Solved

Immutable backups on a NAS


Userlevel 4

What do you guys think of installing ubuntu server as  a VM on Qnap 8Bay - Raid 10 NAS.

Then pushing Immutable backups to it. The NAS will not be connected to the internet.

I would love to learn the possible risks and vulnerabilities of this?

We still follow the 3:2:1 rule. This is just for extra.

Thanks all.

Jay

 

icon

Best answer by Chris.Childerhose 25 June 2021, 00:18

View original

7 comments

Userlevel 7
Badge +20

Yeah this would be an added layer for sure.  Not a bad idea.

Userlevel 4

Thanks, I will have to connect it to the internet from time to time for Firmware Updates.

Thanks for your input. I really appreciate it.

Jay

Userlevel 7
Badge +20

Not a problem at all.

Userlevel 7
Badge +12

Sounds like a good idea to increase the security of your backups. After setting everything up, you should disable any kind of remote management, so that neither the VM nor the NAS can be accessed or managed. Is it possible to put the management of a QNAP on a dedicated NIC? If so, then I would just disconnect this NIC and connect it only for maintenance.

Userlevel 7
Badge +11

Good idea @regnor regarding this disconnecting the NIC

Userlevel 7
Badge +12

Good idea @regnor regarding this disconnecting the NIC


I'm not sure if that's even possible on NAS appliances as opposed to hardware servers where I would disconnect the RMM and disable SSH. At least the smaller appliances with only a single NIC won't have this capability I think.

Userlevel 4

Great Ideas!!!

Comment