FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierFlux principal

Updated Guide to Installing KODI on Your QNAP NAS in 2022

9 mars 2022 à 01:38

A Step by Step Guide to Getting Kodi on Your QNAP NAS – UPDATED


Despite the growing popularity of third-party multimedia streaming services such as Netflix, Disney plus and HBO Max, there is still a solid demand by users to enjoy the media they own from the comfort of the sofa in a digital, disc-free environment. Whether it is because we have hundreds of DVD and Blu-ray discs cluttering up shelves or a drawer full of hard drives brimming with good TV to watch, some users resent having to pay subscription services for media they may already own or end up spending hundreds of pounds a year on media they do not own, with its removal and availability changed on a whim. It is for reasons like these that many users look into purchasing a solid network-attached storage (NAS) drive from brands such as QNAP in order to enjoy the media they own, while still enjoying slick graphical user interfaces GUI offered that is comparable to Netflix and Prime Video. One application that has been in allowing users to enjoy the media they own for many years is KODI, a media centre application with thousands of addons, unparalleled codec+format support and one of the easiest user interfaces to navigate and customise. Sadly, in recent years less scrupulous individuals have taken advantage of the flexibility of Kodi in order to play copyrighted material found online illegally and stream from less than legal sources to watch new multimedia. Because of this, Kodi was largely shunned by most well-established app stores and is no longer available to be directly downloaded from the NAS application centre in 2022. However, that does not mean it is impossible to still use and in fact, there are multiple versions of Kodi you can use, as well as add-ons to connect with your streaming services and even access other multimedia services available that are installed on your QNAP NAS (Plex, Emby, Twinky, etc). So today I want to walk you through how to install Kodi on your QNAP NAS and start watching your media from your sofa today.


Below is your checklist to make sure you have before beginning the installation of the Kodi HD Station application for HDMI.

  • QNAP NAS with an Intel/AMD CPU
  • HDMI Port (1.4 or 2.0a)
  • QTS Upgraded to QTS 4 or later
  • Latest Version of HD Station
  • Control Device for HDMI, ie IR Remote, Keyboard+Mouse,
  • Access to the Internet (can be disabled after if you prefer) and access the NAS via the Web Browser GUI (Graphical User Interface, ie The Desktop of QNAP NAS)

Let’s get started.

KODI on QNAP NAS Gude – Step 1 – Installing Applications


Head into the App center on your QNAP NAS, via the web browser GUI:


KODI on QNAP NAS Gude – Step 2 – Installing QNAP HybridDesk Station / HD Station


If you QNAP NAS has an HDMI output, an option will be available on the left-hand side, labelled ‘HybridDesk Station’. Go ahead and click it to enter a new window. From here you need to click the JybridDesk Station ‘install’ option. You may well also be asked to install one of the other HD Station applications, that is up to you (none are essential to KODI)


KODI on QNAP NAS Gude – Step 3 – Configuring the QNAP App Center Options


Once the HD Station / HybridDesk Station application is installed, head to the top right corner and click the cog icon (settings):


KODI on QNAP NAS Gude – Step 4 – Allowing 3rd PARTY and Unsigned Applications


In the first window that appears, put a tick in the box regarding the installations of applications without a valid signature (this means applications that are not QNAP created or partnered can be installed, such as KODI):


KODI on QNAP NAS Gude – Step 5 – Congifuring an App Repository


Then click the App Repository tab at the top of the same window, and get ready to enter the location of where yo will be downloading the KODI application from:


KODI on QNAP NAS Gude – Step 6 – Adding New App Centers


Enter the information in the boxes shown in the image below. The URL should read ‘https://www.qnapclub.eu/en/repo.xml‘. Once you have done this, click ‘add’:


KODI on QNAP NAS Gude – Step 7 – Adding the QNAP Club App List


The QNAP Club Repository should now appear in the list underneath in the previous window. If it is now there, click ‘close’.


KODI on QNAP NAS Gude – Step 8 – Finding the QNAPClub App List


On the left-hand side of the app center window, a new option should have appeared for the new app center that you have added. QNAP Club is an unofficial and Homebrew app community that creates new applications, as well as modifying existing linux/windows software to work within the QNAP NAS system. These can be used via the network, web browser or using the HDMI/KVM setup of the NAS. So, let’s install KODI.


KODI on QNAP NAS Gude – Step 9 – Finding the Kodi Application


The quickest way to find Kodi is to use the search bar at the top right of the QNAP App Center and enter ‘KODI’ and hit search. Several versions of Kodi will appear, however, it is highly recommended to opt for version 19, as Kodi v.19 (Matrix) is not only the latest release available for QNAP, but also older versions have not been extensively updated for the latest version OF HD Station / HybridDesk Station. Simply click the +install button as you normally would any other application. You may see a pop-up warning you that this application installation highlights that this is a 3rd party/unsigned application. This is so you understand that you are installing KODI at your own risk/choice and against the recommendations of the manufacturer.


KODI on QNAP NAS Gude – Step 10 – Allowing Remote Access


When the KODI application is installed, you will be able to access it from your HDMI output on the NAS (you will need a keyboard, mouse, IR Remote or network remote control such as the free QRemote application to navigate it), but if you want to configure the KODI application from your web browser, it is possible to configure HD Station / HybridDesk Station and KODI from Chrome/Safari/Edge/Mozilla etc quite easily. Head into the Control Panel option in the QNAP browser GUI.


KODI on QNAP NAS Gude – Step 11 – Accessing the HDMI Control Panel


From here, head to the Applications section at the bottom and select the HDMI Display Applications option.


KODI on QNAP NAS Gude – Step 12 – Adjusting the HDMI Defaults


A new options/config menu will appear and from here you are able to configure the HDMI output settings of your QNAP NAS. If you have alternative applications that use the HDMI out (such as Linux Station, Media Players or assigned a VM directly to the DMI), they will appear here. In order to use/view KODI via the QNAP HDMI output, you will need to ensure that the application is ‘enabled’ (so conversely, it will say ‘disable’ in red if the app is currently running, which what you want!). Then click the Settings option.


KODI on QNAP NAS Gude – Step 13 – Changing HDMI Resolution and Settings


Next you will have an HDMI settings menu. If you need to change the resolution of the HDMI output, you can change it in the top right drop down menu. However, in order to allow web browser access to the HDMI output to configure Kodi, etc, we need to tick the box labelled  Enable Remote Desktop and then click Apply.


KODI on QNAP NAS Gude – Step 14 – Accessing the HDMI Output via your Web Browser


Once you have done that, a couple of new options will appear underneath. In order to access the HDMI visual interface and GUI, click the first option Click Here to Open and a new tab will open in your web browser that displays your QNAP NAS HDMI output. If you have a specific login for your NAS, you will need to enter it first in the next window before proceeding to the HDMI GUI.

KODI on QNAP NAS Gude – Step 15 Booting Kodi and Changing Settings


From here you will have rows of icons on the screen that show the HDMI equipped applications that are installed on your QNAP NAS. If you want to run and access KODI, just go ahead and click the KODI icon and it will open the application (be warned, the first time you run the KODI application, there will be ALOT of pop up messages asking if you want to enable/disable aspects of the application). If you plan on using the KODI application exclusively for the HDMI port and want to make sure you do not need to go through the process of login in every time on the TV, as well as selecting the Kodi application manually every time, you can head into the settings menu at the top right (the cog icon) and change the defaults like this:


KODI on QNAP NAS Gude – Step 16 – Setting Kodi as the Default App


From the settings menu, select the ‘App’ tab on the left-hand side and from there, select Kodi, then at the bottom of the app options, you will see an option marked SET AUTO RUN which, when enabled, will make sure that KODI always runs via the HDMI as the default start-up application. You can also set the General Tab to remember your login details (over HDMI only) and allow KODI to always immediately be available whenever you turn your TV on and want to watch your media.


KODI on QNAP NAS Gude – Step 17 – Browser Responsiveness


The last thing, IF you are setting up your KODI application over the Web browser GUI (i.e. via your laptop or PC), then the refresh rate of what you see on screen will not be as fast/sharp as if you accessed it from the HDMI into a TV. So, do not be surprised if it seems that the responsiveness seems a little lackluster when navigating options. This only applies to accessing remotely via the web browser and won’t be the case over direct HDMI with control over a mouse+keyboard, Bluetooth mouse, IR remote or using the QNAP Qremote free mobile application to control the HDMI output. Thanks for reading this guide and I hope it helped!



 


If you need a little more information on how to install KODI on your QNAP NAS in 2022 (such as where to download the Kodi App directly, or a complete walkthrough of how to install the multimedia tool more visually, you can always use the video blow that will guide you though the process.



 


If you need any further help choosing the right NAS for your multimedia needs (whether it is Plex Media Server, Emby, Kodi or using other 3rd party media software), then please use the free advice section linked below. A genuinely free service manned by two humans (me and Eddie the Web guy) and we answer all of your questions to help you get the right solution for your needs. We do not charge anything, we do nothing with your email and although there are donation options available HERE, they are completely voluntary! Have a great 2022!


 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,460 other subscribers


Get an alert every time something gets added to this specific article!


Want to follow specific category?

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR ANY OTHER NAS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

 


 


 

Are QNAP NAS Safe?

2 février 2022 à 01:05

Are QNAP NAS Drives Safe Enough to Use in 2022?

Are you a QNAP NAS owner? Perhaps you are considering buying a QNAP NAS based on a recommendation from a friend, work colleague, IT professional or even myself (Robbie) on YouTube. The appeal of owning your own server, cutting the connection with your subscription cloud providers such as Dropbox or Google drive, having all your data backed up in-house and that feeling of pure control/ownership is hard to underestimate. However, over the last 2 years or more, it has been hard to ignore that the brand has suffered a series of security issues surrounding the subject of ransomware – a process whereby your data is encrypted with a unique, near uncrackable cypher and a document (typically a .txt) is left for you with instructions for you to make a payment in bitcoin to a predesignated account in order for instructions and the key to recovery your data. Ransomware in of itself is not new and originally dates back to 1996 under the name cryptoviral extortion (you didn’t come here for a history lesson, but the wiki covers a lot of those early developments into the concept) and is frighteningly easy to conduct IF an intruder has access to your system and/or the means to inject the command to encrypt the data inside of any system. Words like virus, hack and malware have been thrown around the internet for the last 20-30 years, however, Malware feels significantly more organized and comparatively recent, as well as being something that has been enacted on all storage platforms, such as Google Drive (thanks to sync tools), Apple was directly hit in 2021 and over 300 BIG name companies that you WILL of heard of in the last 18 months that included:

Acer, FujiFilm, Northern UK Rail, Exabyte Web Hosting, Foxtons, The Salvation Army, Shutterfly Photography, Bose Sound, The NRA, Kronos CRM systems, Gigabyte Motherboards, Volvo, SPAR, Olympus Cameras, GUESS Fashion, ADATA, CD Projekt, Travelex, SK Hynix, Capcom, Crytek, Kmart

Those are just a brief scan of confirmed news reports and only a small fraction of the companies, brands and institutions that have been successfully targetted. Tech companies, media companies, charities and countless retail outlets. Why am I going through all this? Well, 1, these companies should have exceptionally sophisticated storage and remote access protocols in place, 2, cannot use the excuse of being companies with practically no formal association with high-level storage and 3, are companies with a responsibility to protect significantly custom databases that eventually fell foul (partially or fully) to vulnerabilities. Personally, I DO think QNAP have blame that they need to acknowledge publically, made significant errors in these ransomware attacks AND have handled a number of the follow-up actions to these incidents very poorly (both in terms of communication and execution). However, I do also think that the end-user base is also not completely innocent and alongside ascertaining whether the brand is safe to use in 2022, we should also think about how we store data, the limits of our own due diligence and our expectations from server devices.

Important – If you are currently unaware of the Deadbolt ransomware attack that took place on QNAP NAS devices, you can find out more in the NASCompares article and video here. Additionally, if you have been affected by ransomware on your storage solution (QNAP or whatever brand), this post is not intended to play ‘blame games’ or detract from the impact (personally or professionally) that it has caused. I have experienced ransomware attacks, malware attacks through my browser, virus attacks on my OS and seen my fair share of attacks fail and (annoying) succeed. Please do not take this article in the spirit of ‘get stuffed, It’s your fault!”, but as a means of dissecting the current state of play at QNAP NAS and the realistic expectations/responsibilities of all involved.

PSA – GET YOUR BACKUPS IN ORDER!

Before you even go one paragraph further, I have a simple question for you – do you have a backup in place? If yes, then carry on to the next part. If not, and I cannot stress this enough, GET ONE NOW. The time you are spending reading this you could be susceptible to data loss in about 10 different ways without even factoring in ransomware (Power failure leading to hard drive corruption, Malware from a slightly iffy google search this morning, cloud storage provider going bust, OS failure on your device, etc). In this day and age owning a sufficient data backup is as sensible as buying a raincoat or looking both ways when you cross the street – you don’t do it because you like rain or like looking at cars, you do it because they are peace of mind, they are a safety net, they are for caution in case of the worst. It is a bit tenuous, but owning one or multiple backups always make me think of this quote from Shawshank Redemption by Stephen King:

shawshank redemption book

“There are really only two types of men in the world when it comes to bad trouble,” Andy said, cupping a match between his hands and lighting a cigarette. “Suppose there was a house full of rare paintings and sculptures and fine old antiques, Red? And suppose the guy who owned the house heard that there was a monster of a hurricane headed right at it. One of those two kinds of men just hopes for the best. The hurricane will change course, he says to himself. No right-thinking hurricane would ever dare wipe out all these Rembrandts, my two Degas horses, my Jackson Pollocks and my Paul Klees. Furthermore, God wouldn’t allow it. And if worst comes to worst, they’re insured. That’s one sort of man. The other sort just assumes that hurricane is going to tear right through the middle of his house. If the weather bureau says the hurricane just changed course, this guy assumes it’ll change back in order to put his house on ground zero again. This second type of guy knows there’s no harm in hoping for the best as long as you’re prepared for the worst.” 

Get a Backup in place

More Ransomware Attacks than Any other NAS Brand?

WannaCry, QLocker, eChoraix, Deadbolt, how, many, times…

Probably the most compelling argument against the safety of QNAP for many buyers is the simple fact that they seem to have been in the news more than any other NAS brand for reasons of ransomware attacks. Indeed, even a quick browse of the last 24 months on the site ‘Bleeping Computer’ for stories on QNAP shows you that there have been multiple vulnerabilities found in their software/access that have allowed encryption commands to be injected into the QNAP NAS system to execute the ransomware attacks. How can this one brand be such a soft target? What are they doing wrong? Well as it stands, reading through news posts before/after previous ransomware attacks, as well as the dissection of evens on the official forums in the midst of the current Deadbolt attack, the consistent threads are:

  • QNAP is rolling out software and services with weak default settings and acceptable minimums to allow inexperienced users to open up external access WITHOUT the users understanding the risks
  • QNAP has weaknesses in it’s software that the brand arguably takes a more reactive, than proactive stance on repairing
  • QNAP’s recommendations on actions to user post-ransomware attack both publically and in 1-to-1 dialogue with users has been felt unsatisfactory
  • Your QNAP NAS is better off currently used offline/network only

As general as all that might sound (without letting personal opinions colour it) those are largely the four core issues for many that have voiced their feelings on this in the forums. Moving away from the hefty subject of data loss slightly (we will be returning to that in a bit, but that is a question of Backups and routines to discuss), there is the fact that there have been vulnerabilities found in QNAP 1st party applications and services – but then again, so have there been in different NAS brand’s own services too. A click look at their respective Security Advisory pages will tell you this. This doesn’t exonerate QNAP in any way here with deadbolt, as part of the ‘social agreement’ between the end-user and QNAP is that as long as we ‘follow due diligence in protecting the data inside the NAS as directed AND maintain our own network/router setup, the QNAP NAS should protect our data inside the NAS to the best of it’s ability. This is where it all becomes problematic. As QNAP have never successfully balanced the line between giving the user freedom, control and customization WHILST still preventing the user from doing anything self-harming without a full idea of the consequences. It’s a line that their biggest competitor Synology seems to toe better and this comparison only serves to re-enforce the feeling (and numbers) that QNAP are attacked more. So, how can QNAP change this perception and what have QNAP actioned so far?

The Nature and Practice of Firmware Updates – Prevention & Cures

“Remind me Tomorrow” click

Though sometimes NOT the means with which a vulnerability in the QNAP NAS software/services is achieved, it is still a factor in some instances that updating to a later firmware would actually have closed a vulnerability. However, this is a remarkably broad statement and the truth is a great deal more nuanced. First, we have to understand that ALL software that has a remote access component via the internet will likely be investigated by cybercriminals for weaknesses. Not just NAS ones – ALL of them, from Microsoft office and Android mobile OS, to your LG TV and Amazon FireTV. Hell, I bet there are people who have investigated the ‘buy now’ option of WINRAR in effort to see if an opening exists to use it as a ransomware entry vector. What I am saying is that as soon as a commercially popular software with internet access exists, people are going to try and take it apart to find out its weaknesses for exploitation. If/When these weaknesses are found and actioned (or submitted to the brand for bounty programs – whereupon brands ask people to try and break their software, so they can make it better/safer/improved), the brand then issues a firmware update to the affected software/services to its user base, then around the merry-go-round we go again! This is not a process that happens daily – but it definitely happens weekly or monthly (depending on the frequency of the brand to instigate the changes that are raised to them). This is why is it so common for companies that are affected by ransomware in their software/services to immediately highlight the need for firmware updates. At that point, the attack vector and vulnerability is reverse engineered, patched and closed. Many of these vulnerabilities are small. Very, VERY small sometimes. Indeed, it is for this reason that all the reputable NAS brands have security advisory pages that list current weaknesses, vulnerabilities and issues on their platform that are being investigated (Synology HERE, Asustor HERE and yes, QNAP HERE) and in all my time in the world of network-attached storage, I do not think I have ever seen one of these pages have ‘100% resolved’, but when something is resolved the resolution is invariably rolled into an update. So what we can take from this is that although firmware updates do not completely remove the possibility of new vulnerabilities being found in the future, they do seemingly close the bulk of existing vulnerabilities that have been found by/volunteered to the brand.

So why do we not install the firmware updates automatically? This isn’t limited to NAS of course! From the Mac notification that have been nagging you at the top right of your screen, to the windows update at the bottom right and all those applications on your phone that are asking you to please install the latest updates to your software – we choose to ignore them til ‘later’! Worse still, there is the old ‘if it ain’t broke, don’t fix it’ mentality that will often result in many users only installing smaller updates, but flat out avoiding the BIG updates as they can ‘change where everything is’ or ‘I heard it breaks a bunch of stuff’. Businesses in particular with shared files in their thousands are always reluctant to run any process that can suspend that access temporarily or change how something works. So, there we have a fine melting pop of ingredients that has led (in some instances, but not all – as we will go further go into) to many users being hit by ransomware attacks via vulnerabilities that, although patches were available, were not actioned. How do we resolve this? Forced update that leaves the user’s own hesitance out of the equation? Limitations of the system’s remote connectivity unless the latest firmware update is installed (console gamers will be very familiar with that method of course)? Or a 50/50 split where minor updates are optional, but larger ones are mandatory? It’s a tough tight rope to walk. So, let’s see how QNAP walked/walks this tight rope and how they could have possibly done it ALOT better.

System Updates and Updates that are QNAP Forced?

Forced? Optional? Access Penalties?

As mentioned, tighter control of firmware implementation would allow the brand to ensure that QNAP NAS that have internet accessibility are updated to a high/current firmware revision. Alternatively, the brand could limit the systems external connectivity and disable all settings if the firmware on the system is not up to date – simply running a check with the QNAP domain when trying to access these services and settings and declining if the latest update is not installed. Xbox and Playstation users are more than aware of this as a fixed rule to ensure that installed software is officially licenced and checked in advance. However, those are closed systems and many buyers have selected QNAP because of the flexibility and customization it offers.

Forced updates are something of a taboo subject too, with the recent rather heavy-handed move by QNAP in light of the Deadbolt ransomware attack to remote push the latest firmware update to all QNAP NAS systems that were internet-connected without any notice to the end-users (overriding any settings that disabled or prevented this). Now, clearly, QNAP did this as an extreme and something to prevent the vulnerability of the system software and/or configuration from being exploited further (that have still not been fully confirmed in its attack vectors, with some users who have ridiculously high-security settings still getting hit). In non-ransomware instances, I think QNAP issuing a message to their user base with a “In 5 day’s there will be an essential system update on XX day XX month at XX:XX time” message, with even a brief explanation of why would have been infinitely more preferable and would have been met with a much more positive stance (as well as it also making many users update sooner). However, clearly, the decision for a forced update was more of a last resort/hastily decided choice and that forms part of another reason that many users find the QNAP platform to sometimes bring services and software to market that could do with a little more time in the oven. Whatever way you look at it, QNAP was going to be damned, whatever they did. But did they put themselves in this position? What about the expectations of the end-user and due diligence? What SHOULD be the expected skillset of a QNAP NAS buyer to start with?

The Extent of the End User Responsibility, Skillsets and Expectations?

How much should a user be expected to know about networking?

The simplicity of NAS systems (not just QNAP) can often be oversold. It’s annoying and I am as guilty as most of this, but given the wide range of users who install a NAS system into their storage environments, the ease of setup and use is not shared with the ease of setup and understanding of network security in your home or office. On the one hand, QNAP have have supplied multiple services and processes in their system software that make remote access easy, encrypted transmissions easy, SSL certificate applying easy, 2-step authentication easy, UPNP and router pushing easy – you name it, they have tried to make it easy. But should they have? The ease of setting up a number of these services (as well as non-randomized settings in some places) can easily give users a false sense of security. So, for those users of a higher skillset, it would be acceptable that a QNAP NAS should only be remotely accessed with the highest layers of security applied, and it should not allow remote level access to be possible without some unique intervention and set-up by the end-user (not just a password and/or disabling an admin account), although to stop presets of this nature would lead to a noticeable spike in the difficulty of setup, perhaps that is what is needed. This is by no means a new issue we are discussing and even a brief google search online finds examples of attack vectors and methods as far back as 1999 on public/org sites.

However, in reality, it simply would not work like this, The user base of QNAP NAS is just too varied and though these tougher and more unique security implementations would secure things, the less technically skilled users would hit hurdle after hurdle, once again, one of the prices of some (not all) of that flexibility. Alot of users who have been hit by ransomware attacks have specifically headed to official forums because they do not have the remote setup experience that might be deemed an acceptable minimum to start opening ports via the QNAP settings or directly on the router. This once again brings us back around to what should be the expected skill level of a QNAP NAS owner, how much of the control and security profile of the storage system belongs to QNAP and how much should the buyer be expected to do independently? You can buy a car, you can fill it with petrol and the manufacturer can tell you its top speed, and miles to the gallon – but no car manufacturer would feel the need to add to all their adverts “must have a driving licence”, do they? It’s a rather stretched simile I know, but the fact remains that users cannot expect to connect their storage to the internet in 2022, open up pathways to it via the internet and not at least make allowances or provisions that an attack could happen. This leads us to the hardest and coldest fact of QNAP’s recent ransomware attacks that, although only applies to a % of users, is still depressingly true.

How Backups and Data Storage are Still being Misunderstood

A frighteningly large number of victims with no backup. Acceptable backup levels?

One of the hardest choices for anyone that has been successfully targetted by ransomware attackers (not exclusive to NAS either) is the choice to pay or not. When I am asked to make recommendations for a home or business user in the free advice section here on NASCompares or the comments on YouTube, I will always ask what the user storage quote is currently (now then double annually over 5yrs), their user base (volume and frequency) and their budget? That last one is always a kicker for some, as no one wants to show their cards! I’m not a salesman and I do not work for a eRetailer, I ask because there is a lot of ground between a £99 DS120j and a £5000 RS3621XS+. However, budget is INCREDIBLY important and should not only be measured by the number of 0’s in the account, but also by the cost of if the data is lost! Many users are so busy thinking of how much it will cost to provision for the future, that they are not factoring in the cost of replacing the past! This is the exact personal vulnerability that ransomware targets and sadly, a lot of users still do not understand 1) what a backup actually IS and 2) what a backup actually ISN’T.

If your data ONLY lives on the NAS, then the NAS is not a backup. You likely knew that. But socially and conventionally, we tend to forget it quite easily. We make space on phones by deleting stuff because ‘it is backed up on the NAS’. We sync our laptops and MacBooks with a remote folder to keep our files safe on the NAS, but still make changes or delete files on the hoof. We take the NAS as red as a backup and at that point, it isn’t! Likewise there are things that SOUND like backups… RAID… Snapshots… Hot Spares… they sound very reassuring, but are not backups, they are safety nets! And are all typically found ‘in system’. A REAL backup is something that is the same files, ELSEWHERE!  There is no avoiding that a QNAP NAS (or a Synology or Asustor NAS for that matter) is NOT a backup solution in of itself, but can be used IN a Backup Strategy. All brands highlight at numerous points o their website that you should have a 1-2-3 Backup strategy, or a bare-metal and cloud backup, or a periodic USB backup, a NAS to NAS remote backup – or ALL of them! Sadly, there are a lot of users in the official QNAP forums that have been hit by ransomware and did not have backups in place, with some knowledge that they needed a backup but their budget’s prohibited it. Whilst others say that QNAP said it’s a backup device, they bought it as a backup device, QNAP missold it and that is the end of argument!

The sad truth is that QNAP is not responsible for your backup routine or strategy, it supplies the means to store and access data and their responsibility (succeed or fail) is to ensure its hardware and/or software provides a default secure level of access, as well as the means to configure that access to the users control. There HAVE been vulnerabilities found and they have patched them, as is the usual process in these things (at least, they say they have at that is the best guarantee we can ever have from a brand in the circumstances), but they are NOT responsible for your backup routine. This now leads us to the subject of the QNAP hardware, the QNAP software and comparisons with Synology.

Hardware vs Software Priorities – Both the Brand and the User Base

Hardware vs Software, QNAP vs Synology, Is the grass greener?

Way back in the mid twenty-teens, whenever I would discuss QNAP and Synology on the platform, I would always say that you go to Synology for the Software and QNAP for the Hardware. Synology’s DSM platform clearly makes up the bulk of the companies investment and attention, makes up a significant chunk of the price tag and is designed around keeping things as user-friendly as possible (within reason). This is why their devices at each generation refresh (DS916+>DS918+>DS920+ or DS216+>DS218+>DS220+) only make smaller increases on the previous generation – the software IS the focus. With QNAP we tend to see the hardware taking bigger leaps each generation. Better standard ethernet, better PCIe gens, Better CPUs much earlier and overall greater hardware at any given time. For PC builders and those that know a lot more about the contents of their laptop than the contents of their router, this is speaking THEIR language and makes the price tag translate better. Fast forward to 2022 and although that logic still remains the same, these brands are more 60/40 in their architecture (where 60 = their preferred hardware or software bias). The issue starts when QNAP seem to rush their software out the door very quickly. Alongside a lot of more beta applications being available, they roll out a lot of new types of software that (and I am sorry to use that expression again, but) could have used more time in the oven. This approach to software development and release can be dicey and although it makes QNAP the more exciting platform (with its better hardware, more diverse software and continued AI or generally automated services), it also means that the platform has less of the layers of troubleshooting red-tape that Synology has (which inversely means the Synology product is going to be more expensive and less hardware rich, as that investment of time needs to be repaid to be justified).

Look at the Apple TV box or Amazon FireTV / Firestick? Is it user-friendly? yes! Is it slick and intuitive? Yes! Is it flexible in the installation of 3rd party applications? NO (at least, not without workarounds)! Is it hardware-powerful? LORD NO! One glance on eBay will show you a thousand other media boxes at the same price with Android on board, 5-10x the hardware and customization coming out of the wazoo. Nevertheless, many users will not buy the apple/amazon media option because although they KNOW it will be slick and ‘hold your hand’ all the way, it will be a closed system, noticeably more expensive and even then “nothing is full proof, right?”. And a lot of the anger at QNAP for their increased ransomware targeting and handling of this needs to also be balanced against why a lot of users chose the QNAP NAS brand. The QNAP NAS platform does have good applications and services, some genuinely unique ones and ones that allow tremendous flexibility and customization – but users need to remain relative to what drew them to the platform and have sufficient backups AND safety nets in place. I would say this about QNAP, about Synology, hell… Google drive, DropBox, Backblaze… ALL of them have localized client tools that rely way too much on the success of versioning/roll-backs being possible on the cloud platform. None of them are 100% full proof and QNAP dropped the ball multiple times here, but none of these ways are unprecedented and should be provisioned for regardless of your NAS brand or cloud platform.

The Sad Truth about Servers, Security and Vulnerabilities

Vulnerability > Update > vulnerability > update > rinse > repeat

No platform, software or service is going to be 100% bulletproof. You can increase your personal layers of security (VPNs, Encryption, layers, restrictive white lists, etc) to hit 99.99% but whatever way you are looking at it, everything we use is software-based and therefore, fallible. Equally, users cannot pretend that it is still the early days of the internet anymore and still be annoyed when a statistical possibility that should have been factored against was not. Do I think QNAP NAS are safe? I’m sorry to say that the answer is never going to be a simple Yes/No. I think they provide what they say they provide and I think that QNAP hardware is still the best in the market right now. But their software needs to be less rushed, the extra time/budget be spent on that software, or utilize a trusted 3rd party. The need to relinquish some of the customization of their platform in efforts to remove some of the configuration out of the hands of less tech-savvy users who end up overly reliant in defaults. Perhaps a much more rigorous setup policy that, on day 1, have an EXPERT door and a NOVICE door, with randomized defaults and extremely regimented update rules on the latter. Equally, the brand (though better than it was) needs to work on its communication with its end-user base, both in the event of critical issues and education on what the user base needs to have to increase security OUTSIDE of their product.

I still recommend the brand, I still think users should use their products, but we need to be realistic and honest with ourselves about what we buy and our expectations. If I buy a QNAP NAS, I expect it to store the data I store in it and allow me access to it on my terms, but ‘my terms’ might be a lot more/less strict than the next person and with that comes due diligence in 2022. I hope that the most recent ransomware attack, deadbolt, is the last ‘big’ one we hear about the year/moving forward, but I do not think it will be. More than just QNAP, one look at the vulnerabilities listed on security advisories of all the brands tell us that there is big money to be made by these intruders and the brands can only stay 1 step ahead. As always, me and Eddie here on NASCompares have been running a page that links to the bigger NAS security Advisory pages that gets regularly updated, so if you want to get notifications on these as they get added (pulled from the official pages themselves), then you can visit the page below and put your email in for updates when they happen. Have a great week and backup, backup, BACKUP.

Click Below to Read

 

Finally, If you are currently unaware of the Deadbolt ransomware attack that took place on QNAP NAS devices, you can find out more in the NASCompares article and video below:

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,451 other subscribers


Get an alert every time something gets added to this specific article!


Want to follow specific category?

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR NAS DEALS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

QNAP NAS Attacked By DeadBolt Ransomware

26 janvier 2022 à 15:08

New QNAP Attack Emerges in the last 24hrs, the Deadbolt Ransomware

UPDATED 28/01/22 – QNAP has instigated a forced-push firmware update to NAS devices to upgrade their systems to version 5.0.0.1891 (the 23/12/21 update), which will override systems that have their update settings set to ‘Do not automatically update’. This will almost certainly change a number of default settings that in older QTS versions are connected with the means of the deadbolt firmware being instigated on individual NAS systems. Following this, several users have reported that existing iSCSI connections ceased, due to a default setting changing in the update. As per the highlights on the bleepingcomputer update article, this has been resolved by users by seeking out the following setting:

“In “Storage & Snapshots > ISCSI & Fiber Channel” right-click on your Alias (IQN) select “Modify > Network Portal” and select the adapter you utilize for ISCSI.”

Nevertheless, a forced update is quite a big move by the brand in response to this ransomware attack and one that under other circumstances would be something that ideally would have been presented with a “we will be making this forced update on X date, be aware” etc. In the QNAP reddit, a 1st party support team member responded to queries regarding the forced QNAP QTS update with the following;

“We are trying to increase protection against deadbolt. If recommended update is enabled under auto-update, then as soon as we have a security patch, it can be applied right away.

Back in the time of Qlocker, many people got infected after we had patched the vulnerability. In fact, that whole outbreak was after the patch was released. But many people don’t apply a security patch on the same day or even the same week it is released. And that makes it much harder to stop a ransomware campaign. We will work on patches/security enhancements against deadbolt and we hope they get applied right away.

I know there are arguments both ways as to whether or not we should do this. It is a hard decision to make. But it is because of deadbolt and our desire to stop this attack as soon as possible that we did this.”

Additionally, (again, thanks to BeepingComuter for raising this) there are reports that the number of affected devices may have raised significantly since originally projected and several security researchers and internet device monitoring sites raise this number to between 1,160-3,687 as of Jan 28 2022. See tweet below:

🔐 Curated Intel member, @1ZRR4H, observed QNAP ransomware events being reported via IoT search engines, including Shodan and Censys.

🔗 Shodan (1160 events): https://t.co/qpaCTuICAf

🔗 Censys (3687 events): https://t.co/uZKLQprSDE

Tip: use country tags to search by country. pic.twitter.com/2IXpCNpBvV

— Curated Intelligence (@CuratedIntel) January 27, 2022

I will continue to update this article as new information emerges. Please find the original article detailing the Deadbolt ransomware attack on QNA NAS devices below.

Yesterday (25/01) it has been reported on official QNAP forums that several users have been attacked by a new ransomware (actioned with the name Deadbolt) that, if successful in its intrusion, encrypts the content s of your NAS and demands 0.03 bitcoin (about $1000-1100) to provide the decryption key and allow retrieval of your data. QNAP has responded on multiple channels, urging their user base to immediately disable Port Forwarding on their router/modems and the UPnP function of the QNAP NAS within the remote access services. Additionally, they (as you would expect) strongly advise users to update their QTS software to the latest available version to block incoming DeadBolt ransomware attacks. QNAP has since issued this statement, published 26/01/22:

QNAP Systems, Inc. recently discovered that a ransomware called DeadBolt is attempting to attack NAS exposed to the Internet. The ransomware will hijack the NAS login screen and extort bitcoins from the victim. QNAP strongly urges all NAS users to immediately follow the methods below to check whether your NAS is exposed to the Internet, confirm whether the security settings of the router and NAS are complete, and update QTS to the latest version as soon as possible. More information regarding checking the level of access your QNAP NAS has to the internet, as well as how to change key settings to improve security can be found HERE.

Following the news on this as it has happened over 24hrs, the popular network security site Bleeping Computer reported that DeadBolt ransomware group started attacking QNAP users  and encrypting files on compromised NAS devices applying a .deadbolt file extension to affected files

Unlike previous instances involving QNAP NAS being targeted by ransomware, deadbolt are not dropping ransom .txt or docs to the encrypted devices but, this time are replacing the login pages to display warning screens saying “WARNING: Your files have been locked by DeadBolt.” The ransom screen asks the QNAP NAS owner to pay 0.03 bitcoins (roughly $1,100) to a unique Bitcoin address generated for each victim, claiming that the decryption key will be sent to the same blockchain address in the OP_RETURN field once the payment goes through. Sadly, as is always a risk factor with ransomware, currently, there are no confirmations that the threat actors will actually deliver on their promise to send a working decryption key after paying the ransom (as at the time of writing) users who have been affected are not seemingly considering paying (understandably, as this likely facilitates this happening further still in future for others).

Additional to the main ransom note splash screen on affected QNAP NAS systems, there is also is a link “important message for QNAP,” which then leads to a displayed message from the DeadBolt ransomware group that is specifically for QNAP’s attention. This screen states that the DeadBolt ransomware gang is offering the full details of the alleged zero-day vulnerability if QNAP pays them 5 Bitcoins in payment, roughly equivalent to $184,000. They are also willing to sell QNAP the master decryption key that can decrypt the files for all affected victims and the zero-day info for 50 bitcoins, roughly $1.85 million based on the current BC valuation. They state that if this payment is made:; “You will receive a universal decryption master key (and instructions) that can be used to unlock all your clients files. Additionally, we will also send you all details about the zero-day vulnerability to [email protected]

So, fairly brazen stuff!

What Does the DeadBolt Ransomware do to my QNAP NAS?

The DeadBolt ransomware is attempting to encrypt QNAP NAS, units, utilizing what they state is a zero-day vulnerability within QTS (A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. An exploit that attacks a zero-day vulnerability is called a zero-day exploit). The attack began on January 25th, with numerous QNAP users discovering their data encrypted and file names appended with a .deadbolt file extension, as well as amending the QNAP login web page to show a display screen stating, “WARNING: Your files have been locked by DeadBolt,” (see below:

On this occasion, this user was told they need to pay 0.03 bitcoins (roughly $1,100) to an individual Bitcoin link in order to receive the decryption key. The process of receiving the key is detailed follows:

So, if you have not been affected by this ransomware, but have/need your QNAP NAS to be remotely accessible from outside of your local network, what should you do?

How to Check and Amend Your QNAP NAS Internet Access Right Now

Like many ransomware attacks, the full vulnerability that it exploits will become clearer as time goes on, but a high facilitating factor of the deadbolt attack concerns poor remote access security. Remote access to the NAS can be made several ways (some more complex than others) and QNAP in their recent news post on this ransomware attack highlights further recommended network maintenance measures that you should follow/check. Open the Security Counselor program of the QNAP NAS, if you find the warning text “The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP”, it means that your NAS is being exposed to the external network, and the risk is extremely high.

If you are unsure which port numbers on your router are open, then you can use this guide on How to query the port number that has been exposed to the external network HERE. If your NAS is exposed to the Internet, it is recommended that you follow the steps below for NAS security protection:

1: Turn off the Port Forwarding function of the router

Open your router’s system management interface, check the router’s Virtual Server, NAT or Port Forwarding settings, and set the NAS system management ports (8080 and 443 by default) to off.

2: Check if the UPnP function of the QNAP NAS remains off

Open the myQNAPcloud app of QTS and check the UPnP Router settings. Uncheck “Enable UPnP Port forwarding”

Connecting with your QNAP NAS remotely may well be a key reason why you purchased the system, but if you are less tech or network protocol savvy, then many users will use the QNAP supplied service. However, I still HIGHLY recommend that you bolster your network security settings as much as possible and ensure you have multiple layers of security (automated or direct authentication required) between the internet and your NAS Drive. If you need a NAS external network connection and want to use the myQNAPcloud Link to connect, please refer to the following link – HERE

Alternatively, QNAP made a whole page on remote access security and a breakdown of the factors HERE. Further details on this are covered in the Data News of the Week Video below from the NASCompares YouTube channel:

We will continue to monitor this and update this article if further information arrives that ranges from changes in the attack methodology to potential fixes and decryption tools emerging.

Additionally, it is worth remembering that exploits can be found in practically any internet-connected appliance, it is just a question of the extent to which a vulnerability can be pushed to execute unique commands. The software makers (not just NAS, but practically ALL internet service linked applications and tools) can only be 1-step ahead of hacks (cat and mouse, 1 step each, etc) and that is why all reputable NAS brands have Security Advisory pages that are regularly updated to list any current vulnerabilities that are found, addressed and patched on their platforms. However, staying on top of these can be difficult, so below is a link to a page here on NASCompares that is updated automatically every day and/when a brand updates its security vulnerability advisory pages. You can add your email address to that page in order to receive updates as soon as the brands publish investigated vulnerabilities. Visit this page by clicking the banner below:

 


Articles Get Updated Regularly - Get an alert every time something gets added to this page!



This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR NAS DEALS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

Best 10GbE NAS to Buy in 2022

31 décembre 2021 à 01:10

A Guide to the Best 10GbE NAS Drives to Buy Right Now

Data is getting big, like REALLY BIG. From the phone in your pocket taking photos at 10MB+ a go, movies arriving at 4K Ultra HD HDR as an excepted scale and internet connectivity easily breaking into greater than gigabit speeds, we are fast approaching a point where most devices (not just NAS drives) that feature a rather old skool 1GbE (RJ45) LAN/WAN port can potentially cause a bottleneck on your network. Most client hardware (phones, laptops, TVs, Tablets, media players) have risen to the bandwidth challenge in the last 12-18 months with the inclusion of greater WiFi protocol such as WiFi 6 (802.11ax), but in the world of Network Attached Storage (NAS), they have been addressing bandwidth limiting issues for years and one of the easiest ways they have been going it is with the embracing of 10GbE. As the name suggests, 10Gbe is ten times the bandwidth of traditional default 1GbE, allowing a little over 1,000MB/s network transmission to be possible. 10G has been around for a number of years, however, it is only in the last 2-3 years that it has become remarkably affordable, allowing both home and business users to easily make the switch. From 10G adapter cards costing less than £100 and network switches arriving at just a fraction more than their 1G alternatives, to the physical compatibility of 1G and 10G being identical in some cases (Copper RJ45) allowing an upgrade to be easy and with a large degree of hardware recycling – 10GbE is a great deal more available than many could have thought. Below is a video where I detailed lots of reasons to upgrade/ignore 10GbE that you might find useful when searching for the best 10GbE NAS to buy in 2022:

Unsurprisingly, because of the affordability of 10GbE increasing, as well as the popularity and ease of upgrading, ALL the NAS brands have been producing 10GbE solutions in the last few years and that means that (on the plus side) there is ALOT to choose from but (on the less good side) it can mean choosing the right one is a lot harder than you think. Factors such as the CPU, the physical type of 10GbE in use, number of ports, number if media bays and the maximum memory are all tremendously important factors in choosing a 10GbE NAS that fits your budget and requirements.  All too often, you will see a more affordable 10GbE NAS, such as the TS-332X or DS1817 (non-plus) and think ‘wow, that is really affordable’, but that is because the CPU inside is going to be at 80-90% usage at all times during 10GbE use, will be wildly inefficient at managing larger RAID configurations to what they can push through 10G and the money you save in these budget solutions can often be lose quite quickly in the system losing you actual time in use. So, today I want to talk about my three recommended 10GbE NAS solutions that (out of all the NAS systems available at the start of 2022) are the best for budget buyers, for shared storage business users and for Power-hungry Professionals. I am only looking at desktop 10GbE NAS and ONLY servers that have 64bit x86 processors (no ARM Annapurna, Realtek or Marvell here – we want GUARENTEED 1,000MB/s and with the least hardware usage possible regardless). The Hard drives or SSD you choose to use will of course play it’s part, but these three NAS solutions will be able to saturate that 10G bandwidth with even most drive media. Let’s begin.

What Have All the Best 10GbE NAS Drives Have in Common?

It is worth remembering that although there are ALOT of different 10GbE NAS drives available to buy, they are by no means created equal! With numerous super budget brands popping up online, it can be tempting to consider these alongside the premium NAS brands. However, all too often they offer solutions righty seem ‘too good to be true’ and then are gone from the web before your warranty even gets cold! So, whether you are looking at the three best 10GbE solutions that I am recommending below OR are looking at another 10GbE NAS you saw on offer/recommended elsewhere – the best NAS system ALWAYS include the following software and services:

  • Combined Hardware & Software Solution – That means that you are buying the hardware, but it ALSO includes a web browser GUI, mobile apps and desktop client apps (including backup, media, streaming, surveillance and file management software)
  • All NAS systems in this guide are compatible with (and can be accessed by) Windows, Mac, Android and Linux operating systems
  • All NAS Solutions arrive with between 2-3 years Warranty (with the option to extend to 5 years)
  • All NAS drives can be accessed locally over the network, as well as secure remote access is possible with brand supported services (at no additional cost)
  • The most modern and regularly updated NAS systems will support the very latest 20TB NAS hard drives (such as the Seagate Ironwofl 20TB and WD Red 20TB)
  • All the recommended solutions support multiple drive configurations (RAID) for drive failure protection and performance enhancements
  • All solutions receive regular updates to their security, features and services
  • All recommended NAS drives can connect and synchronize with cloud services (Google Drive, DropBox, OneDrive, etc), as well as Business/Enterprise services such as AWS, Azure, Backblaze and more
  • All NAS solutions (regardless of brand) feature the ability to host a shared drive on your PC/Mobile/Laptop systems that are synchronized with the NAS via the network/internet, but is shown in your native operating system file manager (i.e Mac Finder or Windows Explorer)
  • All the NAS solutions listed can be accessed DIRECTLY via an ethernet/network cable being connected from your PC/Mac system, to the NAS RJ45 port for 100MB/s and higher connectivity
  • All the best NAS solutions (regardless of brand) feature backup and sync tools that can be installed on your local client computer and allow regular backups of your files and system data

So, make sure that if you are looking at a NAS solution that is NOT recommended below, that it includes all of the above. As these are some of the clearest areas that brands all too often cut orders to produce cheaper by ultimately inferior NAS servers for home and business. So, let’s discuss the very best 10GbE NAS to buy now in 2022.

Best Priced 10GbE NAS Drive – Terramaster F5-422 NAS

0-100TB, 5-Bays, 4-Core Intel J3455 CPU, 4-8GB Memory, 1x 10Gbe + 2x 1GbE Port, 2yr Warranty

Current Price/Availability on Amazon – $549

Hardware Review – LINK

YouTube Video Review – Watch

Internally the hardware that this unit arrives with is very competitive at this price point, even without 10Gbe. Include 10Gbe into the mix and this could likely be one of the most affordable Intel/4K enabled 10 gigabit NAS drives in the market right now. The Terramaster F5-422 5-Bay NAS features an Intel CPU and 4GB of DDR3 memory which is not even the limit, opening up the device and installing an additional 8GB stick is very easy indeed. This internal hardware certainly enables a number of features that a large number of cost-effective ARM CPU could not. Most important of which is acting as a proficient and encoding enabled Plex media server. The device can support many users at the same time, each with its own login and privileges thanks to this CPU. All the while, setting up, configuring and maintaining a stable RAID across all available hard drives or SSD. However, if your budget is tight, you will be pleased to hear this device can function with a single HDD/SSD if need be and you can add further storage media as your budget allows (and expanding a RAID).

Click to view slideshow.

Overall the terramaster F5-422 NAS is definitely worth the price. I have seen numerous NAS brands grow in the last 8 years and the speed with which terramaster is developing, both the hardware and software, massively outpaces the likes of Synology and QNAP, which have taken twice as long to reach the point that terramaster has. If you are looking to buy your first NAS, but want to ensure that you get maximum features at a modest price-tag, you genuinely would be hard pushed to beat the Terramaster F5-422 right now in 2019. That said, there is no denying that some cost-cutting measures have taken place, with the HDMI output not functioning as you would expect at release or the lack of USB Copy Button. However, you will never find features like those, or software options with this hardware at this price limit that still have 10Gbe on the table and the Terramaster F5-422 serves as a great middle-ground for those that want their cake and eat it in their first steps into the world of NAS at a higher speed going forward.

SOFTWARE - 6/10
HARDWARE - 7/10
PERFORMANCE - 7/10
PRICE - 8/10
VALUE - 7/10


7.0
PROS
👍🏻Affordable 10Gbe
👍🏻Great RAID Options
👍🏻Fluid GUI
👍🏻Snapshot Replication
👍🏻BTRFS
👍🏻Supports Plex
👍🏻4K Video transcoding
👍🏻Full Plex Transcoding
👍🏻DLNA Compliant
👍🏻RAM upgradable
CONS
👎🏻No Copy button
👎🏻HDMI Currently Unsupported
👎🏻SSD Caching requires the loss of 1-2 Bays
👎🏻No Surveillance or VM App

 


Best All-Round Performing 10GbE NAS – The QNAP TS-h973ax NAS

0-100TB HDD, 5x 3.5″ Bays, 2x 2.5″ SATA Bays, 2x 2.5″ U.2 NVMe SSD, 4-Core Ryzen V1500B 2.2Ghz CPU, 8-32GB DDR4 Memory, 1x 10Gbe Port, 2x 2.5GbE Ports, USB 3.2 Gen 2, Option of ZFS or EXT4, 3yr Warranty

Current Price/Availability on Amazon – $999

Hardware Review – LINK

YouTube Video Review – Watch

I have seen a lot of network-attached storage over the years and the TS-h973AX brings a lot of colour to what was fast becoming a somewhat grey landscape. In short, QNAP has gone and done it again by proving they are the hardware innovators of this industry and have managed to provide a genuinely unique solution here. When they first revealed their new Hero ZFS operating system last year, you could not help but get the impression that only top-end enterprise businesses with £10K starting budgets were ever going to benefit. The TS-h973AX desktop NAS is solid evidence that QNAP will share the wealth and that this is the start of a whole new series of affordable ZFS solution from the brand. That isn’t to say that this system is perfect and pernickety points about a lack of HDMI or LCD may put off some users, and the compact 9 bay chassis that will attract some will no doubt deter others.

Click to view slideshow.

Ultimately though QNAP has succeeded in creating what they sought out here and what we find is one of the best examples of hardware and software meeting in the middle, while still arriving with a price tag in 3 figures. In the current absence of a straight forward QuTS license purchase option for existing QNAP NAS systems right now, this is a solution that serves as a good alternative to a number of 4 and 6 Bay solutions in their portfolio. Though, make sure you upgrade that memory on day one! 

SOFTWARE - 8/10
HARDWARE - 8/10
PERFORMANCE - 8/10
PRICE - 9/10
VALUE - 8/10


8.2
PROS
👍🏻10GbE Equipped
👍🏻Triple tier storage
👍🏻ZFS / QuTS Hero System
👍🏻Virtualization Support is unparalleled
👍🏻10Gb/s USB 3.2 Gen 2
👍🏻10 min Windows and/or Ubuntu VM install (included)
👍🏻U.2 NVMe PCIe Gen 3×4 Support
👍🏻Hugely Expandable
👍🏻2.5GbE LAN Ports
👍🏻8 Surveillance Camera Licences
CONS
👎🏻No PCIe Upgrade Option
👎🏻Lacks HDMI
👎🏻Some might prefer the ease of NVMe over NVMe U.2

 


Ultimate Hardware & Software 10GbE NAS – The Synology DS3622xs+ NAS

0-240TB, Synology HDDs Only, 12-Bays, 6-Core Intel Xeon X D-1531 CPU, 16-48GB Memory, 2x 10Gbe Ports, 2x 1GbE, 1x OoB Port, 1x PCIe 3×8 Slot, 5yr Warranty,

Current Price/Availability on Amazon – $2999

Hardware Review – LINK

YouTube Video Review – Watch

Now, to cover the WHOLE Synology software and services that are included with the DS3622xs+ NAS would result in a review that is twice as long as this review so far! Synology’s Diskstation Manager software that comes with this device (either DSM 7 or DSM 6.2 depending on your preference) provides a massive arrangement of services, applications (first and third party supported) and a huge number of client applications for desktop, mobile, windows, mac and linux (as well as a bunch of other more home-based tools). These allow management and access to the data on the DS3622xs+ in very tailored ways, as well as the web browser-based access that has the appearance, intuitive design and responsiveness of a local operating system. The DSM interface can be accessed by hundreds of users at the same time (with each user having tailored access, rights and privileges). DSM is available with ALL Synology NAS and the depth and abilities of DSM on any NAS are dependant on the hardware architecture of the NAS itself. In the case of the Synology DS3622xs+, it supports practically EVERYTHING (with the exception of SHR, as previously mentioned). If you want to learn about the latest version of DSM 7 and the software and services that are included with the DS3622xs+ NAS, watch my FULL review below (alternatively, you can read the DSM 7 Full Review HERE):

Click to view slideshow.

Unsurprisingly, the Synology DS3622xs+ is by FAR the most powerful and capable desktop NAS solution that the brand has ever produced – and that is not even a close-run thing. But we are still talking about a £2,500 box here (unpopulated) and you are going to expect that there is some serious horsepower here – So are you getting the most for your money here? Almost completely, yes. There are a few lingering things that some buyers will still not be in love with, such as the lack of M.2 caching bays, the lack of SAS support or the reduced support of 3rd party drive and network upgrade compatibility, but they do not undercut that this is a genuinely groundbreaking solution from Synology that provides the ultimate base to enjoy and make the most of the Synology DSM 7 platform in 2022 onwards. Once you breakdown everything included in this package, from DSMs software and services, to the tremendous bandwidth available here internally and externally, this compact tank-like NAS server is an absolute beast and a must for those that are keen on fully integrating a private cloud network and subscription-free SaaS-level setup across their company.

SOFTWARE - 10/10
HARDWARE - 9/10
PERFORMANCE - 9/10
PRICE - 7/10
VALUE - 8/10


8.6
PROS
👍🏻6-Core Xeon Processor
👍🏻Two 10GBe Connections as Standard
👍🏻Lots of PCIe Gen 3 x8 PCIe Upgrade Options
👍🏻Surprisingly Compact for 12 Bays
👍🏻Excellent choice of Apps
👍🏻Exceptionally Expandability
👍🏻No need to fully populate, so VERY scalable
👍🏻Huge Virtualization Support
👍🏻Storage Can be Expanded to 36 SATA Drives
👍🏻5yr Warranty
CONS
👎🏻NVMe SSDs Ports not available, unlike smaller PLUS series units
👎🏻Reduced Hard Drive Supported (Largely ONLY Synology HAT5300 series)
👎🏻48GB Memory Maximum Seems odd over 4 slots
👎🏻Lack of Synology Hybrid RAID (SHR) is still a bit of a blow

 


 

 

And there you have it. Those are the three best 10GbE NAS drives available right now at the end of 2021 and going into 2022. thought it is always worth remembering that these systems typically have a refresh (i.e manufacturers release a new version/follow-up) every 2-3 years on average. Therefore although these systems are all still great 10GbE NAS drives, they might have been upgraded in a newer released version, or recently released alternative 10GbE’s may have arrived on the scene that provides better pricing, value or features. If you are in doubt about whether to buy a 10GbE solution from my recommendations, want to check if a newer system has been released recently OR are simply looking for some free expert advice, then use the free advice section below over. Just enter in a few details of your setup, storage requirements and (in the case of buying a new solution) your budget – then me and Eddie the Web guy can help you with your question. This is a completely free service, is NOT provided with profit in mind and is manned by two humans (no bots, no automated replies, etc). Assistance might take an extra day or two (the service gets a lot of visitors) but we do try to answer every message. If you want to support this service, you can find out how to donate HERE. Otherwise, you can still jsut message us for free advice anyway!

 


Articles Get Updated Regularly - Get an alert every time something gets added to this page!


This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

 

SEARCH IN THE BOX BELOW FOR NAS DEALS

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7] Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

 

❌