A new threat cluster identified as OP-512 is actively targeting Microsoft Internet Information Services (IIS) servers to deploy a sophisticated web shell framework. Researchers believe the group is focused on espionage and specifically selects organizations that align with Chinese intelligence priorities. This activity follows a trend of multiple China-linked threat actors focusing on IIS vulnerabilities over the past year.

Source

The x86 processor market experienced a significant decline in total shipments during the first quarter of 2026. Despite this general downturn, the server CPU segment bucked the trend by growing more than 10 percent compared to the previous year. This growth is largely attributed to the sustained demand for high-performance hardware required for artificial intelligence workloads in datacenters.

Source

Du code piégé glissé dans des paquets signés Red Hat, et téléchargé environ 80 000 fois par semaine. C'est le bilan d'une attaque repérée le 1er juin.

Pour bien saisir, il faut d'abord savoir ce qu'est npm. C'est l'immense bibliothèque où les développeurs JavaScript piochent des briques de code toutes prêtes plutôt que de tout réécrire. Des millions de projets en dépendent au quotidien.

Et c'est exactement là qu'un malware s'est faufilé. Plusieurs dizaines de paquets publiés sous le nom de Red Hat (l'éditeur du système Linux du même nom, racheté par IBM) ont été infectés par un ver, c'est-à-dire un logiciel malveillant capable de se propager tout seul d'une machine à l'autre.

Le ver s'appelle "Miasma", une variante du tristement célèbre Shai-Hulud, du nom des vers géants du film Dune. Cette fois les pirates ont troqué les clins d'œil à Dune contre de la mythologie grecque, mais le principe ne change pas.

Son fonctionnement est vicieux. Le code malveillant se déclenche via un "preinstall hook", un petit script qui s'exécute automatiquement dès qu'on installe le paquet, avant même que le développeur n'ait touché à la moindre ligne. Pas besoin d'ouvrir quoi que ce soit, l'infection est immédiate.

Une fois en place, il fait les poches de la machine. Clés d'accès aux clouds d'Amazon, Google et Microsoft, jetons Kubernetes et Vault, clés SSH, tokens npm... bref, tout ce qui permet de se connecter ailleurs et de continuer à se répandre.

Et c'est tout l'intérêt d'un ver pour un pirate. Avec un jeton npm volé, le malware peut republier d'autres paquets vérolés au nom de leurs vrais propriétaires, qui contamineront à leur tour de nouvelles machines. La chaîne s'auto-alimente.

D'après les chercheurs de Wiz (la filiale sécurité de Google) et de Socket, qui ont levé le lièvre, le tout remonte au compte GitHub piraté d'un employé de Red Hat. Socket a compté de son côté une trentaine de paquets touchés et près d'une centaine de versions vérolées. Les paquets ont été publiés via la chaîne de production automatisée de l'entreprise, pas via un simple mot de passe volé, ce qui rend l'attaque encore plus difficile à repérer.

Red Hat a réagi vite et retiré les paquets de npm. La boîte précise que ce code n'a jamais été destiné à ses clients et qu'il s'agissait d'outils internes, sans impact connu sur ses systèmes en production.

Le coupable, lui, est encore inconnu. Le groupe TeamPCP avait publié le code source de ce ver en accès libre, du coup impossible de dire si ce sont eux ou un imitateur qui sont derrière l'attaque.

Ce qui est fou, c'est moins cette attaque que sa facilité de copie. Hélas, des vers open source qui se dupliquent, on n'a clairement pas fini d'en voir passer.

Source : The Register

Amazon Web Services has introduced built-in durability for Amazon ElastiCache for Valkey to support the persistent memory requirements of AI agents. This update allows organizations to store agent states and retrieval-augmented generation knowledge bases directly within the cache without risking data loss. Users can now enable persistence through a simple configuration setting rather than migrating to a separate database platform.

Source

Le CCB a publié une alerte à propos de la CVE-2026-41089, une faille présente dans le service Netlogon de Windows Server : elle est exploitée par les pirates.

Le post Windows Server – CVE-2026-41089 : cette faille critique dans Netlogon est exploitée ! a été publié sur IT-Connect.

Intel has revealed details for its upcoming Diamond Rapids Xeon processors, which are scheduled for release in 2027. These chips will feature up to 192 cores, representing a 50 percent increase in core count over the previous generation. However, Intel is officially removing simultaneous multithreading, commonly known as hyperthreading, from this specific server lineup.

Source

Intel introduced the Crescent Island data center GPU at Computex 2026, targeting the growing demand for AI inference workloads. Built on the Arc Xe 3P architecture, the card features a massive 480GB of LPDDR5X memory, a significant increase from earlier 160GB specifications. The unit operates with a 350W thermal design power and utilizes air cooling to manage heat in high-density rack environments.

Source

Nvidia has announced the full production of its Vera Rubin platform, which succeeds the Blackwell architecture for enterprise AI infrastructure. The centerpiece of this lineup is the Vera CPU, a custom processor featuring 88 cores designed specifically to handle agentic workloads and complex data processing. This hardware is integrated into the Vera Rubin NVL72, a liquid-cooled rack system that significantly improves training efficiency and inference throughput for large-scale models.

Source

Suite à l’installation de la mise à jour KB5087537 sur Windows Server 2016, la recherche et la découverte des contrôleurs de domaine AD peuvent échouer.

Le post Un bug surprenant affecte Windows Server 2016 suite aux correctifs de mai 2026 a été publié sur IT-Connect.

Microsoft now offers Windows Server 2025 hotpatching through Azure Arc at no additional charge for eligible Azure Arc-enabled servers. Hotpatching installs Windows security updates without restarting the server in most months, but it does not eliminate all reboots. You still need Azure Arc, the Azure Connected Machine agent, Virtualization-based Security, and a supported Windows Server 2025 edition. This article explains what those requirements mean, how to enable the feature, and where its limits are.

Source

UniFi UNVR Gen 2 and UNVR Gen 2 Pro: What Has Actually Changed?

UniFi’s UNVR range has always occupied a fairly clear role in the Protect ecosystem: a dedicated rackmount recorder for users who have outgrown smaller gateway-based recording, or who want their surveillance storage separated from the rest of their network hardware. With the new UNVR Gen 2 and UNVR Gen 2 Pro, Ubiquiti is shifting that role further. These are still network video recorders first, but the hardware and software changes point toward a more active surveillance appliance, with higher camera support, local AI processing, HDMI output for live viewing, and closer integration with the newer direction of UniFi Protect. The issue is that this also comes with a much higher price than the previous UNVR and UNVR Pro, so the question is not simply whether the Gen 2 models are better, but whether the added hardware and features are relevant enough to justify the increase for different types of deployments.

UNVR G.2 and UNVR G.2 Pro – Specifications

The UNVR Gen 2 is the 1U model in the new range and keeps the same general rackmount class as the original UNVR, with 4 2.5/3.5″ HDD or SSD bays. Its camera support is rated at up to 50 HD cameras, 35 2K cameras, or 25 4K cameras, with support for 150+ Access Hubs. Networking is handled by 1 10G SFP+ port and 1 2.5GbE RJ45 port, while the chassis measures 442.4 x 43.7 x 325 mm.

Internally, it moves to a Qualcomm Kryo CPU built on Arm Cortex technology using a 4 nm process, with 1 Prime core at 3.2 GHz, 4 Performance cores at 2.8 GHz, and 3 Efficiency cores at 2.0 GHz. Memory is increased to 8 GB, drive power budget remains 75W, and maximum system power consumption is listed at 100W.

The UNVR Gen 2 Pro is the larger 2U model and increases the drive count to 8 2.5/3.5″ HDD or SSD bays, compared with 7 bays on the previous UNVR Pro. Its camera support is rated at up to 100 HD cameras, 70 2K cameras, or 50 4K cameras, again with support for 150+ Access Hubs. The Pro model uses the same Qualcomm Kryo CPU arrangement as the smaller Gen 2 model, but increases memory to 16 GB. Networking consists of 1 10G SFP+ port and 1 2.5GbE RJ45 port, with a listed chassis size of 442.4 x 87.4 x 325 mm. The drive power budget rises to 155W, while maximum power consumption is listed at 200W.

Both Gen 2 models also include HDMI output for the built-in ViewPort function, which allows a Protect multi-view to be assigned directly to a connected display rather than requiring a separate ViewPort device.

Specification	UniFi UNVR Gen 2	UniFi UNVR Gen 2 Pro
Price	$699	$999
Form factor	Rackmount 1U	Rackmount 2U
Dimensions	442.4 x 43.7 x 325 mm	442.4 x 87.4 x 325 mm
Drive bays	4 x 2.5/3.5″ HDD/SSD	8 x 2.5/3.5″ HDD/SSD
Managed cameras	50 HD / 35 2K / 25 4K	100 HD / 70 2K / 50 4K
Managed Access Hubs	150+	150+
Networking	1 x 10G SFP+ / 1 x 2.5GbE RJ45	1 x 10G SFP+ / 1 x 2.5GbE RJ45
HDMI output	Yes, built-in ViewPort	Yes, built-in ViewPort
ViewPort stream limit	Up to 16 streams	Up to 16 streams
Processor	Qualcomm Kryo CPU built on Arm Cortex technology, 4 nm	Qualcomm Kryo CPU built on Arm Cortex technology, 4 nm
CPU configuration	1 Prime core at 3.2 GHz, 4 Performance cores at 2.8 GHz, 3 Efficiency cores at 2.0 GHz	1 Prime core at 3.2 GHz, 4 Performance cores at 2.8 GHz, 3 Efficiency cores at 2.0 GHz
Memory	8 GB	16 GB
Integrated Edge AI	Yes	Yes
AI detections	Up to 1,000 per hour	Up to 1,000 per hour
Edge AI features	Natural Language Search, Object Indexing in Find Anything, Person ReID, Search by Image	Natural Language Search, Object Indexing in Find Anything, Person ReID, Search by Image
Max. drive power budget	75W	155W
Max. power consumption	100W	200W
Power method	Universal AC input, 100 to 240V AC, 50/60 Hz	Universal AC input, 100 to 240V AC, 50/60 Hz
Power supply	Internal PSU, 100W	Internal PSU, 200W
Minimum NVR version	Not specified in supplied notes	5.1.10
Minimum Protect version	7.1.46	7.1.46

UNVR Gen 2 vs Original UNVR: Where the Price Increase Comes From

The clearest difference between the original UNVR and the UNVR Gen 2 is the change in hardware platform. The older UNVR uses a quad-core ARM Cortex-A57 processor at 1.7 GHz with 4 GB of memory, while the UNVR Gen 2 moves to the newer Qualcomm Kryo ARM-based CPU platform and 8 GB of memory. The network layout has also changed, with the older model using 1 GbE RJ45 alongside 10G SFP+, while the Gen 2 model upgrades the RJ45 connection to 2.5GbE. Storage bay count remains the same at 4 bays, but camera capacity changes from 60 HD, 30 2K, or 18 4K cameras on the original UNVR to 50 HD, 35 2K, or 25 4K cameras on the Gen 2 model. That means the newer system is not a straight increase across every camera category, but it does raise support for higher-resolution 2K and 4K deployments.

The pricing difference is more substantial than the specification changes would suggest if this were only a conventional recorder update. The original UNVR is positioned at $299, while the UNVR Gen 2 is positioned at $699. The explanation appears to be that UniFi is treating the Gen 2 model as a more complete Protect appliance rather than just a higher-performance version of the old 4-bay recorder.

The HDMI output effectively integrates ViewPort-style live display support, while the built-in Edge AI features shift part of the workload that would otherwise require additional hardware such as an AI Key. This does not make the older UNVR obsolete for simpler recording tasks, but it does change the buying decision. The Gen 2 model is aimed more clearly at deployments that need local AI search, image-based search, person re-identification, and direct live monitoring from the recorder itself.

Specification	Older UNVR / UNVR Pro	New UNVR Gen 2 / UNVR Gen 2 Pro
Models compared	UNVR / UNVR Pro	UNVR Gen 2 / UNVR Gen 2 Pro
Price	$299 / $499	$699 / $999
Form factor	1U / 2U	1U / 2U
Dimensions	442 x 325 x 44 mm / 442 x 325 x 87 mm	442.4 x 43.7 x 325 mm / 442.4 x 87.4 x 325 mm
Drive bays	4 x 2.5/3.5″ HDD/SSD / 7 x 2.5/3.5″ HDD/SSD	4 x 2.5/3.5″ HDD/SSD / 8 x 2.5/3.5″ HDD/SSD
Managed HD cameras	60 / 70	50 / 100
Managed 2K cameras	30 / 35	35 / 70
Managed 4K cameras	18 / 24	25 / 50
Managed Access Hubs	150 / 150	150+ / 150+
Networking	1 x 10G SFP+ and 1 x GbE RJ45	1 x 10G SFP+ and 1 x 2.5GbE RJ45
HDMI output	No integrated ViewPort	Yes, integrated ViewPort via HDMI
ViewPort stream limit	Requires separate ViewPort device	Up to 16 streams
Processor	Quad ARM Cortex-A57 cores at 1.7 GHz	Qualcomm Kryo CPU built on Arm Cortex technology, 4 nm
CPU configuration	4 cores	1 Prime core at 3.2 GHz, 4 Performance cores at 2.8 GHz, 3 Efficiency cores at 2.0 GHz
Memory	4 GB / 8 GB	8 GB / 16 GB
Integrated Edge AI	No	Yes
AI features	Requires additional UniFi AI hardware for expanded AI functionality	Natural Language Search, Object Indexing in Find Anything, Person ReID, Search by Image
AI detections	Not specified	Up to 1,000 per hour
Max. drive power budget	75W / 135W	75W / 155W
Max. power consumption	100W / 160W	100W / 200W
Power supply	Internal AC/DC, 120W / 200W	Internal PSU, 100W / 200W
Power redundancy	USP-RPS DC input supported	USP-RPS DC input supported
Main practical difference	Dedicated UniFi Protect recording and storage appliances	Higher-resolution camera scaling, integrated display output, and local AI search features

Protect 7.1 and the Shift Toward Local AI Surveillance

UniFi Protect 7.1 is an important part of the UNVR Gen 2 release, because several of the headline hardware features depend on the newer Protect software stack. The Gen 2 recorders include built-in Edge AI functionality, with support for Natural Language Search, Object Indexing in Find Anything, Person ReID, and Search by Image. In practical terms, this changes how recorded footage can be searched. Instead of relying only on a timeline, motion events, or predefined smart detections, the system is designed to help users locate more specific events across stored footage using more descriptive search methods. The built-in AI functionality is local and license-free, but for larger or busier deployments, UniFi still recommends adding 1 or more AI Keys to expand processing capacity, reduce Edge AI latency, and lower the chance of missed events.

Protect 7.1 also expands the broader surveillance feature set beyond the Gen 2 recorders themselves. Custom Video Walls are now available in Site Manager, dashboard widgets have deeper customization, and live camera views can be configured with webhook shortcuts for triggering automations from the camera interface. Smart detections have been retrained for improved accuracy across UniFi cameras, PTZ tracking has been expanded to include vehicles, and 360 cameras now support native immersive downloads. ONVIF support is also more developed, with audio and motion detection support for third-party cameras, which is significant for sites migrating gradually from existing surveillance hardware into UniFi Protect. The update also introduces U.S.-only Noonlight dispatch services for sensor and video monitoring at $199 per year, DC-09 support for third-party monitoring integrations, and SuperLink Remote Control support for customizable site control. Below is a full breakdown of the feaures of UniFi Protect, and which require AI assistance (either edge based on the camera/AI-port, or local using an AI assisted server or AI-Key):

Bottom Line: A More Capable NVR, but Not a Like-for-Like Replacement

The UNVR Gen 2 and UNVR Gen 2 Pro make more sense when viewed as expanded Protect appliances rather than direct replacements for the older UNVR and UNVR Pro. The new models add faster processing, more memory, 2.5GbE RJ45 networking, HDMI output for built-in ViewPort use, higher 2K and 4K camera ceilings, and local Edge AI features that change how recorded footage can be searched and reviewed. The Pro model also gains an 8th drive bay, which makes it a cleaner fit for larger retention requirements than the older 7-bay UNVR Pro. For sites already planning to use AI search, Person ReID, image-based search, or a direct HDMI monitoring display, the higher price is easier to explain because those functions would otherwise involve additional hardware or a less integrated setup.

That does not mean the price increase will make sense for every Protect installation. The original UNVR and UNVR Pro remain better aligned with users who mainly need reliable recording, centralized Protect storage, and conventional camera management without paying for a broader AI-enabled appliance. The Gen 2 models are therefore best judged by deployment requirements rather than by bay count alone. For new or expanding surveillance environments with higher-resolution cameras, active monitoring, ONVIF migration plans, and a need to search footage more intelligently, the UNVR Gen 2 range has a clearer role. For simpler sites where AI features and HDMI ViewPort output are not a priority, the older UNVR models still have a practical argument, provided UniFi continues to keep them available.

SUBSCRIBE TO OUR NEWSLETTER
[contact-form-7]
Join Inner Circle

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] TRY CHAT Terms and Conditions   Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.

WE LOVE COFFEE

 

Ce tutoriel explique comment migrer de Windows Server 2022 (ou 2019) vers Windows Server 2025 en effectuant la mise à niveau via Windows Update.

Le post Migration sur-place vers Windows Server 2025 via Windows Update : comment faire ? a été publié sur IT-Connect.

Starting in mid-April 2026, Microsoft allows you to upgrade Windows Server 2019 and Windows Server 2022 directly to Windows Server 2025 through Windows Update — no installation media (ISO file or DVD) required. The process is called an in-place upgrade, meaning your installed applications, settings, and server roles remain unchanged while only the operating system version changes. This article covers the prerequisites, the exact registry change you need to make, the step-by-step procedure for both the graphical desktop and the text-only Server Core installation, and the important cases where you must not use this method.

Source

Ce tutoriel explique comment détecter et bloquer les adresses IP à l'origine d'attaques brute force sur Windows Server, grâce à des scripts PowerShell.

Le post Windows Server : détecter et bloquer les attaques brute force avec PowerShell a été publié sur IT-Connect.

Dimanche 19 avril 2026, Microsoft a publié en urgence des mises à jour hors bande pour Windows Server afin de patcher un problème affectant Active Directory.

Le post Windows Server – Avril 2026 : de nouveaux correctifs pour stabiliser l’Active Directory a été publié sur IT-Connect.

Microsoft a publié les nouvelles mises à jour Windows Server le 14 avril 2026, dont la KB5082063. Voici les principaux changements à anticiper et à connaître.

Le post Le point sur les mises à jour d’avril 2026 pour Windows Server a été publié sur IT-Connect.

Ce tutoriel explique comment obtenir un certificat pour signer les raccourcis Bureau à distance (.rdp) avec rdpsign.exe afin de renforcer la sécurité Windows.

Le post Windows : comment signer les fichiers .rdp avec rdpsign ? a été publié sur IT-Connect.

J’utilise depuis un peu plus de dix-huit mois la solution Proxmox Backupspace, éditée par Layer7.net. Ce service repose sur une instance de Proxmox Backup Server (PBS) aux fonctionnalités volontairement limitées, conçue pour externaliser les sauvegardes (VM et conteneurs LXC) de mes serveurs PVE.

 

Faute de retours d’expérience disponibles lors de ma souscription, j’ai décidé de rédiger ce guide. Nous aborderons ensemble la mise en place, l’utilisation au quotidien, mais aussi les contraintes techniques inhérentes à cette offre, afin de vous donner une vision complète du produit.

Pourquoi externaliser ses sauvegardes ? (Règle du 3-2-1)

Avant d’entrer dans le concret, un rappel rapide s’impose. Si vous gérez un NAS ou un homelab, vous connaissez probablement la règle 3-2-1 :

• 3 copies de vos données (1 originale + 2 sauvegardes)
• 2 supports différents (NAS, disque local, USB…)
• 1 copie hors site (offsite)

C’est ce dernier point qui est souvent négligé. Avoir un NAS qui fonctionne à côté de son serveur Proxmox, c’est bien, et c’est même indispensable pour restaurer une VM rapidement après une fausse manip (encore faut-il réaliser cette sauvegarde ). Mais si votre maison ou votre baie de brassage subit un dégât des eaux, un incendie ou un cambriolage… vos sauvegardes locales partent en fumée en même temps que vos données sources.

C’est là que le besoin d’un stockage distant intervient. Proxmox Backup Server (PBS) est un outil génial pour ça, car il gère nativement la déduplication et les sauvegardes incrémentielles. Mais tout le monde n’a pas forcément un deuxième serveur chez un ami ou un parent pour y installer un PBS.

L’idée de prendre un service « clés en main » comme celui de Layer7, c’est d’avoir la puissance de PBS sans la gestion de la machine physique distante (hardware, stockage). On envoie ses backups dans le cloud, et on dort sur ses deux oreilles.

Présentation de l’offre

Maintenant qu’on est d’accord sur l’intérêt d’externaliser ses sauvegardes, pourquoi choisir Layer7.net ? C’est l’une des rares offres « clés en main » basées sur PBS que l’on trouve facilement.

L’offre Proxmox Backup Space

Ce qui m’a attiré chez eux, c’est la simplicité de l’offre. Pas de calculs compliqués de CPU ou de RAM : on achète avant tout du stockage. Depuis fin 2024, les tarifs ont un peu augmenté. Lorsque j’ai souscrit en 2024, j’ai choisi de payer pour 3 mois, me disant que c’était un bon compromis pour profiter d’un tarif réduit (oui, plus on prend une durée longue, moins c’est cher). À l’époque, j’en avais pour 20,45 € TTC. Maintenant, en 2026, les tarifs ont grimpé un peu, mais restent très accessibles pour un usage « homelab » ou petite PME :

• L’entrée de gamme commence aujourd’hui à 3,99 € HT (≈4,77€ TTC)  / mois pour 1 To ;
• Chaque To supplémentaire coûte le même prix : 3,99 € HT (≈4,77€ TTC) / mois, avec un maximum de 100 To.
• Les tarifs qui deviennent dégressifs si vous payez plusieurs mois d’un coup (3 / 6 / 12 mois).

L’un des gros points positifs, c’est qu’il n’y a pas de frais de trafic cachés. Vous payez votre espace, et vous envoyez autant de données que vous voulez, tant que ça rentre dans votre quota. Il y a cependant des frais de mise en service d’environ 10 € TTC, à payer une seule fois à la commande uniquement.

Souscription et mise en route

La souscription se fait directement sur leur site. C’est du classique : on choisit son volume, son échéancier de paiement, on crée son compte et on passe à la caisse.

Une petite chose à savoir : l’activation n’est pas forcément instantanée. Dans mon cas, il a fallu attendre un petit moment avant de recevoir le mail contenant les accès à l’interface PBS. Rien de dramatique, mais ne prévoyez pas de lancer votre première sauvegarde de 500 Go dans les deux minutes après avoir sorti la carte bancaire !

Une fois le mail reçu, vous avez accès à une URL personnalisée qui vous mène vers l’interface de Proxmox Backup Server. On est en terrain connu, mais comme nous allons le voir juste après, tout n’est pas accessible.

Mise en place et configuration

Maintenant que le décor est planté, voyons comment mettre tout cela en place. L’idée est de lier notre PVE au service de Layer7. Mais avant de se lancer dans les explications de configuration, il faut d’abord préparer le terrain côté Layer7.

Configurer l’accès côté Layer7

Une fois connecté à l’interface PBS fournie par Layer7, on remarque vite les premières limitations. Par exemple, impossible de récupérer le Fingerprint de manière classique : le bouton est grisé. Pour contourner cela et sécuriser la connexion, il faut passer par la création d’un API Token.
Voici la marche à suivre :

1. Allez dans la gestion des utilisateurs et créez un API Token.
2. Attention : Notez bien l’ID du token et surtout le « Secret » (la clé) qui s’affiche, car il ne sera plus visible par la suite.
3. Il faut ensuite lui affecter les permissions nécessaires : pour le Path, renseignez celui de votre Datastore, et pour le Rôle, j’ai choisi « Admin » (je n’ai pas testé d’autres rôles plus restrictifs, mais celui-ci fonctionne parfaitement).
4. Enfin, pour récupérer les infos dont votre PVE aura besoin, utilisez le bouton « Show Connection Information »situé directement sur la page de votre Datastore. C’est là que vous trouverez l’URL et l’empreinte (Fingerprint) à copier.

Configurer PVE pour envoyer les sauvegardes

C’est ici que la magie opère. Côté Proxmox Virtual Environment (PVE), l’ajout se fait très naturellement puisque le support de PBS est natif.

1. Direction l’onglet Datacenter > Storage > Add et on choisit Proxmox Backup Server.
2. Dans la fenêtre qui s’ouvre, on renseigne les infos récupérées à l’étape précédente. Notez qu’ici, pas besoin de Fingerprint :
   • 1⃣ ID : Un nom parlant pour vous (ex: PBS-Layer7).
   • 2⃣ Server : L’adresse fournie par votre abonnement (ex: par1.layer7.net).
   • 3⃣ Username : L’ID complet de votre API Token (format votre_login@pbs!nom_du_token).
   • 4⃣ Password : Le « Secret » obtenu lors de la création du Token-ID.
   • 5⃣ Datastore : Le nom de votre espace (ex: backup01-par1-votre_login).
   • 6⃣ Namespace : (Optionnel) Celui que vous aurez créé au préalable et que vous souhaitez utiliser pour organiser vos sauvegardes.
3. 7⃣ Une fois ces champs remplis, cliquez sur Add.

Si tout est correct, votre stockage « Cloud » s’affiche instantanément dans votre liste de ressources à gauche. Il ne vous reste plus qu’à créer un Backup Job (ou à modifier l’existant) pour envoyer vos VM et conteneurs vers ce nouveau point de chute. Personnellement, j’ai programmé mes sauvegardes Layer7 la nuit pour ne pas saturer mon upload, même si, comme on le verra, la déduplication de PBS limite énormément le volume de données réellement envoyé.

Les limitations : Un PBS un peu « bridé » ?

Comme je vous le disais en introduction, ce service est un Proxmox Backup Server (PBS) un peu « castré ». D’ailleurs, c’est assez logique quand on y regarde de plus près, l’offre ne s’intitule pas « Proxmox Backup Server », mais bien « Proxmox BackupSpace« . C’est un espace de stockage avant tout.

Ce qui manque à l’appel

Le point le plus évident, c’est l’absence totale d’accès SSH. C’est assez limitant si vous avez l’habitude de surveiller l’OS de près. Dans la même lignée, n’espérez pas gérer les mises à jour système ou d’autres tâches administratives : tout cela est verrouillé.

Plus agaçant au quotidien :

• Les notifications emails : Tout est verrouillé, on n’a simplement pas les permissions pour les configurer. Impossible donc de recevoir un rapport de santé du PBS par mail.
• Le message de souscription : À chaque connexion, vous aurez le fameux message indiquant qu’aucune souscription valide n’est détectée. Le support refuse catégoriquement de faire la manipulation (pourtant simple) pour le retirer. Il faudra faire avec.

Les bonnes surprises (tout n’est pas bloqué !)

Malgré ces restrictions, les Namespaces sont bien présents. J’ai pu en créer deux distincts pour dissocier proprement les sauvegardes de mes deux instances PVE. C’est indispensable pour ne pas tout mélanger. Concernant les performances, même si on ne choisit pas son type de disque, le débit de 10 Gbits annoncé laisse supposer du matériel performant (probablement du NVMe).

 

Le support technique

Réactif mais… « austère »

J’ai eu l’occasion d’échanger plusieurs fois avec le support de Layer7. Premier point important : tout se fait en anglais. Oubliez le français ici.

Globalement, ils sont très réactifs, même le week-end. Cependant, le ton est… direct. On est sur une communication « brute », parfois un peu brusque. J’ai même failli me désabonner après avoir demandé comment configurer mon propre SMTP pour les notifications e-mails. La réponse (traduite dans notre langue de Molière ici) a été claire :

« Voulez-vous un compte de sauvegarde pas cher ou un Proxmox Backup Server complet ? Vous n’aurez pas 100% des fonctions, c’est la différence entre un système partagé et un système dédié. »

Une réactivité technique surprenante

Pour autant, tout n’est pas à jeter, loin de là. Récemment, alors que la version 4.0 de PBS était sortie mais pas encore déployée sur mon instance, je les ai contactés pour demander la mise à jour vers la 4.1.1.

La réponse a été typique de leur style : un mélange de « on fait ça quand on a le temps car ça n’apporte rien aux clients » et d’une efficacité redoutable. Le technicien a lancé la mise à jour dans la foulée (« backup01 n’avait pas encore reçu cet amour« , m’a-t-il dit (traduction littérale)) et 40 minutes plus tard, c’était réglé.

On est donc sur un support qui ne s’encombre pas de fioritures commerciales, mais qui, techniquement, assure le suivi quand on le demande poliment. Aujourd’hui, je tourne sur la 4.1.1, en attendant de les relancer pour la 4.1.4 (ou la 4.2 !).

Conclusion : Mon verdict après un an et demi

Alors, est-ce que je recommande le Proxmox BackupSpace de chez Layer7.net ?

La réponse est oui, mais avec une nuance importante : il faut savoir ce que l’on achète. Si vous cherchez un Proxmox Backup Server complet, avec les droits root, des notifications personnalisées par email et une interface parfaitement propre, passez votre chemin. Vous seriez déçus par le côté « bridé » du service et le ton parfois sec du support.

En revanche, si votre objectif est simplement de respecter la règle du 3-2-1 avec un stockage distant ultra-stable, performant et surtout à un prix défiant toute concurrence pour un homelab ou une petite structure, c’est une excellente pioche.

Après 18 mois d’utilisation quotidienne pour mes deux instances PVE, le service n’a jamais failli. Les sauvegardes partent chaque nuit, la déduplication fait son travail, et même si l’interface me rappelle à chaque connexion que je n’ai pas de « souscription valide », l’essentiel est là : mes données sont à l’abri hors de chez moi.

Bref, c’est du « Low Cost » au sens noble du terme : on retire le superflu pour se concentrer sur l’efficacité brute. Et pour environ 27 € TTC par trimestre pour 2 To, c’est un rapport qualité/prix qu’il est difficile d’ignorer en 2026.

UniFi UNAS 4 NAS Review – Simple Safe Storage?

The UniFi UNAS 4 is Ubiquiti’s desktop 4 bay NAS and part of the company’s growing UniFi storage portfolio. Positioned as a compact network storage appliance, it is designed to provide centralized file storage, backups, and shared access within a local network, while also integrating with the wider UniFi management platform. The 4 bay form factor is widely considered a practical starting point for NAS deployments, offering enough capacity for RAID redundancy while maintaining a relatively small physical footprint suitable for offices, home labs, and small business environments. At $379, the UNAS 4 enters the market as a relatively affordable turnkey NAS that includes both hardware and the UniFi Drive software platform. The system combines traditional SATA storage bays with NVMe SSD caching support and 2.5GbE networking, while also introducing PoE+++ power as a deployment option. On paper, the device aims to deliver a straightforward storage solution that focuses on core NAS functionality rather than attempting to compete directly with more feature heavy platforms.

UniFi UNAS 4 Review – Quick Conclusion

TLDR: The UniFi UNAS 4 is a compact $379 4 bay NAS aimed at straightforward file storage and backups, with a clean UniFi oriented deployment that includes PoE+++ power plus data over a single cable and a bundled 90W adapter for non PoE setups. It combines 4 SATA bays with 2 M.2 NVMe slots for SSD caching, simple click and load drive trays, and a small front status display, while UniFi Drive provides the expected NAS services such as SMB and NFS access, RAID options, snapshots, encryption, share links, and multi user management, plus backup support that can include other UNAS targets, SMB destinations, and several cloud providers. The main compromises are the single 2.5GbE port that caps throughput and offers no redundancy, NVMe trays not being included despite the slots being present, and a USB C port that currently functions mostly for basic external storage rather than broader expansion, so it fits best when the goal is uncomplicated storage within a UniFi managed environment rather than a more flexible, performance oriented NAS platform.

Here are all the current UniFi NAS Solutions & Prices: UniFi UNAS 4  (4 Bay + 2x M2, $379) – HERE UniFi UNAS 2 (2 Bay, $199) – HERE UniFi UNAS Pro (7 Bay, $499) – HERE UniFi UNAS Pro 4 (4 Bay + 2x M.2, $499) – HERE UniFi UNAS Pro 8 (8-Bay + 2x M.2, $799) HERE

You can buy the UniFi UNAS 4 NAS via the link below – doing so will result in a small commission coming to me and Eddie at NASCompares, and allows us to keep doing what we do! 

 

UniFi UNAS 4 Review – Design & Storage

The UniFi UNAS 4 uses a compact desktop chassis that differs from the more traditional box shaped NAS designs seen from many competing brands. The enclosure is relatively narrow and deep, giving it a vertical appearance that resembles some earlier consumer NAS designs. The casing itself is constructed from polycarbonate rather than metal, which keeps overall weight down to around 2.6 kg without drives installed. Ventilation is primarily handled through openings along the upper portion of the chassis, with airflow directed toward a rear mounted cooling fan.

At the front of the unit is a small 1.47 inch color LCM display that provides basic system information. This panel is not touch enabled but can show details such as drive activity, network activity, and general system status. It acts primarily as a quick visual reference rather than a full control interface. For most configuration and monitoring tasks, the system is intended to be managed through the UniFi Drive interface via a web browser or mobile application.

The primary storage configuration consists of 4 drive bays supporting either 3.5 inch or 2.5 inch SATA drives. Each drive uses an individual tray that slides into the chassis and clicks into place without requiring screws for 3.5 inch drives. The trays are ventilated and designed for relatively straightforward installation or replacement, although they are not lockable. Compared with earlier UniFi NAS designs that grouped multiple drives into a single tray, the use of separate trays simplifies drive access and improves hot swap usability.

In addition to the main hard drive bays, the system includes 2 M.2 NVMe slots intended for SSD caching. These slots are located in a separate compartment on the base of the device and can be accessed by removing a small cover using the included key. Once installed, these SSDs can be used to provide read and write caching to improve responsiveness when working with frequently accessed data. At the time of writing, these NVMe drives cannot be used as independent storage pools and are limited to caching roles.

One design choice that may affect installation is that the trays required to hold the NVMe SSDs are not included in the retail package. Instead, they must be purchased separately or obtained as part of pre populated SSD modules from Ubiquiti. While the M.2 slots themselves are built into the device, the lack of included trays adds an additional step and cost for users who intend to make use of SSD caching alongside the main hard drive storage.

UniFi UNAS 4 Review – Internal Hardware

Internally, the UniFi UNAS 4 is built around a quad core ARM Cortex A55 processor running at 1.7 GHz. This type of processor is commonly used in embedded networking hardware and lower power storage appliances, where efficiency and reliability are prioritized over raw processing performance. Ubiquiti has extensive experience deploying ARM architectures across its networking and infrastructure products, and the choice here aligns with the system’s intended role as a dedicated storage appliance rather than a general purpose server platform.

The system includes 4 GB of LPDDR4 memory, which is fixed and not user upgradeable. For the core functions the device is designed to handle, such as file transfers, backups, and storage management, this amount of memory is generally sufficient. However, the fixed memory configuration does place a ceiling on how much additional functionality the hardware could realistically support in the future, particularly if the software platform expands with additional services or heavier workloads.

From a power perspective, the system is designed to operate within a relatively modest power envelope. The maximum system power consumption is rated at 90 W, with a maximum drive power budget of 80 W. Power delivery is handled through PoE+++, allowing both data and power to be carried through the same Ethernet connection when used with compatible infrastructure. For deployments without PoE support, the device ships with a 90 W PoE+++ adapter, allowing it to be powered from a standard mains outlet while still maintaining the same connection layout.

UniFi UNAS 4 Review – Ports and Connections

The UniFi UNAS 4 keeps connectivity simple, with a single 2.5GbE RJ45 port handling both network data and PoE+++ power delivery. This allows the unit to be deployed with a single cable when used with compatible switches or injectors, which can reduce cable clutter and simplify placement compared with NAS systems that require separate power and network connections. The port supports 2.5G, 1G, 100M, and 10M link speeds, so it can operate in mixed networks even if 2.5GbE infrastructure is not available.

The main limitation is that there is only 1 network interface, with no secondary port for link aggregation, redundancy, or dedicated management traffic. In practical terms, this reduces options for failover and makes the network connection a single point of dependency. It also places a hard ceiling on throughput, which is relevant on a 4 bay system where aggregate drive performance can exceed what a single 2.5GbE link can sustain in some workloads.

For external expansion, the device includes a 5 Gbps USB C port intended for attaching external storage. In its current form, it functions primarily as a straightforward way to connect a USB drive for basic transfers rather than as a broader expansion interface. The hardware capability suggests potential for wider use cases, but the available functionality is mainly determined by what UniFi Drive supports at the software level.

UniFi UNAS 4 Review – Software and Services

The UNAS 4 runs UniFi Drive and is managed through the same UniFi style web interface used across the wider portfolio, with system status, storage, backups, and user access presented through a single dashboard. For typical NAS use, the core functions are in place: initializing drives, building RAID storage, creating shared and personal drives, enabling file services, and checking drive health information. The interface is mostly structured around completing common tasks quickly and keeping administration consistent with other UniFi products, rather than exposing a long list of granular configuration controls. That approach makes initial setup and day to day management relatively straightforward, but it also means experienced NAS users may notice limits in how far the system can be tuned.

File access is centered on SMB and NFS, with browser based file management available for basic upload, download, and folder navigation. The web file manager covers essential functions and includes share link creation plus thumbnail and preview handling, but it is not designed as a full productivity layer with collaborative editing or advanced file workflow tools. Client access is largely built around standard network shares and UniFi’s account-driven identity layer, and while the system can be deployed locally without relying on a UniFi account, the most integrated remote workflow is clearly designed around UniFi’s own UI and identity services rather than third party remote networking options.

Data protection features cover most of what is expected for a general purpose file NAS. UniFi Drive supports snapshots, encrypted storage, and configurable retention policies, which covers common rollback needs and basic ransomware recovery strategy when paired with sensible scheduling. Backup tooling is one of the stronger areas in terms of scope, supporting tasks to another UniFi NAS, to SMB targets, and to cloud services such as Google Drive, OneDrive, Dropbox, Amazon S3, Backblaze B2, and Wasabi. Time Machine support is also present for macOS environments, and Microsoft 365 backup is part of the broader UniFi Drive direction, even if the overall feature set remains more storage and protection focused than application focused.

The limitations are consistent with the UNAS 4’s role and its hardware profile. There is no iSCSI target support, which restricts certain virtualization, hypervisor, and block storage workflows, and there is no container or VM layer intended for running third party services directly on the device. NVMe support remains limited to SSD caching rather than separate pools, and on the UNAS 4 that caching is also constrained by the single 2.5GbE connection, which can cap how much of the cache benefit is visible over the network in sustained sequential transfers. More broadly, system level configuration remains relatively contained, with fewer advanced networking and scheduling controls than many established NAS platforms provide.

Client side tooling is also still relatively limited compared with ecosystems that offer a more developed sync, selective download, and offline pinning experience across desktop and mobile. UniFi Drive does provide client app support and identity driven access, but the overall workflow remains closer to traditional network share usage than to a full cloud drive style experience. As it stands, the software aligns with the UNAS 4’s positioning as a storage and backup appliance with a clean management layer, rather than a platform intended to replace a more feature dense NAS operating system.

UniFi UNAS 4 Review – Noise, Temp, Temp & Performance

In practical use, performance on the UNAS 4 is largely shaped by its single 2.5GbE connection. With mechanical drives, the system can deliver consistent transfer rates that sit within the expected ceiling of a 2.5GbE link, but it does not have the networking headroom to take full advantage of what a 4 drive array can potentially deliver under sustained sequential workloads. This is most noticeable when using higher capacity 7200 RPM drives, where the combined throughput of multiple disks can exceed the network limit even before SSD caching is factored in.

Testing with mixed file transfers showed typical throughput in the range of roughly 180 to 250 MB/s depending on file type and workload, with higher results generally observed once NVMe caching was enabled. A 50 GB Windows transfer completed at a pace that aligned with these figures, with sustained rates remaining stable rather than spiking briefly and then dropping sharply. The overall behaviour suggests that the device can maintain steady network limited transfers, but it is not designed to chase peak throughput beyond what 2.5GbE allows.

NVMe caching improved responsiveness and helped maintain higher sustained transfer speeds, particularly during repeated reads and writes where the cache could play an active role. However, the caching implementation is limited to acceleration rather than acting as a separate storage tier, and the benefit is workload dependent. Large sequential transfers still remain constrained by the network port, while smaller or more frequently accessed data sees more practical gains from the cache layer.

From an operational standpoint, power draw remained relatively modest for a 4 bay system. A baseline measurement with no drives installed was around 14.1 W. With 4 HDDs and 2 NVMe SSDs installed, idle power use was observed at around 46 W, rising to roughly 50 to 51 W under active read and write workloads with moderate CPU and memory utilization. The relatively small gap between idle and active indicates that drive idle draw forms a significant portion of the total consumption in typical day to day use.

UniFi UNAS 4 Review – Conclusion & Verdict

The UniFi UNAS 4 is a compact 4 bay NAS that prioritizes straightforward storage deployment, particularly for users already running UniFi hardware and UniFi management. Its pricing, PoE+++ support with an included adapter, NVMe caching capability, and generally simple physical drive access make it a practical option for core NAS tasks such as shared folders, backups, and centralized file storage. The hardware choices are consistent with that goal, and the platform is best assessed as a storage appliance rather than a general purpose server. On the software side, UniFi Drive provides the expected baseline services for this category, including SMB and NFS file access, RAID options, snapshots, encrypted storage, share links, and multi user management. Backup support is broader than the basics, with options that can include remote UNAS targets, SMB destinations, and several mainstream cloud services, along with Time Machine support for macOS. Management is clearly aimed at keeping configuration simple through a unified interface, but it also remains more limited than mature NAS platforms in areas such as deeper system tuning, third party remote access alternatives, and broader application style features.

The trade offs are easy to identify. A single 2.5GbE port limits peak throughput and removes options such as link aggregation or network failover, which matters more on a 4 bay system than it would on a smaller unit. The NVMe slots are limited to caching rather than independent pools, and using them adds cost due to trays not being included. Cooling behaviour can become more noticeable if fan speed increases, and the USB C port currently operates mainly as an external drive attachment point rather than a broader expansion interface. Overall, the UNAS 4 makes the most sense when its role is kept narrow, and when UniFi Drive’s storage and backup feature set, alongside UniFi ecosystem integration, is a meaningful part of the purchase decision.

You can buy the UniFi UNAS 4 NAS via the link below – doing so will result in a small commission coming to me and Eddie at NASCompares, and allows us to keep doing what we do! 

PROs of the UniFi UNAS 4

CONs of the UniFi UNAS 4

$379 pricing is competitive for a turnkey 4 bay NAS with UniFi Drive included 4 bay 2.5 inch and 3.5 inch SATA support for flexible capacity planning 2 x M.2 NVMe slots for read and write SSD caching PoE+++ support enables single cable power plus data deployment 90W PoE+++ mains adapter included, so PoE infrastructure is optional Simple click and load HDD trays with straightforward access for drive installs and swaps Front 1.47 inch color LCM display provides basic status and activity visibility UniFi Drive software includes RAID options, snapshots, encryption, share links, and user management

Single 2.5GbE port limits throughput and provides no network redundancy or aggregation M.2 NVMe trays not included, adding cost to use SSD caching USB C port is currently limited in utility beyond basic external storage attachment

 

Here are all the current UniFi NAS Solutions & Prices: UniFi UNAS 4  (4 Bay + 2x M2, $379) – HERE UniFi UNAS 2 (2 Bay, $199) – HERE UniFi UNAS Pro (7 Bay, $499) – HERE UniFi UNAS Pro 4 (4 Bay + 2x M.2, $499) – HERE UniFi UNAS Pro 8 (8-Bay + 2x M.2, $799) HERE

SUBSCRIBE TO OUR NEWSLETTER
[contact-form-7]
Join Inner Circle

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] TRY CHAT Terms and Conditions   Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.

WE LOVE COFFEE