Linked by Rohan Pearce on Wed 8th Jun 2011 21:27 UTC
BSD and Darwin derivatives "FreeNAS is an open source operating system based on FreeBSD and, as its name implies, designed for networked storage. The project recently celebrated the release of FreeNAS 8, which racked up some 43,000 downloads in the first 48 hours after its release. I caught up with Josh Paetzel, director of IT at iXsystems and project manager for FreeNAS 8, to talk about the current state of the OS, what lies ahead for it, and the relationship to FreeNAS 0.7."
Thread beginning with comment 476611
To view parent comment, click here.
To read all comments associated with this story, please click here.
Whats the point of encryption?
by FunkyELF on Thu 9th Jun 2011 15:20 UTC in reply to "Encryption"
FunkyELF
Member since:
2006-07-26

Encrypted volumes protect your data if someone gets physical access to your hardware so I understand why someone would want this on laptops and home computers and things that could be stolen.

What is the benefit of encryption on production NAS systems? Would it just slow things down?

Reply Parent Score: 2

Laurence Member since:
2007-03-26

Encrypted volumes protect your data if someone gets physical access to your hardware so I understand why someone would want this on laptops and home computers and things that could be stolen.

What is the benefit of encryption on production NAS systems? Would it just slow things down?


Piece of mind if you get burgled or (if you've got something to hide) raided by the police.

Reply Parent Score: 2

umccullough Member since:
2006-01-26

What is the benefit of encryption on production NAS systems? Would it just slow things down?


It's a lot easier to decommission an HD if it's encrypted - you just remove the encryption key, and the data is effectively "scrambled".

A good example is a failed HD - depending on how the disk fails, you may not be able to erase it with zeros, but someone with the proper facilities can still recover the data off it.

If the HD is in an external enclosure (like an external eSATA or USB device), having someone walk off with it is always a possibility as well.

Erasing a disk is time consuming - so being able to simply destroy the encryption key is awfully convenient in many situations (as mentioned in the situation of a police raid - one could just yank the bootable USB key from a FreeNAS box and destroy it rendering the HD contents useless).

Edit: per your performance question, I suspect the network latency/bandwidth is a larger impact when using a NAS. With read/write caching (including read-ahead) and enough RAM, you shouldn't notice much performance impact on block-level encryption. A fast CPU should already do the trick.

Edited 2011-06-09 18:55 UTC

Reply Parent Score: 2

Neolander Member since:
2010-03-08

But if the disk is out of order anyway, can't you simply mechanically destroy it with a hammer ? Sounds enough to permanently destroy regular data ^^

Reply Parent Score: 1

tony Member since:
2005-07-06

Encrypted volumes protect your data if someone gets physical access to your hardware so I understand why someone would want this on laptops and home computers and things that could be stolen.

What is the benefit of encryption on production NAS systems? Would it just slow things down?


There is some performance penalty for encryption, unless you have an Intel CPU that has AES-NI. Most of the laptops have it now, and a good number of the desktop CPUs have it. It seems to remove most of the performance penalty for encryption.

If you run Truecrypt and have an AES-NI processor (only Intel has them right now) then you can also make use of the acceleration.

Reply Parent Score: 2