Linked by Rohan Pearce on Wed 8th Jun 2011 21:27 UTC
BSD and Darwin derivatives "FreeNAS is an open source operating system based on FreeBSD and, as its name implies, designed for networked storage. The project recently celebrated the release of FreeNAS 8, which racked up some 43,000 downloads in the first 48 hours after its release. I caught up with Josh Paetzel, director of IT at iXsystems and project manager for FreeNAS 8, to talk about the current state of the OS, what lies ahead for it, and the relationship to FreeNAS 0.7."
Permalink for comment 476631
To read all comments associated with this story, please click here.
umccullough
Member since:
2006-01-26

What is the benefit of encryption on production NAS systems? Would it just slow things down?


It's a lot easier to decommission an HD if it's encrypted - you just remove the encryption key, and the data is effectively "scrambled".

A good example is a failed HD - depending on how the disk fails, you may not be able to erase it with zeros, but someone with the proper facilities can still recover the data off it.

If the HD is in an external enclosure (like an external eSATA or USB device), having someone walk off with it is always a possibility as well.

Erasing a disk is time consuming - so being able to simply destroy the encryption key is awfully convenient in many situations (as mentioned in the situation of a police raid - one could just yank the bootable USB key from a FreeNAS box and destroy it rendering the HD contents useless).

Edit: per your performance question, I suspect the network latency/bandwidth is a larger impact when using a NAS. With read/write caching (including read-ahead) and enough RAM, you shouldn't notice much performance impact on block-level encryption. A fast CPU should already do the trick.

Edited 2011-06-09 18:55 UTC

Reply Parent Score: 2