specific shared folder for the internet exposure w/password. In that folder, don't put sensitive files.
Or does one worry that some exploit will get at the entire NAS?

Also, sensitive data can be put into an encrypted file such as done by SafeHouse (virtual FAT32 encrypted "drive", is a file), AES256 encryption within WinZip, etc.

 

[claykin]

Or does one worry that some exploit will get at the entire NAS?

.

Yes, that's a distinct possibility. All commonly used platforms have at one time of another suffered from exploits that could allow a remote attacker to take admin level control. NAS appliances have all sorts of addons that were not developed in house by the NAS OEM. Your NAS may be reasonably secure today, but rest assured that more exploits will be discovered. Its a certainty.

Companies like Synology and Qnap are throwing feature after feature at their NAS appliances these days. Some developed in house, others from open source or for profit vendors. One can only wonder how long it will be before holes will be discovered.

Assuming I had to come with a reasonably secure way for someone to do as you Stevech mentioned, here's how I'd recommend they approach it.

1) Use a quality (not consumer) router/gateway that will allow you to by rule to forward traffic to a different LAN subnet with only the NAS on that subnet.
2) Encrypt all backup data using AES128 or better before it leaves the source machine.
3) Make sure AES password is reasonably complex (minimum 12 characters using upper, lower case, numbers and symbols).

 

[stevech]

I use the free version of this
http://www.safehousesoftware.com/

it creates an encrypted file that is indeed a virtual disk drive that you mount when needed with one mouse click and the password. In that virtual drive you simply drop/drag your sensitive files. When you close the last file you're working with, the drive is automatically dismounted and temp files are erased.

The file can be on a NAS.

It's more convenient to use than TruCrypt.

 

[claykin]

Interesting. Its not open source but on the surface looks alright. Thx for sharing.

I use the free version of this
http://www.safehousesoftware.com/

it creates an encrypted file that is indeed a virtual disk drive that you mount when needed with one mouse click and the password. In that virtual drive you simply drop/drag your sensitive files. When you close the last file you're working with, the drive is automatically dismounted and temp files are erased.

The file can be on a NAS.

It's more convenient to use than TruCrypt.

 

[blatboy]

I'm also new around these parts and have been lurking for some time as I'm expanding my network in the studio and trying to learn more about NAS storage. My needs are similar to the needs of the OP. I want to mirror my work drive from the studio (with audio, so it's a lot of data) and also backup my sensitive records to an off site NAS drive at my home.

Please pardon me if the question has already been covered, but "ftp" is too common a parameter to be searched for. Also please pardon my noobness in general to some of these concepts...

Ok enough disclaimer...

As a less hassle option to a VPN... What about using FTP protocol, w/file encryption with a complex password? How would that compare to using a NAS' built in OEM setup, that you say could have some holes? Or is that a completely separate thing?

I'm somewhat being devil's advocate here as I'm still trying to make sure I have a grasp of the concepts. I'm leaning towards using the VPN myself after reading this, but I am curious... as I've used FTP for file transfers to client's systems. However, now that I think about it, most sensitive information (contracts etc) was transferred via email, not this FTP system.

Thanks

 

[stevech]

FTP and secure FTP is offered in these NASes. If you use it on the standard port 21, expect a lot of failed logins from China, Inc.

Synology and QNAP (and ?) offer other ways to access, such as WEBDAV and iSCSI. These are more complicated than FTP.

You can also use these NASes from a web browser on a PC. Login/password then drag-drop folders for a manual backup.