Proper security for NAS

Discussion in 'other security issues & news' started by screamer, Jul 5, 2006.

Thread Status:
Not open for further replies.
  1. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    I'm wondering... Am I overdoing it w/ my NAS security?

    My network has: Office1, Office2 & Office3 (laptop wireless) These are connected to a Belkin Pre-N router, along w/ a Dell DIM8200 used for NAS.
    All the "Office" machines have adaquate protection e.g. Outpost firewall, NOD32, ewido... The NAS has Sygate firewall, NOD32, ewido.

    All machines run Win XP Pro SP2

    The only internet connection the NAS makes is to update security apps or D/L MS updates.

    Does it really need to be protected?


    ...screamer
     
  2. diginsight

    diginsight Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    225
    Location:
    Netherlands
    I've followed discussions about this topic on security mailing lists. In general there are two opinions: you always need an AV or you don't need an AV if the system is hardened.

    I've thought about this a lot, discussed this with my coworkers and consultants and decided that instead of hardening I now prefer to install an AV on any server.

    I've always hardened systems, but this can also introduce problems because you're not using default settings anymore. With Windows Server 2003 SP1 and Windows XP SP2 the default settings have improved a lot.

    You never know if you're system is protected against 0-day exploits, even when hardened. In general a 0-day exploits will installl known malware. The AV will then detect this. If your system doesn't have an AV you risk being infected, and this system can then infect other systems in your network.

    In my case I'm speaking about AV on a server. Your NAS already has a firewall, AV and AT so I think they're more then adequately protected.

    Does it need more protection? I would consider an UPS and a good backup strategy :)
     
  3. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    Thanks for the info diginsight!

    NAS has a UPS and I use Always Sync to back up anything written to it to a 160GB USB HD.

    ...screamer
     
Loading...
Thread Status:
Not open for further replies.