FreshRSS

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierFlux principal

How to PROPERLY Backup Your Google Photos to QNAP NAS

21 novembre 2022 à 18:00

How to 100% Backup Your Google Photos Account to ANY QNAP NAS Drive

If you have made the switch from your limited/paid subscription cloud service from Google in favour of buying your own QNAP Server, then you will know that, for the most part, the storage potential of your new NAS drive has better scalability and longevity in your storage than the cloud. That said, there are still a few services that Google has offered users for quite a few years that have so much of your data in them, that you want to make sure that it is carried over to and/or backed up to your qnap NAS). Creating a Backup or Sync job between most cloud services like Google Drive and a QNAP NAS has been a service that has been available in several ways for years. HOWEVER, Google Photos, the service that backs up all the photos you take on your android device (Phone, Tablet, Chromebook, etc), has always been tricky/impossible to backup in a fluid and native feeling way – TILL NOW! Thanks to QNAP’S new MARS application (Multi Application Recovery Service), this has a specific Google Photos backup and synchronization routine in place that allows users to connect their Google Pictures and Albums to the QNAP NAS, then action backup to the NAS storage ad-hoc or on a schedule as needed. So, today I want to show you exactly how to do it. Let’s start.

The Difference Between a Google Photos Backup and Google Drive Backup

Before we go further, it is worth highlighting that this is not the first guide I have written that covers synchronizing and/or backing up your Google Data to a QNAP NAS. However, my previous guide was on how to backup your Google Drive and Google Photos Data via the Google Takeout service (video here too). A few years ago, Google would store the Google Photos data and Files via Google Drive, which made accessing this data much, MUCH easier. However, in recent years Google separated the Photos data into separate Google Photos software services and that made a seamless and automated backup of this data much harder. It is only now with the QNAP MARS tool that we can natively backup the photos, without using a manual download from the Google Takeout service in the middle.

What You Need to Backup and Sync Google Photos with a QNAP NAS

The setup and execution of using MARS to back up your Google Photos account to your QNAP NAS are really easy, only need to be done once and can be very easily configured at any time. t is also worth highlighting that it is possible with even very, VERY cost-effective QNAP NAS systems. As long as your NAS supports QTS 5 (and therefore has access to the MARS free app in the QNAP App Center), you have everything you need. So, to confirm, in order to use this guide you will need:

  • A QNAP NAS Drive – Obviously
  • Access to the NAS via a Web browser and account privileges to install Applications
  • Access to your Google Photos Account
  • A QNAP NAS running QTS 5 / QuTS 5 or Higher
  • The QNAP free MARS App
  • (Optional) Have Multimedia Console and QuMagie installed on Your QNAP NAS

The optional steps are only going to be needed if you want to create a smart photos NAS setup that includes AI-powered photo recognition (faces, things and subjects), as well as integrating the Google Photos collection that you are pulling over to the NAS in with your existing QNAP  NAS Photo collection.

Backing Up Your Google Photos Account to your QNAP NAS Step By Step

These are the steps you need to follow to create a connection between your QNAP NAS and your Google Photos account, for backup or Synchronization services. There are also additional steps that allow you to add browse these photos more effectively in the QNAP QTS platform with Multimedia Console and QuMagie (with AI photo recognition), but these steps are optional.

Step 1 – Log into your QNAP NAS and QTS GUI via the web browser and head into the Application Center

Step 2 – Download and Install the MARS application

Step 3 – Run the MARS Application and select the Google Photos option on the left-hand side

Step 4 – Select the ‘Add Service’ option on the top right, name the connection (anything will do) and then click ‘Connect Google Photos’

Step 5 – Enter Your Google Photos login information and give QNAP MARS access rights

Step 5 – Select the Backup Option on the left, select ‘Google Photos’, name the backup job and then select the ‘Source’ Browse Button

Step 6 – Select the Google Photos Account you connected earlier

Step 7 – Now select the ‘Destination’ Browse Button and highlight where you want the Google Photos to be stored on the QNAP NAS

Step 8 – Select the ‘Multimedia Console’ option if you already have the App installed to ensure it gets indexed

Step 9 – Select ‘ALL’ if you want the entirety of your Google Photos Account Backed Up, or Select Individual Albums here

Step 10 – Select if you want the Google Photos to QNAP NAS Backup to be Manual or on a schedule

Step 11 – Select the Backup Schedule to be at the least inconvenient time (1AM?)

Step 12 – If you want to create separate Backups select the version number and retention policy here

Step 13 – Run the Backup Job to test that all is working!

Step 14 – The Images from your Google Photos Account should now be in the folder of your QNAP NAS you selected

Step 15 (Optional) – Install Multimedia Console if you want the QNAP to Index the Album for NAS Photo Apps to Use

Step 16 (Optional) – Select the QNAP Photo App (QuMagie or Photo Station) and then add the Google Photos Backup Folder You Made

Step 17 (Optional) – Select the ‘Indexing’ Tab if you want to run Index tasks at certain times and with certain priorities

Step 18 (Optional) – Use the QNAP QuMagie AI Powered App with the Google Photo Backup Folder Indexed to Browse the best way

Step 19 (Optional) – QuMagie will begin to identify Faces, Objects and Subjects and begin to process them

And that is it! Now you can use the QuMagie Application to have a much smarter, quicker and better-catalogued photo collection on your QNAP NAS – as well as now adding your Google Photos collection. This can either be used as another layer of Photo backup OR as a means to browse your decades of photos with AI-supported services to catalogue them much ,MUCH quicker, from the privacy and comfort of your home network (i.w NO INTERNET REQUIRED!). Thanks for reading and I hope this guide helped you!

 

Why Choose QNAP NAS after Google Photos?

Of all the brands in NAS, QNAP is one of the most innovative and generally considered to be one of the most flexible brands in terms of their software architecture. Whereas the previous brand, QNAP, will typically ask you to do things their way, QNAP is a great deal more customisable in its software and hardware architecture, allowing you to do things in a way you’re already familiar with and the NAS drive will adjust accordingly. With a greater range of hardware solutions on offer than most other NAS brands, the portfolio can be a touch intimidating. There are significantly more applications available on the software, mobile devices and desktop clients than any other brand and this applies to both photography and generally data. This large degree of flexibility and hardware options can often be to their detriment, as users that want their hand held a little or just want something to work straight away out of the box might find a QNAP a bit of a steep climb by comparison to Google Photos. That said, the software user interface accessible via your web browser is more stylized and comparable to that of Windows and Android, considerably more customisable than any other NAS software but this is presented at the expense of the relative ease of QNAP’s software. Most popular photo backup solutions in the portfolio include:

TOP QNAP NAS Deals to Watch Out For on Black Friday 2022

Even though there will likely be numerous deals on QNAP NAS systems (largely focused on desktop NAS systems of course), the following three NAS Drives are the ones I recommend for those on a tight budget, those looking for an affordable media/plex server or those looking to do a little bit of EVERYTHING! I have linked each to Amazon in order to check how much it will be on offer during Black Friday, but they will all likely be on offer in numerous locations during the event too. Here is what I recommend:

QNAP TS-464 NAS Drive – This is the new Prosumer desktop 4-Bay NAS from QNAP. Arriving with a fantastic hardware architecture, such as an Intel Quad Core N5105, 4-16GB Memory, M.2 NVMe Bays, PCIe Upgrade Slot, USB 3.2 Gen 2, HDMI 4K and more, this is a real compact powerhouse of a system and almost certainly will see good offers across multiple sites – Check HERE

QNAP TS-453E NAS Drive – Released a few months after the QNAP TS-464, the TS-453E is a marginally less scalable box BUT it makes up for it with incredible base-level hardware at a fantastic price (even when not on offer). Another (newer) Quad-Core Intel Powered CPU in the J6412, it also arrives by default with 8GB of Memory, NVMe SSD bays, 2.5GbE network ports and all this in a very compact casing. With great performance in Plex Media server, as well as the majority of QTS 5.1 applications, the TS-453E is the Prosumers NAS for home users who don’t need/want to pay extra for upgrades down the line. – Check HERE

QNAP TS-233 NAS Drive – A much more modest system than the two NAS I just mentioned, the TS-233 is a low-power, low-impact 2-Bay NAS (also available in the TS-133 1-Bay and TS-433 4-Bay) that runs on a Realtek Quad Core 64bit ARM processor, 2GB of DDR4 memory and is still able to support a large number of QNAP Applications (including the QVR Elite surveillance App, AI-Powered Photo Tool QuMagie, the Hybrid Backup Sync 3-2-1 Backup service and more. With energy prices increasing noticeably in 2022, this is very much a 24×7 NAS for those keeping an eye on the meter! Check HERE

Best All Rounder QNAP NAS

Best Plex & QNAP NAS

Best Budget QNAP NAS

QNAP TS-464 NAS Drive

QNAP TS-453E NAS Drive

QNAP TS-233 NAS Drive

 

QNAP NAS Advantages

  • By far the most hardware-equipped NAS brand
  • The largest number of applications for media and backups
  • A wider range of supported 3rd Party platforms and services
  • Very software/folder path customizable
  • Excellent indexing/thumbnail generation (Multimedia console)

QNAP NAS Disadvantages

  • It can be a touch intimidating on day 1
  • Less suitable for ‘setup and forget’ users

 

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,405 other subscribers

Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

 

QNAP NAS Security Check List – 23 Different Ways to Secure Your NAS

21 octobre 2022 à 18:00

QNAP NAS Security Check List – 23 Vital Steps to Secure Your NAS

It must be frustrating to hear about all ransomware and other kinds of attacks on QNAP. Especially if you plan to buy one or own a NAS already. In simple terms, you need to treat your NAS just like your computer. You would not risk going online without an antivirus installed on your Windows PC. Nowadays, Microsoft has built-in antivirus, but systems like NAS do not follow the same route. This is something you need to do manually just like in the olden days. And there are a lot more risks to consider when exposing your server to the internet. At best few brands like Synology will have built-in security advisor software. This will scan the system and notify you about all weak areas in your setup. But even that is not perfect. In this article, I will try to write from a hacker’s perspective. How would they think and what strategies they will use to attack your home network and your NAS.

How hackers attack your NAS?

NAS Security Checklist

How do you secure your NAS?

Bonus – How to secure your Network?

What are the ways your system can be attacked?

There are dozen of different kinds of methods to attack. But there are only a few that actually can affect a big number of NAS users. The rest of the attacks are very targeted at a single victim. Something for unique personal benefit. So the most popular attacks will be explained later in this article.

How does a hacker know I have a NAS?

They won’t until you tell them you have one. Hackers tell robots to scan every single IP in the world on daily bases. This is a single ping (something like saying Hello to a person). By default, devices are configured to reply with hello if they hear the ping. This is where hackers will initiate an open port scan which we will talk about in the next chapter.

Why do I have open ports?

Ports are like doors to different departments in your office. Something like IT office (NAS control panel), The Office Canteen (NAS multimedia apps), HR (NAS email and databases), the dispatch office (file transfer protocols) and so on. Random people pressing buttons on the control panel could cause the company to collapse. In order to keep people out, we use keycards (NAS user authentication).

Some of the door names (ports) are very specific to a certain NAS. This is how hackers can guess what kind of NAS you own.

A simple scan from online   https://pentest-tools.com  (check your IP) would check the most common ports and tell you if they are open.

A remote scan from a MAC terminal using the command nmap would show not just a few, but all single ports open.

Why open ports are potentially dangerous?

With additional commands like ‘vuln’, and ‘exploit’ hackers will check for software vulnerabilities. All services need regular updates. If not updated specific scripts will detect an outdated service and will allow hackers to abuse it. Similar to having an office key 🔑 that is 100 years old. Even kids could break in.

So your first defence here is your router. If you have not opened any ports since you received your modem/router from your broadband company you should be safe.

But it is worth checking those ports. When you log into your NAS as an admin you can tell your router to open ports. This will be called Port Forwarding. Be careful what you click. There is nothing wrong with open ports if you have security set up. I will talk about security configuration later on.

Here is a list of QNAP default ports link And here is Synology.

 

Brute force

Now when hackers know you have a NAS with certain ports open, they can start the most basic attack which is guessing your password.

They will try the most common usernames and passwords (such as Admin Password).

 

Where do hackers find my passwords?

First of all, they will use robots to try every single word inside the dictionary.

There are lists of stolen user names and passwords available on the black market for hackers to buy. You can check if any of your passwords are being sold here https://haveibeenpwned.com or here https://www.avast.com/hackcheck/

When someone is asked to replace or improve the password people so often simply capitalise the first letter, then add the number 1 and ! mark at the end of the password. Of course, hackers will try all stolen passwords with this modified version of it.

 

Phishing Attack

This is more popular among targeted attacks where people gain access to your personal data which is priceless. Since this attack is more profitable hackers can spend more time on every person individually. They would normally send you an email that looks very similar to QNAP official emails. They will say something like “your password is compromised, please change it here”. Then they will ask for old password and the new one. This is where they steal your password because you landed on hackers website that looks like QNAP. Always make sure URL is actually QNAP and not something like QNAPpp.com.

 

MAN in the middle 

Another popular phishing method is in places with Public Wifi (coffee shops, trains etc ). Man in the middle can see all data you send and receive if you don’t use HTTPS in URL. Hackers can also direct you to the page that again looks similar to QNAP page where you put your password in. But actually, it’s hackers website. Never access your important stuff or log into anywhere from free wifi EVER!

 

Zero-Day Exploit

Every piece of software becomes vulnerable with time. Either it is an Operating system or individual apps. Zero-day exploit means that there is a way to break into a system because there is no patch created or the patch has been installed on a particular system. So this makes it a ticking time bomb. They don’t even need your username and password.

It depends on each company how they deal will vulnerabilities. Some companies run Security Bug Bounty Program and some don’t. When a hacker finds a new security hole in the system they have to make a choice. Either they sell this information to a NAS brand or they sell this information to the black market. Or sometimes people simply share vulnerability info for free here https://www.cvedetails.com/vulnerability-list/vendor_id-10080/QNAP.html .

It is up to each brand how quickly they make a patch for each hole. Until there then you either need to disable the service or add another layer of security that doesn’t allow hackers to take advantage of this security hole.

You can scan your network for vulnerabilities and exploits using NMAP command.

 

Or for the visual interface, you can use Zenmap.

 

 

What about other attack types?

Malware Attacks

This will be vare rare occasion to get an actual virus. This usually happens with computers when you try to open a suspicious email attachment file. It could be zip or exe file or similar. On a NAS this could happen when manually installing OS or app. Instead of using AppStore or automated updates.

These viruses include worms, spyware, ransomware, adware, and trojans. This could be done via cheap smart plugs from China or elsewhere if you connect them in the same network (it’s good practice to connect them via guest wifi).

How To Choose The Right Settings to Secure Your NAS?

How do you secure your NAS

Now it’s time to go through the checklist and make sure your NAS is safe. You do not need to tick all of the boxes on the checklist. You start with the top and make your way down. The lower you get, the more secure your system gets.

Security Level Protects against
BASIC

  • A strong password
  • IP/USER autoblock
  • Two-Step auth
  • Disable Admin
  • Create non-Admin users
  • Remove Apps
  • Disable services
  • Change/ close ports
Brute Force Attack
MEDIUM

 
  • Enable auto-updates
  • Install Security Advisor
  • Install Antivirus / Set scan schedule
  • Enable Firewall (GEO)
  • Set User access rights (shared folders)
  • Use VPN to connect to your NAS remotely (Norton etc.)
  • Use SSL (HTTPS)
  • Isolate NAS apps
  • Use separate Volumes for storage and OS
Phishing Attack
MAN in the middle
Zero-Day Exploit
HIGH

  • Firewall (IP based)
  • Ubiquiti unify dream machine, pfsense switch
  • Open VPN, quWAN
  • Hide NAS IP via free VPN
  • Isolate smart devices VLAN (plugs,speakers etc)
  • Backup
Targeted attack

1. How to Check and/or Change Your Password

If you use the same password on multiple websites to log in, you risk that your password could be stolen from one of those websites and used to log in to any of your accounts on any other website.

It is humanly impossible to create a strong password that is unique to every account and Still Remember it. So use password generators and save those passwords. One day, when two-step authentication will be required on every system, then weak passwords will not be an issue anymore. And all passwords as you know them will seize to exist.

Protecting ADMIN account with a Very complicated password is the most important thing you have to do. Hackers will be able to access ANYTHING they want on your NAS. If they gained an access to a non-admin user the damage will be very limited.

You can use this random string generated every time you reload this page

Or with Google Chrome browser use an auto generator

QNAP default Admin password is NIC MAC address, maybe you can use a similar method with a strong password printed on sticker

To change a password, log into your QNAP and click on your user name on the top bar. Then select Options.

Click on the tab ‘Password Settings’

If you do not trust Google password wallet, you can store your passwords on an encrypted SSD like datashur. You will need to physically have this USB stick around and it can be accessed only with a pin code.

Something similar to a password is a SSH KEY. Instead of having an 8-character string, you can have an entire document filled with random characters. This is called ssh key. You can keep it on a fingerprint-based memory stick. Simple Lexar USB will do the trick.

You can enable SSH Key login option when you open User settings and click on SSH Keys tab.

 

2. How to Enable IP/Account autoblock

Hackers will usually deploy robots to use all possible combinations and stolen password lists to hack your account. If you enable autoblock this will stop the robot after a certain number of attempts. You can block an IP or the user account. You will find respective tabs when you open Control panel/ Security. IP Access Protection is for IP based blocks and Account Access Protection is for locking the account for everyone not just that IP. Some advanced robots will be using various IP addresses from the zombie computers they have gained access to before.

 

 

3. How to Enable two-step authentication

Two-step authentication means that you will use a code from another device that only you can have access to. This could be SMS code, email code or Authenticator App code. QNAP only allows Authenticator App that you can install on your Android or iPhone.

 

4. How to Disable Admin Account Access

Just like I mention above, ADMIN account has no limits on what it can do. You can create several Admin accounts. All hackers know that the default Admin account is named ‘Admin’, so all they need to do now is try all possible passwords. Simply disabling the main Admin account and creating another one with some unusual name would slow hackers down quite a lot. Slowing down does not mean stopping them. So make sure accessing this account is very difficult, even for you.

 

5. How to Create non-Admin users and tailor their Access

When accessing your NAS on daily bases you should use a non-Admin account that has limited functionality and access to the services and files.

6. Remove Apps you don’t use – How to Check and Change Them

When people get a new NAS they usually are so excited and install every possible app to try it out. But no one removes them nor updates them. More apps you install, more potential attacks you can expect. Each app has its own volnurabilities that gets fixed via regular updates. If you never use half of your apps, why take the risk of potential security holes in any of those apps? Disable or remove apps you don’t use.

7. How to Disable Services that you don’t use

This could include SSH/Telnet that us used for command line access to your NAS. And UPnP / CloudiD firewall hole punching for remote access.

  • Telnet
  • SSH
  • UPnP
  • QNAP CloudiD

You can find all services in QNAP Settings page

Go to app center/ myQNAPcloud to find UPnP and CloudiD settings

 

 

8. How to Close Unused Ports and/or Change ports

Disabling services you don’t use will also close relevant ports. If you do enable services such as SSH, make sure you set a different port. This will confuse and slow hackers down. By default, hackers will test if you have port 22 open before they decide to attack. If ports is changed to 2889, you are less likely to be attacked. The most important ports hackers will use are SSH/Telnet and Ports 80, 443, 8080 and 8443 (HTTP and HTTPS).

 

9. How to Enable auto-updates on your NAS

Every time there is a notification about new updates indicates that hackers have found a new hole in the software. Not always hackers can get into your system because of this software bug. But in certain circumstances, they can. The chances to attack increase dramatically when you have open ports on your router and have no firewall or any malicious traffic prevention tools enabled.

Sometimes NAS is configured in a specific way that an update might disable important features. It is OK not to update these NAS ASAP as long as the system is not exposed to the internet thanks to open ports.

You can enable automatic App updates when you open AppCenter/ Settings/ Update.

You can also enable automatic operating system updates when you open Control Panel/ Firmware Update/ Auto update

10. Make Sure You Install the Security Advisor and Councilor Application!!!

With so many apps and services, it is hard to know what is going on behind the scenes. Security Advisor will run system checks and will alert you if any apps have open ports or have changed configuration that is not safe. You can install it via AppCenter.

You can then choose the level of security you need. The basic level is often all you need for home use. Businesses might go for the Advanced level. Top-level will suggest disabling a lot of features that is not useful for home use.

11. Install Antivirus and Set a Scheduled Scan on Day 1

Security counsellor app will allow you to enable 4 crucial parts of your NAS security.

  • Security Checkup (will scan for configuration weaknesses)
  • Antivirus (scan files for viruses)
  • Malware Remover (Remove any malware found on the system)
  • QuFirewall (limit the access your NAS based on IP, GEO and other rules)

 

By enabling Antivirus, this actually do not do any scans. You need to manually set the scan schedule. Go to Control panel/ Antivirus/Scan Jobs to set it up.

 

12. How to Enable Firewall protection on Your NAS on Day 1

Having a firewall will automatically block anyone if they do not pass tests like location or IP address. Similar to WD NAS, you can choose to have access to the admin panel ONLY when you are physically present inside your business network. Any access attempts to the control panel over the internet will be blocked. You need to open QuFirewall app and select one of these

  • Basic protection (allow your country only to access)
  • Subnets Only (allow only your local network to access)
  • Restricted security (allow access to popular services only)

 

13. How to Set and/or Change User Access Rights

As suggested before, only use non-admin accounts for daily use. Admin account is only meant to be accessed for configuration changes. Make sure that users have no access to other user data. You can create separate shared folders that can be shared. If hackers will manage to gain access to this user account, they can only destroy this user’s data and not others. If the admin account is hacked then all users will lose the data.

You can create a separate shared folder with unique access rights under Control Panel/ Shared Folders. I would have separate shared folders and user names for Multimedia, surveillance and Backups.

You can also specify different volume for each shared folder. This could also protect your data. Last ransomware attacked only volume1. Those with multiple volumes were not as affected. Especially who use volume one for OS and apps only. You can also encrypt shared folder. If someone steals your NAS, they can not see any data in this folder.

 

14. Use VPN to connect to your NAS (Norton etc.)

Never connect to your NAS via free WiFi. If you have to, use VON on your phone or computer. This will create a private network between your laptop and VPN server. No one in this free WiFi network will be able to see what you are doing. What data you are sending or receiving.

https://us.norton.com/products/norton-secure-vpn

 

15. Install an SSL (HTTPS) Certificate for Encrypted Access

If you do not have VPN installed on your laptop and you are for some reason connected to free wifi or work wifi that you do not trust, always make sure you use HTTPS in the URL. This will encrypt any user names, passwords and any other data you fill in boxes on any website. Same applies to the URL when visiting NAS applications. If for some reason it has no HTTPS/ SSL/ TLS encryption enabled, you can install a new certificate in Control Panel/ Security/ SSL & private Key tab.

 

16. How to Separate and Isolate NAS Applications

If there is a security hole within an app like Video Station, hackers will damage as much data as possible using the username from this app. If an app is using Admin-level access rights, hackers can not only damage this app but also gain access to anything else on your NAS. With Synology, you will notice that for example, Plex app has its own username and shared folder created automatically. This user has no other access. The worst hackers can do is delete or enjoy your movie collection. On QNAP you will need to create a Video user manually. Then you go to settings and allow only this user within the app. No admin.

Control panel/ multimedia console/ video station permission settings is the place to configure this. Similar steps apply to other apps.

If you go to Control panel/ user groups and click the last icon (application privilege), you can choose which apps user can have access to.

17. How to Separate Volume for Storage and the OS Installation/Storage

If you have separate volumes, this might save you from lazy hackers. In the last ransomware attack, they only targeted volume1. This saved a lot of people’s data.

You can create volumes under Storage & Snapshots / Create

 

 

18. Hide NAS IP with VPN

You can install VPN on your router or NAS. This way, no one knows what your real IP address is. This can prevent targeted attacks. Nord VPN will change your IP every 5 minutes. This is the average time hackers will need to scan through every single port on your network. So if they find open ports or vulnerabilities, it is too late. You now have a different identity. Do this only with trusted VPN service providers. At the end of the day, when you connect to any VPN server/proxy, you do not know who else is connected to that VPN.

I would use a separate MR2200ac router connected to my main router. All unsafe devices like smart plugs, light bulbs and other similar devices would connect to this individual WiFi network. These smart devices if hacked would have no access to your NAS and other important devices with sensitive data.

 

If you have Synology  router with SMR 1.3 you can avoid setting this up on your NAS itself

To use your Synology Router as a VPN client, go to Network Center > Internet > Connection > Primary Interface > VPN settings to modify the settings.

 

 

19. Alternatively, How to Use Open VPN, TeamViewer, nConnect , quWAN

You can create a VPN server on your NAS. You can then connect to your NAS via a computer client using this encrypted tunnel.

https://www.QNAP.com/en/how-to/tutorial/article/how-to-set-up-and-use-qvpn

If you own QNAP smart switches and you want to link your office with your home, use quWAN. This will link these two networks together. This will give a feeling that you NAS and other network devices are actually in the same room.

Here is some more info https://www.QNAP.com/en-uk/software/quwan

Here is a video on how to set this up.

You can also achieve similar results with two MR2200AC routers (priced at around $100 each).

20. How to Isolate smart devices VLAN (plugs, speakers etc)

This allows you to create an invisible fence in your existing network. You can connect all devices using LAN ports on your switches/router. In the management portal you can select which LAN ports can or can not tlk to each other. So this way you can connect your NAS, computer and other important devices on VLAN1 and less trustworthy devices such as smart home system and speakers on VLAN2. Even though you ports on the router are closed, these smart devices are allowed to open doors from inside. Similar to your computer. You can only received data back after your computer have sent a request to some destination. This opens a private hole in your network for this transaction. Who knows how safe those cheap smart home devices are.

Here are some cheapest devices that support VLAN

NETGEAR GS305E and MR2200ac

21. Ubiquiti unify dream machine, pfsense, Synology switch with an intrusion system

As I mentioned in the paragraph above, your devices in your local network are opening and closing holes in your network every second. If your computer has a malware infection, it will be opening ports and sending your private data to hackers. You will notice your computer being slower than usual. I would recommend going to the system monitor and checking the resources consuming most of the CPU, running time etc. Then research what is service name is about. Also, go through installed apps and see if there is something you don’t recognise. And install Antivirus and scan the system when you notice unusual activity.

If you purchase DreamMachine router, pfsense or Synology router, you will get an intrusion system built in. This will scan all your internal network devices. What ports they are opening and where data is being sent. This traffic will be compared against databases that daily update IP lists from hackers etc. These routers will also block traffic from unknown devices that run a suspiciously high number of requests.

Here are a few DreamMachine, pfsense and Synology routers/switches.

22. Firewall (IP based)

 

 

23. Backup, Backup, BACKUP!!!! Set up a QNAP NAS 3-2-1 Backup Routine

The last and most overlooked thing to do is a backup. It is not IF, but WHEN your NAS will be attacked, stolen or broken. Runing automated backups nowadays is easy. You can even make an agreement with a friend that you back up each others NAS. One reserves some space on their NAS for you, and you do the same for them. Every night or hour your data will be encrypted and stored there. Only you can access it.

We covered pretty much ALL the ways you can backup your QNAP NAS in this video below:

Quick Setup – How to secure your Network?

  1. Secure your router
    1. Check open ports and close unnecessary ports
    2. Enable firewall
    3. disable ping response
    4. disable port forwarding [if there is no firewall and other measures in place]
    5. disable router remote management option
    6. Use WPA2 or newer WiFi mode and make sure the password is strong
    7. Guest WiFi (private)
    8. Use VPN
    9. Enable automated updates
    10. VLAN (smart devices)
    11. An intrusion detection system (Synology)
  2. Redesign your internal network
    1. Keep your network devices under different network segments
    2. Use switches with built-in firewalls and filters [Ubiquiti UniFi Dream Machine or unifi software]
    3. Add physical firewall [pfsense] https://shop.netgate.com/products/1100-pfsense

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,377 other subscribers

Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

QNAP TS-233 Plex Media Server NAS 4K & 1080p Tests – H.264 & HEVC

8 octobre 2022 à 18:00

How Well Does the QNAP TS-233 NAS Perform as a Plex Media Server?

Deciding on buying a NAS for use as your own private Plex Media Server is NOT an easy choice for many users. Although the building blocks of NAS servers are comparable to domestic PCs and Laptops, NAS systems are alot of focused/specific in their utility and for many, the price tag that many of these systems arrive with (despite having CPU+Memory combos that seem rather low-end) can be quite a barrier. Alot o NAS brands are aware of this and alongside more power/expensive systems, also have an area of their portfolio that includes a great many more affordable/value solutions for smaller scale buyers. QNAP is no exception to this and every couple of years will release a new generation affordable/value-series NAS solution that is designed to provide NAS to those of a more limited budget or task requirements. That is where the QNAP TS-233 comes in, a new ARM-powered NAS released in 2022 that promises to run the bulk of home user NAS applications without hurting your wallet too much. However, the modest specifications of these more affordable NAS drives tend to restrict Plex Media server use and many are concerned that the TS-233 NAS might not have the horsepower to get the job done. So, today I want to test the QNAP TS-233 NAS as a plex media server with 1080 and 4K media. But before we start, what is Plex? And How has it become so popular? The appeal of accessing all the movies, boxsets, music and home movies that you physically/digitally own in the style popularized by Netflix, Disney+ and Prime Video (flashy GUI, summary, all the box art, trailers, cast details, reviews and more) is undeniable. The rise in popularity of streaming platforms like Netflix has also been accompanied by rising monthly subscription costs and rising concerns about never truly owning the media that you want o watch. Even when you buy movies and TV boxsets in digital download forms from Amazon Video etc, you are still at the mercy of 1) needing somewhere to store it if you do choose to download it and 2) potentially losing access to it if the site/platform you purchased from has lost the license to host it (a common complain of the increasingly digital world of PC/Console gaming, as games are pulled from eStores). Hosting your media in a subscription-free form, whilst it still being presented in the universally accessible and premium GUI form of Plex is one of the most compelling reasons for many home/prosumer users deciding to make the jump towards buying their own plex media server. However, NAS drives have grown incredibly diverse in terms of hardware design and therefore one NAS might not play media in plex as well/efficiently as another – and the QNAP TS-233 NAS is no exception to this. Today I want to detail my tests of the TS-233 as a Plex Media Server and I hope this will help you decide whether a QNAP NAS deserves your Multimedia in 2022/2023.

What is the Hardware of the QNAP TS-233 NAS Drive?

The QNAP TS-233 NAS drive is quite similar in architecture to most PCs or Laptops (in that it features a CPU+Memory+Storage), but differs in that it’s components are designed to be more efficient (as they will be in operation 24×7) and have a larger degree of focus on storage-related applications (where as the hardware in a PC/Laptop is designed more for the applications you run with storage service concerns/provisions being far more rudimentary). The TS-233 is made up of a popular mid-range server CPU, DDR4 memory and supports Hard Drive and SSDs in SATA. although most of the specifications of QNAP NAS drives are unrelated to Plex, below I have picked up the hardware specifications of the TS-233 that are relevant to Plex:

  • CPU: Realtek ARM 64bit, Quad Core 1.4Ghz
  • Embedded Graphics: No
  • Memory (Quantity & Maximum): 2GB (Cannot be upgraded)
  • Number of Storage Bays: 2x SATA Bays
  • M.2 NVMe Caching Bays: No
  • Network Connectivity: 1x 1GbE

Next, let’s quickly touch on how we measure how good/bad the QNAP TS-233 NAS is for Plex Media Server.

Understanding the Plex Media Server Tests of the QNAP TS-233 NAS

Important Terms to Understand in Plex/NAS/Multimedia that will make the TS-233 NAS Plex Tests Easier to Understand.

  • SD, 160p, 240p, 480p, 720p, 1080p, 4K : This is the resolution that the media is being displayed at. The higher the resolution, the larger number of pixels that are available and depending on the original recording quality of the media in question. High resolutions, such as 1080p and 4K require more work to be done by the NAS hardware in order to playback the file. More often than not, a NAS with weak embedded graphics or no embedded graphics at all will be unable to play 4K very well or indeed at all. It is important to remember that just because a NAS brand like QNAP says that their latest NAS can natively play back 1080p or 4K media (natively = played using their own NAS software, software client tools and/or DLNA), that does not mean that the TS-233 will play to the same standard in Plex, as Plex is a 3rd party tool
  • Transcoding, Encoding, Decoding : These are all different techniques/names for when a file needs to be changed in order to be better suited to the connected client device connection, strength or hardware. If you are accessing all your media on the local area network (i.e only accessing your plex media at home), then transcoding will rarely be something you will use (unless your media is largely H.265/HEVC based, see earlier). However, perhaps you are accessing your plex library on the train to work or from a sun bed whilst on holiday. Perhaps you have a smaller data bandwidth/allowed MB/GB, maybe a weaker internet connection, perhaps you are using a smaller phone device and you might not need to watch your 4K 50GB Blu-ray rip of the latest Marvel Movie – in these situations, you might well want to access the media on your QNAP TS-233 Plex NAS at a lesser quality than the original version, so transcoding/re-encoding on the fly (as in, at the same time it is being played) is what you would want to do. Remember, transcoding is by far the most heavy-weight thing you will need to do on a NAS. It is also worth remembering that in order for Plex o be able to use the FULL resources of a NAS CPU (such as embedded graphics) that you will need to enable ‘Make My CPU Hurt’ in the Encoder Menu of the Plex NAS Settings menu – this also potentially requires a Plex Pass subscription, depending on the NAS in question

  • H.264, HEVC, H.265 :  These are compression techniques that are designed to allow large-scale media presentations that were made for a cinema to be viewable from your sofa (with H.265 being the more effective/powerful compression level). H.264 can largely be played by ALL devices, but many devices do not have permission or a license to play H.265/HEVC (they are the same thing). This is because, where H.264 is an easy license and comparatively free to use, H.265/HEVC licencing and patents are spread across multiple providers and allowing a device license to use this compression technique can be complex, expensive or simply impossible. Therefore HEVC/H.265 media will sometimes AUTOMATICALLY need to be converted/transcoded into H.264 etc in order to be played – therefore eating up more system resources. The TS-233, much like the rest of thte QNAP NAS range do not arrive with HEVC support by default
  • Bitrate : Bitrate is the amount of data encoded for a unit of time, and for streaming is usually referenced in megabits per second (Mbps) for video, and in kilobits per second (kbps) for audio. Higher quality and higher resolution media tends to be of a much higher bitrate

For more information on the most important terms to understand when discussing/researching a NAS as a Plex Media Server can be found in my video below:

Any further questions, you can use the free advice section at the bottom of the page and ask me and Eddie directly.

How was the QNAP TS-233 NAS Tested in Plex?

The setup for testing the TS-233 NAS for Plex was as follows:

  • The QNAP TS-233 NAS was accessed over a 1GbE network, however in order to test how the NAS would cope with transcoding/encoding, I would force the Plex Player client to transcode the file manually
  • The TS-233 NAS was used in the default CPU+Memory state that the base model arrives in (no upgraded memory or upgraded caching media)
  • Tests were performed one after the other with a short break between each test, so you might see the tail end of the previous test on a CPU graph, but I have pointed at the are of the % utilization that is important as per each test.

Regarding test results, CLEAR PASS means that the file successfully played and there were sufficient resources for the NAS to continue to do other things comfortably, PLAYED BUT HIGH CPU % means that the file played, but it utilized a significant amount of system resources in order to do so in a heavier use situation (i.e other NAS users connected) it might not play and FAIL AND-OR DID NOT PLAY means that the file either did not play or the time taken to play back the files was outpaced by the natural playback of the file – i.e. the file would stop-and-start constantly in order to try and catch up. If you want to watch the FULL video recording of all the Plex tests that I performed on the QNAP TS-233 NAS, you can watch the video below. Be warned, it is quite long! Alternatively, you can scroll past and see each of the test results, one-by-one, detailing which ones worked and which ones didn’t:

What % System Resources did the QNAP TS-233 NAS Use in Plex when Idle?

Running the Plex Media Server application, even when no multimedia is being played on the TS-233 is still going to require a % of system resources to be occupied, in order to ensure that PLEX can play media from the QNAP NAS as soon as it is requested remotely. Additionally, although Plex runs at its best with at least 2 Cores of CPU power and 2GB of Memory, many NAS also reserve areas of CPU/RAM for the system itself. So, therefore, knowing how much system resources are being consumed by the QNAP TS-233  NAS when Plex is idle is going to be useful to know how much system power is available when playback actually starts. Here is a screenshot of the TS-233 when Plex is running, but no media is being played/accessed:

Plex Test 1 – QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Original Playback File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 2 – QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Transcode to 480p 1.5Mbps

Here is how the QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Transcode to 480p 1.5Mbps File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 3 – QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Transcode to 160p 0.2Mbps

Here is how the QNAP TS-233 Plex NAS – Matrix 720p 0.7Mbps h.264 Transcode to 160p 0.2Mbps File Performed:

RESULT: PLAYED BUT HIGH CPU %

Extra Notes: None


 

Plex Test 4 – QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Original Playback File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 5 – QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Transcode to 480p 1.5Mbps

Here is how the QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Transcode to 480p 1.5Mbps File Performed:

RESULT: PLAYED BUT HIGH CPU %

Extra Notes: None


 

Plex Test 6 – QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Transcode to 160p 0.2Mbps

Here is how the QNAP TS-233 Plex NAS – LSOH 1080p 1.9Mbps h.264 Transcode to 160p 0.2Mbps File Performed:

RESULT: PLAYED BUT HIGH CPU %

Extra Notes: None


 

Plex Test 7 – QNAP TS-233 Plex NAS – Jellyfish 1080p 3Mbps H.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – Jellyfish 1080p 3Mbps H.264 Original Playback File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 8 – QNAP TS-233 Plex NAS – Jellyfish 1080p 10Mbps H.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – Jellyfish 1080p 10Mbps H.264 Original Playback File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 9 – QNAP TS-233 Plex NAS – Jellyfish 1080p 10Mbps H.265 – HEVC CONVERTED TO H.264

Here is how the QNAP TS-233 Plex NAS – Jellyfish 1080p 10Mbps H.265 – HEVC CONVERTED TO H.264 File Performed:

RESULT: PLAYED BUT HIGH CPU %

Extra Notes: None


 

Plex Test 10 – QNAP TS-233 Plex NAS – Jellyfish 1080p 30Mbps H.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – Jellyfish 1080p 30Mbps H.264 Original Playback File Performed:

RESULT: FAIL AND-OR DID NOT PLAY

Extra Notes: None


 

Plex Test 11 – QNAP TS-233 Plex NAS – Jellyfish 1080p 100Mbps H.264 Original Playback

Here is how the QNAP TS-233 Plex NAS – Jellyfish 1080p 100Mbps H.264 Original Playback File Performed:

RESULT: CLEAR PASS

Extra Notes: None


 

Plex Test 12 – QNAP TS-233 Plex NAS – Jellyfish 4K 120Mbps H.264 Original Playback – FAILED

Here is how the QNAP TS-233 Plex NAS – Jellyfish 4K 120Mbps H.264 Original Playback – FAILED File Performed:

RESULT: FAIL AND-OR DID NOT PLAY

Extra Notes: Realistically, I had zero expectations that the TS-233 would play a 4K file in plex. So this file not playing was not a huge surprise.


 

Is the QNAP TS-233 NAS Any Good outside of Plex and Where Can I buy It?

If you are interested in learning more about the QNAP TS-233 NAS Drive, I am pleased to confirm that the review here on NASCompares is already live and you can find out more about this device below.

Quick Verdict of the QNAP TS-233 NAS – What We Said in the TS-233 Review:

Overall – I would say that the QNAP TS-233 NAS Drive IS good value, although maybe not as good a value as we have seen in previous releases from the brand. On the plus side, this is by far the most modern CPU that we have seen from a NAS brand in the ‘value’ tier. After a few years of fatigue from everyone using the Realtek RTD1966, this newer and more powerful/capable Cortex A55 is a breath of fresh air and allows a larger range of QNAP services and simultaneous services to be used at once. Equally, QTS 5 seems to have taken a lot of the criticism that people have had towards QNAP in 2021, its ‘default heavy’ security, over-flexibility in its design that gave some users too much rope to hang themselves and presets – then tightened many of them up, changed how users are informed of issues, bolstered the default security tools and increased its recommendations on backup tiers. QTS still has a steeper learning curve than other NAS brands, but now thing seems a lot tighter on day 1 and changing some options that users might use carelessly has been a big part of that. The 2GB of DDR4 memory in the system is a welcome day 1 inclusion too, when many affordable systems from competitors have 512GB or 1GB (which in 2022 is rather mind-boggling), however, the lack of scalability in that memory to go higher, the default 1GbE and those USB 2.0 ports are a touch surprising from a brand that generally tends to push the envelope in the hardware department more than many others. Overall, a solid release, if a little tame and safe at times. If you are looking at entering the QNAP NAS ecosystem and are on a tight budget, the TS-233 is a solid release and excellent value.

Read the Rest of the Review HERE. Alternatively, you can find out the Pros and Cons below, as a few retailers that sell the QNAP TS-233 NAS. Thanks for reading and if you need any further help choosing the right NAS for your Plex Media Server, use the free advice section linked below. Have a great week.

SOFTWARE - 8/10
HARDWARE - 7/10
PERFORMANCE - 8/10
PRICE - 9/10
VALUE - 9/10


8.2
PROS
👍🏻Good value hardware and software at this pricepoint
👍🏻2GB of DDR4 Memory at the affordable tier is very welcome
👍🏻
👍🏻Runs the latest version of QTS 5
👍🏻
👍🏻First Value Tier NAS in the market to use the Cortex A55 Processor
👍🏻
👍🏻Quad-Core Processor is a nice bonus
👍🏻
👍🏻Inclusive AI-powered component built into the hardware
👍🏻
👍🏻USB 3.2 Gen 1 Port and Copy Button always good at the value tier
👍🏻
👍🏻Support for NAS-to-NAS/USB/Cloud backups and also supported Hybrid Storage and mounting
CONS
👎🏻1GbE in 2022 event at the value tier is underwhelming
👎🏻2x USB 2.0 Ports is equally underwhelming


Where to Buy a Product
VISIT RETAILER ➤ 
VISIT RETAILER ➤

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,283 other subscribers

Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

Which Backup Method is Best? NAS vs Cloud vs Tape vs USB

23 septembre 2022 à 18:00

What is the Best Way to Backup Your Data Every Day?

I know it is not going to be shocking news when I say that Data is really, really important. That should not come as a staggering fact. If you found this article thanks to a rather perceptive google search, then clearly you think data is very important too. It is all too easy to rely on your data living on multiple machines in your office or home. Centralized backup is a very unappealing idea. For a start, it is expensive. You will spend hundreds, if not thousands of pounds on storage, then you find out that you need to have it in ANOTHER location too (as otherwise, it isn’t truly a backup) and then worse still it isn’t even being spent on making more space, but actually to duplicate your old data and not be used. You are spending all this money on what can be described as a remarkably large insurance policy. Worse still if you have all the machines in your home or office backing up to a device in that same location, almost all data safety and storage experts will scream to high heaven that this is still not enough. Sadly this is true, because not only do you put yourself at risk of complete critical loss in the event of fire or flooding, but also in the case of theft you end up having all your eggs in one basket and making the thieves lives much easier. So ultimate you have to stop thinking about this only in terms of how much this storage is going to cost. If you think like that, you will never move past stage one. No, you have to think about how much will this data cost you to LOSE. Your personal media (family, events, memories), your client’s data or perhaps your surveillance data. Take a moment and think how much it would cost your business right now if you lost your data – hundreds? Thousands? Close the business? The ideal backup solution should always be based on the cost of loss, not gain! Although a little trite, it is still a reliable rule of thumb to have a 3-2-1 backup solution operation that looks like this:

  1. Primary Data (Where data is initially created/collected, the PCs, the Macs, the Phones, etc)
  2. On-site Backup solution (where multiple devices are backup’ed up to internally, also more commonly referred to as the bare-metal backup)
  3. Off-site/different location Backup (where the copy of the on-site backup lives that is separate network and/or physical location. This can range from another NAS, to a cloud provider and even a USB drive)

Stages 2 and 3 should be encrypted in case they are stolen/entered, as well as feature login credentials and an admin system in the event of them being occupied/accessed illegally. Today I want to focus on the 2nd and 3rd stages of your backup routine and help you decide the best ways to spend your budget on the most effective safety net and recovery system for your needs.

Backup and Redundancy – DO NOT GET THEM MIXED UP!

Way, WAY too many NAS (network-attached storage) or DAS (direct-attached storage) owners think their data actually have a backup layer in place when they refer to their RAID configuration, their versioning or their snapshots. These are NOT backup methods and are actually designed primarily as a means of recovering your data in the event of an HDD/SSD dying, an accidentally deleted file or rolling a file back to a previous revision. Think of RAID/Snapshots/Versioning as ‘safety nets’, The only work from INSIDE the infrastructure NOT outside of it. If the NAS server or RAID enabled DAS box does, then there is a very high chance that your data cannot be recovered via these methods (not impossible, just touch and certainly not foolproof). Below is a video that breaks down a number of different Backup and Redundancy methods inside a single NAS system:

How Expensive is a 2-Stage Backup and Do I need it?

The cost of a 2-stage backup (i.e having 2 backups of your data) operation can be measured by the amount of data you/your company produces on a daily basis. Additionally, depending on your commitment to holding onto your data (so, for business, you might have a 6 year or 12-month retention policy) there are ways to make economies in between the stages. However, whether you are a home user of a business user, there are few instances where a double-layered backup is not ideal. Let’s look at this from a business and home user point of view:

Why Business and Enterprise users need an Extensive Data Backup Plan

Example. Your company has 10 employees. Each has their own workstation and they contact clients on a daily basis to drum up new sales, fulfil existing quotes and maintain a customer relationship manager (CRM). You have both #1 AND #2 stage backups (so local PCs and A NAS in-house maybe) covered. Plus you have business insurance in case of a fire or flood. One morning you arrive to find your office has been flooded/burnt/burgled/struck by lightning and everything is fried. At first, you think, lucky we have insurance. They will pay up for whole new office equipment, PCs and your server. However, what about all that customer data? Not only can the insurance company not replace it but they will not pay its consequential value (with VERY few insurance policies covering data recovery services). So now you have to start from square 1. Plus now you also have a bundle of rather angry customers from the previous days and weeks whose requirements go unfulfilled. This coupled with starting your business network from scratch, employees salaries continuing as normal and several IT guys (or 1 guy working for days) setting everything up from scratch again (this WILL be the case from fire, flood or theft) could easily KILL a company. Now, in that context, isn’t a few thousand put towards an off-site #3 Backup so bad? Thought not.

Why Home and Private users need an Extensive Data Backup Plan Too

Ok, so a home user has a smaller ecosystem to maintain and now the mission-critical data and the life or death nature of your information is less so. Or is it? Example #2. What about all those important house documents you’ve scanned? Those TV shows and movies you bought on a one time download? What about your wedding picture or those of your children growing up? Those videos of your friends and relatives that are no longer with us? Not to be bleak, but it is often the case that although much of a person’s data is not of huge financial value, it is still utterly and completely irreplaceable in the literal sense.

Likewise, if your many devices (phones, computers, hard drives) get corrupted, hacked with malware/ransomware or simply broken, don’t you want the peace of mind of knowing that there is always a backup of EVERYTHING? If you are copying the data of all your devices to a large hard drive enclosure in your home, this is NOT a perfect backup. It just protects you from the loss of one or more of your mobile/individual devices. Additionally, the minute you start deleting files on your phone/laptop to ‘make some space because it is already backed up on the NAS‘, your NAS is not a backup, it is the single repository for that data!  So, as you can see, the need for a reliable true backup is paramount regardless of whether you are a home user or business user. However accepting that you need a backup is not enough, you need to know what to consider when choosing the right backup. Home users and their data volume/frequency can always consider USB backups of course, which can be good but only upto the time that the last backup took place AND on the assumption that the USB drive is stored offsite periodically.

What are the factors I need to take into account when considering my Backup Solution?

Choosing the best full backup for your data can be a little difficult. With so many variables ranging from cost to size to speed and more, it can be easy to go around in circles and still end up choosing nothing. In almost all cases, the deciding factor is cost. However, this is closely followed by speed. Having a backup is all well and good, but if it takes too long to finish, it can often be slower than the speed at which you create data and create a bottleneck. Likewise, if you choose an unsuitable connection of choice between your primary backup storage and/or off-site 2nd backup storage, then they may communicate inefficiently. Below are the main overheads to consider when choosing your backup.

Distance & Speed – How far is the 2nd backup going to be from the primary backup and/or primary data source? Unless you are considering fibre cabling between different physical sites, you are going to be limited by your upload/download speed and if your network is busy with multiple users, then you will need to provision priority of service to these backup connections, or else risk it affecting day to day operation (particularly VoIP connections – a growing necessity in 2022 with shifting patterns in the way we are working during/ost pandemic). The local connections between your client devices in-house and the primary backup may well only be using an internet network/LAN to communicate, but that can still become oversaturated. So be sure to provision switches where appropriate too (we will touch on 10GbE later)

Power (Watts etc) – The power of the hardware inside the primary (bare-metal) data storage device, secondary backup target and (depending on your setup) even the power of your client hardware in house is also an important factor to take into consideration when scaling and provisioning an appropriate backup strategy. Critical power failure (i.e a power cut) in one or more of these locations can not only result in some data not being backed up, but more importantly can compromise the backups themselves, with some systems suffering critical hardware failure and SSD/HDD damage in the process. It is HIGHLY recommended for users who are considering a private server for their data have it connected to the mains power via a USB device, in order to allow the system to still operate in the event of power failure AND shut itself down safely.

Physical Media – The server of choice for your primary backup is only half of the battle. The media that you are storing the data too can make a huge impact too. Many have their own maximum speed or capacity, so even with a super-fast enclosure and/or connection, you will be bottlenecked by the drives themselves. All media types e.g. HDD, SSD or Tape have their own maximum performance and some are lower than the connection maximum and some are faster and therefore end up creating a limited speed inadvertently. This can be negated in a number of ways. These range from the use of RAID (redundant array of independent disks) that combines media into single storage pools that benefit from redundancy (i.e a safety net if one drive dies) and/or increases in performance. Additionally, you can look at SSD caching, a service that is particularly popular in private NAS servers released after around 2018 and continues to be included in most systems. SSD caching allows the system to have one of more SSDs installed and then utilize the increased performance they offer to benefit write actions (i.e you write data onto the SSDs first and then the NAS moves it over to the slower HDDs afterwards) and/or read actions (where the most frequently accessed files are cloned onto the SSDs and it speeds up their access to client devices) though this is less useful for backups, it is still a useful option.

The Media connection internally – As mentioned, the SATA port on most commercial HDD/SSD has a maximum of 6 gigabits (Gbs) in SATA III – SAS at 12 Gigabits. All of these are internal and are maximum bandwidths available to each media drive installed in each bay. However, realistically, most typical Hard Drives max out at 272MB/s at the very top end (and even then, this is using enterprise-grade HDDs) and most conventional 2.5″ SSDs (with the exception of U.2 and U.3) max out at about 550MB/s). So you are going to need several of these drives inside your primary backup system in a decent RAID configuration to facilitate performance AND redundancy (like a RAID 5 or RAID 5). For your external/2nd backup target, a lot of enterprise users take advance of cold storage such as tape drive media. Designed to be used for data that needs to be held for insurance/archive for years and years, the current highest generation of tape architecture is is LTO-9 = 400MB/s in uncompressed/RAW form and 1000MB/s in compressed, with storage capacities per tape hitting 45 Terabytes! However, a full backup would take (at best, so with everything at full!) over 12 hours to transfer. Additionally, tape backup is fantastically expensive and therefore largely enterprise only as an option.

The external connection – Lastly and possibly the most overlooked part, is the communication between your primary client devices to send data, the primary backup data and the secondary backup. Not just the speed, but the resilience and future-proofing. You need to consider what connection you are going to use today, tomorrow and years from now. The last thing you want is to saddle yourself with a connection now and later when you upgrade your primary hardware on individual clients or locations, end up with a device you cannot access or use with an unchangeable bottleneck. Then your data just becomes a chore to access at best and potentially days or weeks or time to restore. Popular connections and their speed between host and client devices are:

Network Backups (backups that share a LAN or vLANs in a greater network)

  • 1GBe LAN/Ethernet = 1Gbit/s, or 100-109MB/s
  • 2.5GbE LAN/Ethernet = 2.5Gbit/s, or 250-270MB/s
  • 5GbE LAN/Ethernet = 5Gbit/s, or 500-545MB/s
  • 10GbE LAN/Ethernet = 10Gbit/s, or 1000-1024MB/s

USB and local Backups directly connected and stored offsite

  • USB 3.0 (3.2 Gen 1) = 5 Gbit/s
  • USB 3.2 Gen 2= 10 Gbit/s
  • USB 3.2×2 = 20 Gbit/s
  • Thunderbolt 3 & Thunderbolt 4 = 40 Gbit/s

Fast Local Backups or Direct Connections over large distances

  • Fibrechannel / FC – 1, 2, 4, 8, 16, 32, and 128 gigabit per second rates depending to start
  • Tape Based backups, such as LTO 7,8,9 – 300/360/400MB/s uncompressed and 750/900/1000MB/s compressed
  • Cloud storage – dependant on connection. Additionally, factors such as upload and download speeds, fair usage policies and more affect the performance. If you are fortunate to have a 1 Gigabit internet connection, that means around 100MB/s for download speeds and a fraction of that for upload speeds

So, as you can see, there are many choices out there for a means of sending backup between the 1st, 2nd and 3rd parts of your backup environment.

What is the Difference in Speed and Cost between different Backup Solutions?

And so to the meat of the subject. Different solutions cost money and in the interests of SPEED, below i have detailed numerous solutions that will provide a backup solution of upto 10TB of storage. All Costs and speeds are based on a solution that is an acceptable distance away for maximum efficiency. Perfect speed results were provided with http://www.calctool.org/ , however, it is worth noting that these are ‘perfect situation’ based and it would be tough to see this maximum threshold. you will comfortably see around 10-20% below this, but that is fine. Finally, it is always worth remembering that the speeds mentioned below are based on an initial 10 Terabyte backup. After that, there is the likely possibility that future backups will be much more granular (this can also be referred to as differential backups, where only the changed files are backed up each time afterwards). But some users may wish to take advantage of time managed backups, where a full backup per day is kept, for X number of days (when eventually the newest backup will overwrite the oldest on rotation).

ALSO IMPORTANT – In all examples where a 4TB SSD (which average around £350-400 over SATA) is mentioned, you can use a 4TB HDDs at around £75-100 (brand depending) to save a considerable sum – but you will effective quadruple or more the time the initial backups will take. Likewise, future incremental backups will be significantly reduced also.  In examples where the SSD would have been substantially bottlenecked by a connection, I have used HDD as you will not need to spend the extra.

The Best Value 1/2.5GbE based Backup Solution for 10TB of data

For a solid LAN based backup (with optional internet access as needed for off-site work) I would recommend the Synology DS220+ 2 Bay Pentium NAS at around £250. Alongside this, you will need a smart Switch (to take advantage of LAG and 2GbE, 2x 10TB HDD at £230 each as you will not see any speed difference on a network connection with SSD (RAID 1). This will cost around just under £800. Alternatively, there have been other improvements in the base level ethernet connectivity in 2-4 Bay NAS solutions in the last few years, with 2.5GbE or even 5GbE available on the likes of the QNAP TS-x53D, TS-x73A or Asustor Lockerstor 2/4 series. These solutions arrive at only a fraction more and although they can possibly add another £100-200 to the price tag, this can be offset by time saved in the backup operations AND by purchasing a 4-Bay NAS over a 2-Bay and leveraging the price vs the redundancy vs the capacity (eg instead of 2x 10TB in RAID 1, purchasing 4x 3TB and getting better performance and an extra 2TB in RAID 5).

What do CalcTool.org have to say about 1GBe

CalcTool.org

Over 1 Gigabit per second, in a perfect scenario – just over 20 hours. Realistically closer to 25 or 30 hours. SO the first few backups should be conducted over the weekend but all future ‘difference only’ backups should be fin at 12-hour intervals without harming the bandwidth too much, Likewise, you can scale this down as you utilize link aggregation (also known as port trunking, when ports are combined) and/or 2.5GbE/5GbE to reduce this figure down to 8 hours or just 4 hours respectively.

The Best Value 10GBe Network-Based Solution for 10TB of Data

In order to create the perfect cost-effective yet powerful 10GBe Network-based backup solution (so 10x faster than normal LAN) I would recommend the QNAP TS-431X3 with 10GBe  (at around £450) with SFP+ Connection and  SFP+ Cables with transceivers attached (Cable price dependant on length and transceivers). Additionally, you will need a 10GBe switch (at least £150 realistically), and for MAXIMUM speed 4x 4TB Seagate Ironwolf 125 SSD (at £450 per drive) in a RAID 5 which slows things a pinch but gives you the safety of 1 drive worth of redundancy. Of course, you can downgrade to Seagate Ironwolf 4TB Hard drives (at £85 per drive) and save over £1500, but you will see a noticeable dip in performance of around 200-400MB/s (NAS dependant). So the choice is yours. Lastly, you will need a 10GBe interface on the machine(s) you are backing up from in order to maintain the 10GBe throughput (or alternatively just have the NAS on a 10GbE connection and the clients all on 1GbE with bandwidth being shared as appropriate). In total this will cost around £2400+ for the SSD based solution and just £900-1000 for the HDD solution. None of this is set in stone, of course, you can scale things in a number of ways, using bigger NAS solutions (i.e. more bays) or using multiple 10GbE connections in LAG/Trunked connections.

What do CalcTool.org have to say about 10GBe

CalcTool.org

The performance will largely be dictated by the distance of the backups, choice of HDD or SSD and types of files. However, over 10 Gigabit per second, in a perfect scenario – just over 2 hours. However this is a little optimistic and in practice, it will realistically weigh in closer to 3+ hours, as the complexity of the files (thousand so smaller emails and documents or fewer BIG media files, everyone is different). This of course is for the first few backups of a FULL 10 Terabytes of data. Later with incremental and ‘difference only’ backups, you will see times slashed heavily for the better.

The Cost of Thunderbolt 1, 2 or 3 Backup Solutions for 10TB of data

Fast becoming a connection of choice for photo and video editors in both the Mac and Windows community, Thunderbolt is the no-fuss connection that promises speed, without the technical nonsense. Much like before you can choose to go with SSD drives for supreme speed (at a hefty price tag) or HDD if you want to make economies. Below are the options best suited for a Thunderbolt 1 (although still legacy, still is in use), Thunderbolt 2 and Thunderbolt 3 Backups:

  • TB 1 DAS, 4-Bay, Cable, 4x 4TB SSD, RAID 5 enabled = £3000+ —- 2Hours + Backup time with SSD population / 3.5+ Hour for HDD Population
  • TB 2 DAS, 4-Bay, Cable, 4x 4TB SSD, RAID 5 enabled = £3500+ —-  1 Hour + Backup time with SSD population / 2-3+ Hour for HDD Population
  • TB 3 DAS, 4-Bay, Cable, 4x 4TB SSD, RAID 5 enabled = £4500+ —- 30-45min + Backup time with SSD population / 1.5 Hour for HDD Population

What do CalcTool.org have to say about Thunderbolt 1, 2 and 3

CalcTool.orgThunderbolt does not lose speed over distance, however, most conventional cables you can buy max out around 5 metres and the ones included with the above enclosures arrive at 1-1.8m. In a real-world scenario you can realistically double this length of time listed above in the initial backups. However, it will MASSIVELY improve with subsequent backups. With the exception of a few, most Thunderbolt backups arrive with only Thunderbolt ports, so in order to maintain the speed levels of this backup, you need to either ensure that it is connected to your centralised depositary via Thunderbolt, or if it’s backing up multiple devices, that they are using a good networking device, as Thunderbolt Direct attached storage only allows a single connected device at any one time.

The Price, Speed & Suitability LTO-7, LTO-8 and LTO-9 Tape Backup 10TB Solutions

In the case of LTO / tapes, this kind of storage for 10TB can be incredibly inefficient for an extra layer of storage. You can purchase much smaller 1 and 2 tape frames/storage devices, but for what you are paying and the overall accessibility for all machines involved, it isn’t great. If you were regularly backing up 5x or 10x this amount of storage, it would be a different story. Internal operations can be upto 1000MB/s with compressed data and 400MB for raw uncompressed data. SO unless you are synchronizing between two LTO tape loading machines, you will almost certainly use uncompressed. However these are internal operations and as we are discussing backing up from existing systems to a storage device, we have to focus on the external connection. Most likely 10GBe network or 12GB/s SAS will be the means of backing up to your tape device. But Cost is hard to pin – easily £2000-3000 and upwards, over at least two tapes (capacity differed at each LTO generation) etc. Most likely around over  1-3 hours transfer time, but hugely impractical at this scale and most likely much higher in practice. Definite a good option for those at the enterprise tier, but anything less will be squandering their budgets significant with a weak ROI.

The Best Value USB 3.2 Gen 2 Backup Solution for 10TB of data

The latest available version of USB, also known as USB 3.1 Gen 2, is easily the cheapest way to store a 10TB backup at a very respectable 10 Gb/s (comparable to Thunderbolt 1) speed. You will need to ensure that the connected device(s) that you are backing up too/from use the newer USB 3.1 Gen 2 port to ensure you do not get bottlenecked at 5 Gb/s, but this Highpoint 6124V RAID 5 enabled USB 2 Gen 2 DAS enclosure arrives at £350+ and if populated with either 4x 4TB SSD or 4x HDD (same price difference as before), RAID 5 enabled = £2100+ for an SSD Based solution and just £700+ for a HDD based version

What do CalcTool.org have to say about USB 3.1 Gen 2?

CalcTool.orgWith the best drives available you will have this 10TB localized backup over USB 3.1 Gen 2 finished in just over 2 hours. However taking system overheads into consideration, as well as the RAID 5 into account (something you could counter with a RAID 10 and 4x 6TB HDD perhaps) you are looking at between 2.5 and 3.5 hours completion. Additionally, a number of NAS Drive vendors have started implementing USB 3.2 Gen 2 in their systems, which means that a 10Gb/s USB DAS solution can be used as a means of creating a secondary backup by connecting it with your primary backup and running one of the many free backup/sync tools that NAS systems include with your purchase. Just remember that in order for this to be a truly safe 2nd tier backup, it cannot constantly reside in the same location as the primary backup.

Is Cloud Suitable as a 10TB Backup solution?

You may wonder why I have not suggested the cloud as a regular backup yet. It is certainly appealing. No parts are needed, just a healthy internet connection. You already have all the hardware you will need to establish this kind of synchronised backup – this should be by far the cheapest and easiest backup, right? Well yes and no. It IS cheap – in the short-term. Even if you take into account that your Business internet connection costs, from as little as £10 to £50 a month, reaching much higher once you consider fiber channelling, it is still pretty attractive. However you have to consider the time this backup will take and how it will affect the bandwidth throughout your business – otherwise, you will need to be conducted them overnight due to limit consumption. Some brands, such as Synology with their C2 platform, have rolled in an additional cloud service alongside their bare-metal solution. This is intended to be used as an alternative means of accessing an existing storage area that is synchronized with your NAS/local solution remotely (as well as benefiting from significantly easier remote access to data). NAS+Cloud can serve as a great 2-3/double backup option, as well as ensuring that your backups are in very different physical locations. Lastly, with intelligent caching and background synchronization between the NAS-THE CLOUD-CLIENT HARDWARE happening, a lot of the actual backing up can be hugely incremental and lessen the impact on the end-user, whether they are local to the NAS or remotely communicating with the C2 cloud (or 3rd party clouds such as Google Drive and Dropbox that are synced with the NAS). But what about the cloud on its own, not used in tandem with a NAS/Private server?

The first thing to factor in is the data being sent TO the cloud. Remember we are talking about Uploads, not downloads (downloads and a backup should only be considered during recovery, not day to day operations). Most internet services advertise incredible download speeds, but backups are almost exclusively upload based and upload speeds are normally a 10th or less than advertised download speeds. lastly, we can talk about costs. As although the initial costs are much less, let’s go for £50 a month for a dedicated high upload speed connection privately (closer to £500 for a business line) for your off-site backup. That is £600 a year. In 5 years, that is £3,000 (a cost that is the same or higher than most of the solutions discussed previously). The real kicker is that after those 5 years, you either have to continue paying to maintain this backup OR buy a suitable local storage drive to download it too – something you could have had ALREADY by going for the other solutions and thereby saving you thousands of pounds more.

I took the trouble of using the awesome tool at http://www.thecloudcalculator.com/ and if you have a 30Mbps upload speed (fairly respectable and the entry point outside of central city hubs). backing up 10TB initially would take  33 Days, 22 Hours, and 27 Minutes, 11 Seconds

That is horrendously long and you cannot just assume this is a one-off and negotiable with incremental backups and difference-only changes. You need a reliable and adaptive backup solution – not one that will do the job as long as you work within its limits. If you want to entertain the idea of a cloud-based backup of 10TB on a regular basis, we have to look into fiber and at least 2Gbps (so 2000 Megabits) to get to 12 hours for an overnight full backup (non-incremental). This is going to cost a small fortune and unless you intend to take advantage of this speed during the day-time, is a huge outlay for something that is not hugely accessible or reliable.

So, those are your options. Remember you are not limited to just ONE option and each of these solutions can be used in combinations, depending on your budget, physical environment, internet speeds or volume of client devices. In summary:

NAS BACKUPS USB DAS BACKUPS THUNDERBOLT BACKUPS TAPE BACKUPS CLOUD BACKUPS
Price (more ★ = Higher Price) ★★★★★ ★★★★ ★★★★ ★★★★★ ★★★★★
Value (more ★ = more for your money) ★★★★★ ★★★★ ★★★★★ ★★★★ ★★★★
Scalability (more ★ = can grow more) ★★★★★ ★★★★★ ★★★★★ ★★★★★
Complexity (more ★ = more complex) ★★★★★ ★★★★
Speed (more ★ = faster) ★★★★★ ★★★★ ★★★★ ★★★★
User/Usage Type Home & Business Home and Local Home and Local Enterprise Remote
What to Buy

Thanks for reading! Need any more help? Why not take advantage of the free advice section below. It is genuinely free, supported by voluntary donations and ad revenue. Nothing is done with your email address and all questions are answered by two humans – Me (Robbie) and Eddie the Web Guy!

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,273 other subscribers

Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

QNAP NAS Attacked By Deadbolt AGAIN – What Happened?

6 septembre 2022 à 23:00

New Reports of Deadbolt Ransomware Attacks on QNAP NAS via Photo Station

It would appear that the Deadbolt ransomware attack that has been a persistent pain for QNAP (and other NAS brands) in 2022 continues to remain current, with new reports emerging of further attacks of NAS systems in September 2022. The vulnerability that has been reported to be being exploited is in the QNAP Photo Station application and although a day one patch for the application for all current use QTS software systems has been issued, it has still resulted in users being hit in this new wave of attacked by the deadbolt ransomware group. Although the scale of this latest attack does not match that of previous attacks by the group, it is worth highlighting that the encryption of how this ransomware deploys and presentation to the user upon execution have changed a little, so even if you are not affected, it might still be worth getting clued up on this. In this article, I will cover everything that is known so far about this Photo Station vulnerability that was exploited, why deadbolt is still a thing, how it attacks, what you can do to avoid it and what can you do if you have been hit.

How Does Deadbolt Attack QNAP NAS?

Deadbolt Ransomware’s methodology in attacking your system has not changed much at all since its first attacks. We will touch on in a bit about why deadbolt is still around and the nature of software updates vs vulnerabilities, but for now we can discuss this specific instance. A vulnerability was found in Photo Station for QNAP NAS QTS/QuTS this week and this vulnerability created a small hole in the access control of the NAS that could be used to exploit as an attack vector for ransomware to be executed. It would still require your NAS to be setup in a weak remote access state (i.e. you allowed internet access to your system without sufficient layers of encryption, protection and/or authentication, such as a VPN, Firewall or disabling UPnP – will touch on these later) in order to reach ‘photo station’, but if it could, it could then execute the command to the QNAP NAS to encrypt it’s contents, create a ransom text not and modify the login screen to show the deadbolt warning. This one:

QNAP highlighted this vulnerability on their security advisor page, here under ID QSA-22-24 and state that they detected a new DeadBolt ransomware campaign on the morning of September 3rd, 2022 (GMT+8). The campaign appears to target QNAP NAS devices running Photo Station with internet exposure. This is not via the myQNAPCloud services, but rather users allowing remote access with open router ports, but no VPN or restrictive access rules in place. QNAP issued the following statement:

QNAP Product Security Incident Response Team (QNAP PSIRT) had made the assessment and released the patched Photo Station app for the current version within 12 hours. QNAP urges all QNAP NAS users to update Photo Station to the latest available version. QuMagie is a simple and powerful alternative to Photo Station. We recommend using QuMagie to efficiently manage photo storage in your QNAP NAS. We strongly urge that their QNAP NAS should not be directly connected to the Internet. This is to enhance the security of your QNAP NAS. We recommend users to make use of the myQNAPcloud Link feature provided by QNAP, or enable the VPN service. This can effectively harden the NAS and decrease the chance of being attacked.

Additionally, this warning that is displayed to the end user also has an additional note directed towards QNAP themselves that highlights that they are willing to share the nature of the exploited vulnerability for 5BTC. See here:

Now, as nefarious and immoral as you might find the Deadbolt ransomware attackers and what is being done here, we also have to put the spotlight on QNAP. In their defence (I will go into more detail on this later on in the article), they are a software developer that provides a range of tools and services to maintain many backups of your data, hugely configurable security options/variables to their system, a remote access cloud portal that acts at a checkpoint in myQNAPCloud, they provide regular updates to their software/service applications with automated update options and they provide a public security advisory panel and can only remain a single step ahead of vulnerabilities. HOWEVER, when vulnerabilities are found in their platform and services (even if patched out – which relies on users remaining updated), it continues to bring into question the strength, depth and attention to detail of their security teams during development. It is true that QNAP is not the only brand that has been successfully targetted by deadbolt (see Asustor HERE and Terramaster HERE) as well as not being the only brand targetted by malware (see Synology Synolocker HERE) , but QNAP still seems to persistently be the one that gets hit most. Ultimately, ARE QNAP NAS SAFE? We discussed this over on the YouTube channel back on Febuary 2022

PSA – GET YOUR BACKUPS IN ORDER!

Before you even go one paragraph further, I have a simple question for you – do you have a backup in place? If yes, then carry on to the next part. If not, and I cannot stress this enough, GET ONE NOW. The time you are spending reading this you could be susceptible to data loss in about 10 different ways without even factoring in ransomware (Power failure leading to hard drive corruption, Malware from a slightly iffy google search this morning, cloud storage provider going bust, OS failure on your device, etc). In this day and age owning a sufficient data backup is as sensible as buying a raincoat or looking both ways when you cross the street – you don’t do it because you like rain or like looking at cars, you do it because they are peace of mind, they are a safety net, they are for caution in case of the worst. It is a bit tenuous, but owning one or multiple backups always make me think of this quote from Shawshank Redemption by Stephen King:

shawshank redemption book

“There are really only two types of men in the world when it comes to bad trouble,” Andy said, cupping a match between his hands and lighting a cigarette. “Suppose there was a house full of rare paintings and sculptures and fine old antiques, Red? And suppose the guy who owned the house heard that there was a monster of a hurricane headed right at it. One of those two kinds of men just hopes for the best. The hurricane will change course, he says to himself. No right-thinking hurricane would ever dare wipe out all these Rembrandts, my two Degas horses, my Jackson Pollocks and my Paul Klees. Furthermore, God wouldn’t allow it. And if worst comes to worst, they’re insured. That’s one sort of man. The other sort just assumes that hurricane is going to tear right through the middle of his house. If the weather bureau says the hurricane just changed course, this guy assumes it’ll change back in order to put his house on ground zero again. This second type of guy knows there’s no harm in hoping for the best as long as you’re prepared for the worst.” 

Get a Backup in place

Why Is Deadbolt Ransomware STILL HAPPENING?

First and foremost, it is INCREDIBLY IMPORTANT that users understand the risks of allowing remote access to their NAS system (not just QNAP, but ANY NAS Drive) without specific port discipline, a VPN, a Firewall and/or custom admin credential/enabling. In the case of this recent resurgence of the ransomware attack that was executed by the Deadbolt group, it is important to note that it is made possible by two KEY VARIABLES! Weaknesses and Opportunity.

Now, with weakness, this stems from a vulnerability is found in a software/application – not uncommon and ALL software can only be one step ahead of those looking to break it. to give it a little context. In 2022 there have been 671 vulnerabilities found in Microsoft software services, 22 in Synology NAS software services and Apple iOS has had 79. This is not to besmirch their software/platforms, but ultimately the minute a software maker releases a new version/update (often to plug vulnerabilities that were found), the nefarious will then get to work on finding vulnerabilities in which to exploit for financial gain. That is why software updates are so incredibly important! However, a weakness is no good without access and/or an opportunity.

An Opportunity (in the context of ransomware and malware attacks) can largely be defined as an open door (no matter how small) that can be used to inject a command to the NAS as an administrator (eg. encrypt everything). THIS is where one of the biggest misconceptions (and indeed finger-pointing) happens when an incident of ransomware, malware or data loss occurs. A vulnerability in a software platform (especially when the bulk of software in common use today is built on Linux universally) is only any use when it can be executed. So, in the case of a NAS vulnerability, such as the Photo Station vulnerability that has been identified, it can only be exploited if the NAS user has allowed external access to their NAS via the internet. This access may well be behind user login credentials, but lacked the barrier of a VPN, a Firewall setup with amply restrictions, trusted access credentials/identity, limited/zero admin control, 2-step verification, specific port access to a GUI and many other restrictions/limitations/authentications that can be enabled. Not all these hurdles and/or barriers are as effective as others (with some vulnerabilities being built on backend access), but all/most of these should be considered when allowing any form of external access to your NAS outside of your local network. Equally, you NEED to become more acquainted with your router! Get into your router and reactive UPnP settings, as this eliminates the possibility of applications on your NAS inadvertently opening ports remotely without your direct knowledge.

  • Disable the Port Forwarding function of the router: Go to the management interface of your router, check the Virtual Server, NAT, or Port Forwarding settings, and disable the port forwarding setting of NAS management service port (port 8080 and 433 by default).
  • Disable the UPnP function of the QNAP NAS: Go to myQNAPcloud on the QTS menu, click the “Auto Router Configuration,” and unselect “Enable UPnP Port forwarding.”

Do keep in mind though that you might well be using external UPnP services on your router for other things in your home or office environment.

What is UPnP Port Forwarding?

Universal Plug and Play (UPnP) is a way of quickly forwarding the ports in use to other devices on a network automatically with one setting change and no additional configuration needed. UPnP Port Forwarding is widely used by many network devices, allowing them to communicate with each other more efficiently and to automatically create workgroups for data sharing, among other applications.

Is UPnP Port Forwarding safe?

UPnP is not a secure protocol. It uses network UDP multicasts, no encryption and no authentication. Since UPnP is not authenticated, one device could request port mapping for an another one. Hackers can abuse UPnP to attack through malicious files to infect your system and gain control. Despite its convenience, UPnP may expose your device to public networks and malicious attacks. It is recommended that your QNAP NAS stay behind your router and firewall without a public IP address. You should disable manual port forwarding and UPnP auto port forwarding for QNAP NAS in your router configuration

How Many QNAP NAS Users Have Been Affected by Deadbolt?

Getting the numbers on how many users have been impacted by this recent attack by the deadbolt group on QNAP NAS devices is exceedingly hard to identify. On the one hand, as this photo station vulnerability has been identified and effective in QTS 5 it has the potential to be high, however, it still heavily relies on having a system set up in a comparatively weak remote access configuration AND having a specific application with access credentials running. This is further reduced in scope as the Photo Station has been largely overtaken in use by QNAP users by the AI-powered QuMagie application. Still, the Photo Station application still has several ‘professional photographer’ services/structural qualities that keep it in use. The Bleeping Computer website identified 182 submissions to the ID Ransomware site reported for ‘Deadbolt’ (which requires uploading an encrypted file, attacker address and/other identifies for clarification of an attack type) with a spike that started on the 3rd of September (necessitating the patch o nthe 4th Sept). How many of the previously submitted reports in August 2022 were related to this photo station vulnerability (at that point unidentified) and how many were repeats by any one user or related to a QNAP NAS that was not updated since the early phase of the Deadbolt ransomware attacks of Jan 2022 cannot be confirmed. Nevertheless, these are still noticable numbers and can comfortably be classed as victims hitting the 3 digit mark.

Source for the below graphic and article – https://www.bleepingcomputer.com/news/security/qnap-patches-zero-day-used-in-new-deadbolt-ransomware-attacks

Alternatively, you can use server/internet service monitors such as censys to search for reported text that is used in the Deadbolt ransomware note. However, this is not the most precise and only further highlights that only QNAP themselves and Deadbolt know the extent of impact of this campaign. Unlike the original Deadbolt attacks of Jan 2022 of QNAP devices, research and strategic advisors at Unit42 noted back in May ’22 that the attack/injection of the ransomware and how it is presented to the user changed (though seemingly still using the same exploit that remained in systems that were not updated, therefore still vulnerable to the exploit in older QTS/QuTS versions and/or continued use in weak internet-facing access scenarios:

Unit 42 is observing a new wave of attacks of the Deadbolt #ransomware targeting QNAP NAS devices involving a new lock screen with updated JavaScript. Cortex Xpanse discovered ~3000 instances of infected devices. Details at https://t.co/uj0TOqACxu pic.twitter.com/RmSzZOAsTq

— Unit 42 (@Unit42_Intel) May 16, 2022

There has been no substantial analysis of the latest version of DeadBolt, but Unit 42 said in it’s May summary that the ransomware program made some significant changes since the March campaign. Specifically, the DeadBolt program now uses revised JavaScript code with a stronger SHA-256 implementation, building on the previous, lower-level ‘SubtleCrypto’ cryptography. Unit 42 researchers said this was likely changed to a stronger standard to accelerate the key verification process and also to ensure the verification works on browsers that do not support the SubtleCrypto API.

What Should You Do To Protect Your QNAP NAS from Deadbolt Ransomware Attacks?

If you are using the QNAP Photo Station application, then you need to suspend using it until you have updated to the latest version. It is worth highlighting again that this vulnerability will ONLY affect you if you have your QNAP NAS directly connected to internet access services (i.e NOT using a VPN or the myQNAPcloud link service). Updates for Photo Station have been issued for QTS 4 and QTS 5 on the brand’s official app portal of your NAS and directly downloadable from their official website:

  • QTS 5.0.1: Photo Station 6.1.2 and later
  • QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later
  • QTS 4.3.6: Photo Station 5.7.18 and later
  • QTS 4.3.3: Photo Station 5.4.15 and later
  • QTS 4.2.6: Photo Station 5.2.14 and later

Outside of QNAP Photo Station, it is incredibly important that users maintain a secure layer/barrier between your NAS and your external internet connection. To protect your NAS from the DeadBolt ransomware, QNAP strongly recommends securing your QNAP NAS devices and routers by following these instructions:

  1. Disable the port forwarding function on the router.
  2. Set up myQNAPcloud on the NAS to enable secure remote access and prevent exposure to the internet.
  3. Update the NAS firmware to the latest version.
  4. Update all applications on the NAS to their latest versions.
  5. Apply strong passwords for all user accounts on the NAS.
  6. Take snapshots and back up regularly to protect your data.

Now, QNAP myQNAPCloud services are not the same as just opening your NAS connection from LAN only to LAN+Remote. myQNAPCloud creates a connection between the NAS and the QNAP access servers via a secure portal (with encryption, SSL certificates and other configurable options that can prevent interception via this tunnel). Then, if you want to create a connection remotely with your NAS, you do so via the QNAP access server – as opposed to the directly NAS connection. This DOES result in a drop in file transmission speeds remotely (as you are moving through an additional transit point), but increases security and authentication substantially. The alternative to this would be to use restrictive/specific open of ports on your router AND recommended use of a VPN – which is definitely a valid and ‘best of all worlds’ solution, but a little more technically advanced than many users are able to configure effectively/securely). If you want to set up a remote myQNAPcloud connection, you need to:

  1. Log on to QTS as an administrator.
  2. Open myQNAPcloud.
  3. Disable UPnP port forwarding.
    1. Go to Auto Router Configuration.
    2. Deselect Enable UPnP Port forwarding.
  4. Enable DDNS.
    1. Go to My DDNS.
    2. Click the toggle button to enable My DDNS.
  5. Do not publish your NAS services.
    1. Go to Published Services.
    2. Deselect all items under Publish.
    3. Click Apply.
  6. Configure myQNAPcloud Link to enable secure remote access to your NAS via a SmartURL.
    1. Go to myQNAPcloud Link.
    2. Click Install to install myQNAPcloud Link on your NAS.
    3. Click the toggle button to enable myQNAPcloud Link.
  7. Restrict which users can remotely access your NAS via the SmartURL.
    1. Go to Access Control.
    2. Next to Device access controls, select Private or Customized.
      Note: Selecting Private allows only the QNAP ID logged in to myQNAPcloud to access the NAS via the SmartURL. Selecting Customized allows you to invite other QNAP ID accounts to access the device via the SmartURL.
    3. If you selected Customized, click Add and specify a QNAP ID to invite the user.
  8. Obtain the SmartURL by going to Overview.

The final thing to do is to have two applications running on your QNAP NAS regularly. Malware Remover and the QNAP Security Counselor. The Malware tool is for scanning your system for existing threats that may have been installed/engineered inside your system. It then isolates, quarantines as appropriate and removes. The Security Councilor tool is designed to periodically check the security of your entire system, find any potential for an opening that a vulnerability could be exploited via, then makes recommendations on how to close it. This latter tool can be configured via a number of pre-set profiles that scale in severity, but can also be set to custom variables too. These (alongside having updates on both the QTS/QuTS OS and apps via the app center set to automatically download and install) should be among the FIRST things you set up on your QNAP NAS.

It is also REALLY important to note that these applications analyze and identify KNOWN vulnerabilities. They are not omnipresent and, much like in the case of the Photo Station vulnerability that has been identified here and a day 1 patch issued, until it IS recognized as a threat/attack-vector, it will not be seen

What Should You Do If Your QNAP NAS was Hit By Deadbolt Ransomware?

Unfortunately, as it stands, there is little resolution in place to reverse Deadbolt ransomware encryption without paying the 0.05 BTC to the attackers. Some users have reported that snapshots have been useful in reversing the impact (heavily dependent on your retention policy and location, as you still need the original file in a comparable form for snapshots to work). However, a full means to reverse deadbolt is not available.  Previous attacks were able to be reverse using data recovery tools such as PhotoRec to restore them to their original version on an external drive, but success in this method with deadbolt has not been exactly positive. If you have no backup in place and your data is truly irreplaceable, then paying might be the only option (at least in the short term). You can follow the instructions that are attached to the Deadbolt warning page on your QNAP NAS GUI. If you have lost access to this GUI in an QNAP update (understandable that you might action this in the vein hope of halting/reversing damage), here is a Deadbolt Decryptor tool (this still requires the encryption key however) – https://www.emsisoft.com/ransomware-decryption/deadbolt

There are several useful references and setup pointers listed in the exceptionally long QNAP forum port HERE and here are their recommendations for you in the event you have been hit:

  • If you have full external intact backups, reset your NAS and restore from backups
  • If you have no backups and don’t intend to pay, try Qrescue (if your NAS has more than 50% free space and was not written to, chances are ‘OK’ to recover most files)
  • If you decide to pay, here is a ‘user’ story’ (Make sure that all auto-updates are disabled during the decryption, so the process is not interrupted)
  • To find your decryption key after paying the ransom check here.
  • If you are missing the ransom note and bitcoin address (removed by a QNAP firmware update or Malware remover) check here

The Sad Truth about Servers, Security and Vulnerabilities

Vulnerability > Update > vulnerability > update > rinse > repeat

No platform, software or service is going to be 100% bulletproof. You can increase your personal layers of security (VPNs, Encryption, layers, restrictive white lists, etc) to hit 99.99% but whatever way you are looking at it, everything we use is software-based and therefore, fallible. Equally, users cannot pretend that it is still the early days of the internet anymore and still be annoyed when a statistical possibility that should have been factored against was not. Do I think QNAP NAS are safe? I’m sorry to say that the answer is never going to be a simple Yes/No. I think they provide what they say they provide and I think that QNAP hardware is still the best in the market right now. But their software needs to be less rushed, the extra time/budget be spent on that software, or utilize a trusted 3rd party. The need to relinquish some of the customization of their platform in efforts to remove some of the configuration out of the hands of less tech-savvy users who end up overly reliant in defaults. Perhaps a much more rigorous setup policy that, on day 1, have an EXPERT door and a NOVICE door, with randomized defaults and extremely regimented update rules on the latter. Equally, the brand (though better than it was) needs to work on its communication with its end-user base, both in the event of critical issues and education on what the user base needs to have to increase security OUTSIDE of their product. I still recommend the brand, I still think users should use their products, but we need to be realistic and honest with ourselves about what we buy and our expectations. If I buy a QNAP NAS, I expect it to store the data I store in it and allow me access to it on my terms, but ‘my terms’ might be a lot more/less strict than the next person and with that comes due diligence in 2022. I hope that the most recent ransomware attack, deadbolt, is the last ‘big’ one we hear about the year/moving forward, but I do not think it will be. More than just QNAP, one look at the vulnerabilities listed on security advisories of all the brands tell us that there is big money to be made by these intruders and the brands can only stay 1 step ahead. As always, me and Eddie here on NASCompares have been running a page that links to the bigger NAS security Advisory pages that gets regularly updated, so if you want to get notifications on these as they get added (pulled from the official pages themselves), then you can visit the page below and put your email in for updates when they happen. Have a great week and backup, backup, BACKUP.

Click Below to Read

 

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,258 other subscribers

Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

How to Test Your Plex Media Server NAS – 4K, 1080p, HDR, HEVC and UHD Files to Download

26 août 2022 à 01:06

Recommended Files to Test Your Plex Media Server NAS

If you are considering buying/building your own Plex Media server (or even want to test the capabilities of your existing Plex server), then you may have discovered that it is actually a lot harder to bench-test your multimedia system than it should be. Notwithstanding the fact that very, VERY few people are running the exact same server setup (even two people buying the same NAS drive might have different HDDs, SSDs, memory, caching, directories, network traffic and more), but then you need to factor in that the depth, frequency and volume of everyone’s media collection will differ wildly. One user might have a simple Nvidia Shield + external USB drive setup and mostly 1080P, another running a Synology DS920+ NAS and a tonne of 4K, meanwhile, user number 3 is a highly audio-focused user that wants to use pristine, flawless raw audio to their smart home speakers from their Plex library – These are just three setups and each is INCREDIBLY different in it’s hardware requirements! So, when you are in the market for a new server for your Plex system, or simply want to check your current setup does the job), it is recommended to run a benchmark by playing some ranged media that will stress test different areas of multimedia playback on your Plex server. I have been running Plex Media Server tests on NAS drives for a  number of years (a FULL PLEX TEST PLAYLIST can be found HERE on the NASCompares YouTube) and although I include fairly standard multimedia testing using familiar movies and TV shows, I have also used a tremendously thorough range of files known as the ‘JellyFish Files‘. This is an incredible range of files that cover everything from a 2MB sized 480p, low bitrate, H.264, all the way upto an insanely high end 1.4 GIGABYTE 400Mbps 4K UHD HEVC HDR file – ALL of which are the same 30 second media file. These files can be added to your Plex Media Server and playing them, whilst monitoring your system’s hardware and resource utilization will help you understand the limitations of your system and what the system can/cannot play natively, as well as what impact files that need on-the-fly conversion (known predominantly as ‘transcoding’ and we will cover that later). The original source website and author location of the JellyFish files has become vague over the years (with the original repository that I originally found them and credit, being a dead website now in 2022), however, I am often asked if I still have access to the Jellyfish archive and if I can share them. The answer to that first question is YES, but the 2nd question takes a little longer to answer. I tried to backlink/direct users to the repository for a long time, as well as locate the original author (feeling that it is not my work to feely distribute) but hit something of a wall and after my bazillion’th requests, I have decided to create a shared drive for ALL these files. Below are the links to the FULL range of JellyFish files for testing your Plex NAS, but before you proceed, there are a few things you need t keep in mind before you proceed:

Understanding the Jellyfish Files and the File Formats, Quality and Density on a Plex NAS Benchmark Test

Before you start testing your Plex Media Sever and its multimedia capabilities, it is worth taking a moment to understand the terminology and variations of media files. You could have two copies of ‘Marvel’s Avengers Endgame’, both in 4K, but due to variations in their bitrate, their compression technique and their file format/codec and one will play much, MUCH better than another on your system. Although there are many kinds of ways you can clarify your multimedia files, the FOUR most important variables/standards to check are Bitrate, Resolution, Codec and Video Compression Standard. Take a moment to learn about what these are and their impact using the glossary below:

  • Bitrate – Bitrate is the number of bits per second. The symbol is bit/s. It generally determines the size and quality of video and audio files: the higher the bitrate, the better the quality, and the larger the file size because of File size = bitrate (kilobits per second) x duration. In most cases, 1 byte per second (1 B/s) corresponds to 8 bit/s. Video bitrate affects video quality in several ways. First, it is the key measure of any video file size. Secondly, high video bitrate results in high video quality and low bitrates result in poor video quality. However, using an extremely high bitrate is just a waste of bandwidth. In general, a higher bitrate will accommodate higher image quality in the video output, only when comparing the same video with the same resolution. Bitrates should be expected to go up whenever the resolution goes up, as more data is being processed. Therefore, high video bitrate may provide excellent quality, but it can also place a major strain on your hardware which can result in stutters.
  • Resolution – Video resolution determines the amount of detail in your video or how realistic and clear the video appears. It’s measured by the number of pixels contained in the standard aspect ratio of 16:9, the most common aspect ratio for television and computer monitors. A higher number of pixels indicates a higher resolution and a lower number of pixels makes for a low-resolution video. For the common resolutions of 720 and 1080, the naming convention is based on the total number of pixels running in a vertical line down the display area. For 2K, 4K or 8K video, the resolution is named for the number of pixels running in a horizontal line across the frame. Previously, the resolution has been divided between standard definition (SD video) and high definition (HD video). Anything below 720 is considered standard definition. However, as screen resolutions on computer monitors and televisions continue to improve, it’s less likely for anything to be shot in SD.
  • The difference between video resolution and frame rate – Digital videos are made up of thousands of still images played in sequence. While resolution refers to the amount of data in the frame, frame rate refers to how quickly those frames are cycled through, or how many stills are packed into each second. As with video resolution, choose your video’s frame rate based on the type of motion you’re trying to capture and the type of video formats you expect to release to your audience.
  • Codec – Codecs are the oxygen of the streaming media market; no codecs, no streaming media. From shooting video to editing to encoding our streaming media files for delivery, codecs are involved every step of the way. Many video producers also touch the DVD-ROM and Blu-ray markets, as well as broadcast, and codecs play a role there as well. Codecs are compression technologies and have two components, an encoder to compress the files, and a decoder to decompress. There are codecs for data (PKZIP), still images (JPEG, GIF, PNG), audio (MP3, AAC) and video (Cinepak, MPEG-2, H.264, VP8). It’s important to distinguish codecs from container formats, though sometimes they share the same name. Briefly, container formats, or wrappers, are file formats that can contain specific types of data, including audio, video, closed captioning text, and associated metadata. Though there are some general-purpose container formats, like QuickTime, most container formats target one aspect of the production and distribution pipeline, like MXF for file-based capture on a camcorder, and FLV and WebM for streaming Flash and WebM content.
  • HEVC, H.264 and H.265 – H.264 (AVC) and H.265 (HEVC) are both standards for video compression used in recording and distributing digital video. Why would you choose one over the other? The main difference between H.264 and H.265 is how each processes information and the resulting video file size and bandwidth consumption used with each standard. H.264 processes frames of video using macroblocks, while H.265 processes information using coding tree units (CTUs). CTUs process information more efficiently, which results in a smaller file size and less bandwidth used for your streaming video. H.264 (also called AVC, or Advanced Video Coding) is an industry-standard for video compression that allows for the recording, compression, and distribution of digital video content. H.265 is newer and more advanced than H.264 in several ways. H.265 (also called HEVC, or High-Efficiency Video Coding) allows for further reduced file size, and therefore reduced required bandwidth, of your live video streams.

There are several other terms that are more appropriate to Plex that it might be worth getting school’d up on, but these are optional and you can learn about them below in my video on Plex NAS servers for Dummies:

Where to Download the Files to Test Your Plex Media Server NAS

As mentioned, the Jellyfish files comprise a wide range of files that, although all the same 30 secs of jellyfish playing around in the sea, comprise around 56 files of varying degrees of quality and size. You can use the links below to head over to google drive for each specific file (each link opens in a new tab). Then you can use the download option at the top right corner to  download the file to your local machine:

For those looking to bulk-download, I am afraid that due to reasons of bandwidth hogging (when I shared these files with people in the past) and the sheer weight of these files, I have opted to keep these on a Google Drive shared drive. You should be able to add these files and bulk download them from inside your own Google Drive account, or you can message me directly for the full download link by contacting me directly using the contact section at the bottom of the page. Otherwise, here is the full range of Jellyfish files to download and test your Plex Media server NAS server or DIY/ByO system:

Filename
(Click to Download)
Bitrate
(Overall)
Resolution Codec File
Size
jellyfish-3-mbps-hd-h264.mkv Mbps 1920×1080 H.264 11 MB
jellyfish-3-mbps-hd-hevc.mkv Mbps 1920×1080 HEVC 11 MB
jellyfish-3-mbps-hd-hevc-10bit.mkv Mbps 1920×1080 HEVC 11 MB
jellyfish-5-mbps-hd-h264.mkv Mbps 1920×1080 H.264 18 MB
jellyfish-5-mbps-hd-hevc.mkv Mbps 1920×1080 HEVC 18 MB
jellyfish-10-mbps-hd-h264.mkv 10 Mbps 1920×1080 H.264 36 MB
jellyfish-10-mbps-hd-hevc.mkv 10 Mbps 1920×1080 HEVC 36 MB
jellyfish-10-mbps-hd-hevc-10bit.mkv 10 Mbps 1920×1080 HEVC 36 MB
jellyfish-15-mbps-hd-h264.mkv 15 Mbps 1920×1080 H.264 53 MB
jellyfish-15-mbps-hd-hevc.mkv 15 Mbps 1920×1080 HEVC 53 MB
jellyfish-20-mbps-hd-h264.mkv 20 Mbps 1920×1080 H.264 71 MB
jellyfish-20-mbps-hd-hevc.mkv 20 Mbps 1920×1080 HEVC 75 MB
jellyfish-20-mbps-hd-hevc-10bit.mkv 20 Mbps 1920×1080 HEVC 75 MB
jellyfish-25-mbps-hd-h264.mkv 25 Mbps 1920×1080 H.264 89 MB
jellyfish-25-mbps-hd-hevc.mkv 25 Mbps 1920×1080 HEVC 93 MB
jellyfish-30-mbps-hd-h264.mkv 30 Mbps 1920×1080 H.264 106 MB
jellyfish-30-mbps-hd-hevc.mkv 30 Mbps 1920×1080 HEVC 110 MB
jellyfish-35-mbps-hd-h264.mkv 35 Mbps 1920×1080 H.264 126 MB
jellyfish-35-mbps-hd-hevc.mkv 35 Mbps 1920×1080 HEVC 129 MB
jellyfish-40-mbps-hd-h264.mkv 40 Mbps 1920×1080 H.264 142 MB
jellyfish-40-mbps-hd-hevc.mkv 40 Mbps 1920×1080 HEVC 146 MB
jellyfish-40-mbps-hd-hevc-10bit.mkv 40 Mbps 1920×1080 HEVC 146 MB
jellyfish-45-mbps-hd-h264.mkv 45 Mbps 1920×1080 H.264 160 MB
jellyfish-45-mbps-hd-hevc.mkv 45 Mbps 1920×1080 HEVC 166 MB
jellyfish-50-mbps-hd-h264.mkv 50 Mbps 1920×1080 H.264 180 MB
jellyfish-50-mbps-hd-hevc.mkv 50 Mbps 1920×1080 HEVC 182 MB
jellyfish-55-mbps-hd-h264.mkv 55 Mbps 1920×1080 H.264 208 MB
jellyfish-55-mbps-hd-hevc.mkv 55 Mbps 1920×1080 HEVC 199 MB
jellyfish-60-mbps-hd-h264.mkv 60 Mbps 1920×1080 H.264 213 MB
jellyfish-60-mbps-hd-hevc.mkv 60 Mbps 1920×1080 HEVC 220 MB
jellyfish-60-mbps-hd-hevc-10bit.mkv 60 Mbps 1920×1080 HEVC 218 MB
jellyfish-70-mbps-hd-h264.mkv 70 Mbps 1920×1080 H.264 251 MB
jellyfish-70-mbps-hd-hevc.mkv 70 Mbps 1920×1080 HEVC 256 MB
jellyfish-80-mbps-hd-h264.mkv 80 Mbps 1920×1080 H.264 286 MB
jellyfish-80-mbps-hd-hevc.mkv 80 Mbps 1920×1080 HEVC 290 MB
jellyfish-90-mbps-hd-h264.mkv 90 Mbps 1920×1080 H.264 322 MB
jellyfish-90-mbps-hd-hevc.mkv 90 Mbps 1920×1080 HEVC 329 MB
jellyfish-90-mbps-hd-hevc-10bit.mkv 90 Mbps 1920×1080 HEVC 330 MB
jellyfish-100-mbps-hd-h264.mkv 100 Mbps 1920×1080 H.264 358 MB
jellyfish-100-mbps-hd-hevc.mkv 100 Mbps 1920×1080 HEVC 365 MB
jellyfish-110-mbps-hd-h264.mkv 110 Mbps 1920×1080 H.264 394 MB
jellyfish-110-mbps-hd-hevc.mkv 110 Mbps 1920×1080 HEVC 401 MB
jellyfish-120-mbps-4k-uhd-h264.mkv 120 Mbps 3840×2160 H.264 431 MB
jellyfish-120-mbps-4k-uhd-hevc-10bit.mkv 120 Mbps 3840×2160 HEVC 438 MB
jellyfish-140-mbps-4k-uhd-h264.mkv 140 Mbps 3840×2160 H.264 502 MB
jellyfish-140-mbps-4k-uhd-hevc-10bit.mkv  140 Mbps 3840×2160 HEVC 525 MB
jellyfish-160-mbps-4k-uhd-h264.mkv 160 Mbps 3840×2160 H.264 573 MB
jellyfish-160-mbps-4k-uhd-hevc-10bit.mkv 160 Mbps 3840×2160 HEVC 586 MB
jellyfish-180-mbps-4k-uhd-h264.mkv 180 Mbps 3840×2160 H.264 647 MB
jellyfish-180-mbps-4k-uhd-hevc-10bit.mkv 180 Mbps 3840×2160 HEVC 658 MB
jellyfish-200-mbps-4k-uhd-h264.mkv 200 Mbps 3840×2160 H.264 718 MB
jellyfish-200-mbps-4k-uhd-hevc-10bit.mkv 200 Mbps 3840×2160 HEVC 731 MB
jellyfish-250-mbps-4k-uhd-h264.mkv 250 Mbps 3840×2160 H.264 897 MB
jellyfish-250-mbps-4k-uhd-hevc-10bit.mkv 250 Mbps 3840×2160 HEVC 914 MB
jellyfish-300-mbps-4k-uhd-hevc-10bit.mkv 300 Mbps 3840×2160 HEVC 1.0 GB
jellyfish-400-mbps-4k-uhd-hevc-10bit.mkv 400 Mbps 3840×2160 HEVC 1.4 GB

There you have it, those are the Jellyfish files for testing your Plex server. If you are still on the fence about the best plex media server NAS drive you should consider buying, you can use my article below that highlights the drives I would personally recommend and why:

(Click Below to view this article)

 

📧 LET ME KNOW ABOUT NEW POSTS 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,365 other subscribers


Get an alert every time something gets added to this specific article!


Want to follow specific category? 📧 Subscribe

This description contains links to Amazon. These links will take you to some of the products mentioned in today's content. As an Amazon Associate, I earn from qualifying purchases. Visit the NASCompares Deal Finder to find the best place to buy this device in your region, based on Service, Support and Reputation - Just Search for your NAS Drive in the Box Below

Need Advice on Data Storage from an Expert?

We want to keep the free advice on NASCompares FREE for as long as we can. Since this service started back in Jan '18, We have helped hundreds of users every month solve their storage woes, but we can only continue to do this with your support. So please do choose to buy at Amazon US and Amazon UK on the articles when buying to provide advert revenue support or to donate/support the site below. Finally, for free advice about your setup, just leave a message in the comments below here at NASCompares.com and we will get back to you. Need Help? Where possible (and where appropriate) please provide as much information about your requirements, as then I can arrange the best answer and solution to your needs. Do not worry about your e-mail address being required, it will NOT be used in a mailing list and will NOT be used in any way other than to respond to your enquiry. [contact-form-7]     Terms and Conditions Alternatively, why not ask me on the ASK NASCompares forum, by clicking the button below. This is a community hub that serves as a place that I can answer your question, chew the fat, share new release information and even get corrections posted. I will always get around to answering ALL queries, but as a one-man operation, I cannot promise speed! So by sharing your query in the ASK NASCompares section below, you can get a better range of solutions and suggestions, alongside my own.  

❌