Setting Up A Small Office File Server



A file server allows for more efficient collaboration by making the latest versions of documents available to users, even remotely over the Internet. Furthermore, a centralized storage device simplifies backups. At work, we have the Synology DS210j network-attached storage (NAS) device. This post will briefly describe the setup process and features of the DS210j.



The Synology 210j ships without any hard drives. We chose the Western Digital 1 TB Green Drives. Assembly is very simple and requires only a Phillips screwdriver. The Synology has two drive bays. If you stick in two of the same drives, you can configure it to use RAID 1, which mirrors the data across both drives. If you set this up, your data will be safe in case one hard drive fails. Once you install the hard drives, plug the Synology into the network router or switch.

The next step is to download the latest setup software and firmware from the Synology website. (The software on the included CD did not work.) Again, the setup is very simple and run by software wizards. The Synology can be mapped to a drive that logs in when you start Windows. In my case, it shows up as the Z: drive.

The trickiest part is setting up the router properly for remote access. My router uses the Tomato firmware, so that’s what my instructions are geared towards. In fact, it might be worthwhile for you to buy a router that supports Tomato firmware and set it up. First, have the router assign the Synology an IP address via static DHCP. This guarantees that the Synology will always have the same IP on your network. Second, forward only the necessary ports to the Synology, which should have the same internal IP if you set up the static DHCP. The specific ports to open can be found on your Synology instructions, but you should at least forward ports 21, 22, 23, and 5000. The only ports that should be forwarded by your router should be those necessary for remote Internet access by SFTP, and SSH. Do not use the router’s DMZ feature, which directs all ports to your Synology. Even though it makes set up easier, it is also very insecure. Lastly, you need to set up a free account at DynDNS, and put the proper settings into your router. This provides you with an URL that will always be pointed at your router. You will use this URL to access your Synology by SFTP, or SSH. (For more security, you should set the Synology to disable the Telnet service, and to force the FTP protocol to use TLS/SSL encryption.)

The Synology 210j also includes a built-in firewall, which you should configure to reject all ports other than the bare minimum needed to provide the services you need. Keep in mind that not all the ports open on the Synology firewall should be forwarded by the router. Some ports need to be open only on the local network, such as those necessary for Windows file sharing. These ports should not be open to the Internet.

The last thing to set up is automatic backup of your Synology device to a remote server. I used rsync to have the Synology automatically backup to DreamHost servers over an encrypted SSH line every night. RSYNC minimizes the amount of data transferred by only sending the changes in the files, and has a compression function built-in. The only problem is that if you mess up a file, it will be changed on the server that night. In other words, regular backups are still necessary. The remote backup was very difficult to set up and required a lot of typing away at a command line. Most of the difficulty was on DreamHost’s end. Another webhost with a more robust rsync or SSH may make things easier.

The Synology DS210j cost $230, and the hard drives cost $85 each. Newegg did not charge tax in NY, and shipped it to us overnight by standard shipping, which cost $10. For about $400, we have a file server that has built-in redundancy. We can access the files securely from the Internet so we can work from home or other offices without fear that we need someone in the office to send the latest files to us. The automated backup feature provides disaster recovery. Furthermore, if our office’s Internet access fails when we’re away, we can still access the files on DreamHost’s servers. Hopefully, this will be similarly helpful to readers.

Comments

Popular posts from this blog

RAID on HP ProLiant Microserver