Security features
Can they keep your data safe?
The upside to a central repository of files is that you can access all your data from virtually any device or machine on the network. The natural downside is that your data is at risk. Security is a key feature for any NAS setup. Apart from using encryption where possible, you must configure robust firewall rules and access control lists to ensure your data isn’t accessible by all and sundry. You must also adopt the strictest security practices such as using HTTPS and using secure data transfer protocols to keep your data safe during transit. It’s good advice to also brush up on SSH best practices if you plan on using that protocol for accessing your data.
FreeNAS and NAS4Free are based on FreeBSD. While FreeNAS doesn’t provide many security features itself, trusting users to adopt the best practices as discussed above, it does support 256-bit encryption of the storage drives. For their ZFS volumes, FreeNAS and NAS4Free support GELI full disk encryption.
EasyNAS has no security features to speak of. You can restrict access to the administrative interface using ACL or IP addresses and even configure Radius to make remote users authenticate, but that’s about it. Unsurprisingly, the distribution comes in last in this particular security subtest.
Like FreeNAS, Rockstor also supports full disk encryption, but with LUKS. While OpenMediaVault doesn’t enable you to encrypt the data, you can install the LUKS plug-in for OpenMediaVault that provides the same functionality. By default, all filesystems on OpenMediaVault are mounted with the noexec flag. This security feature prevents the execution of scripts that have been placed in the shared folders.