jkim05 09:50 AM 04-23-2010
So I decided that it would be much more efficient for us here at my office to have a NAS where we store files that other people might use or document templates and stuff like that since we have no centralized server system and things are kind of scattered on various desktops. That being said, I know the basics of setting one up, but I wanted to get some recommendations from the folks here who may be using a system like this.
I want a RAID system for backup purposes, and I don't need a lot of space, maybe a couple GB's at most since it's mainly just word docs and stuff, but of course I'll probably go way overkill anyways. So, anybody have system they use that they like?
[Reply]
Cyclone 10:55 AM 04-23-2010
The 1st question I have is how many people will be sharing the data on the NAS?
Once you have the NAS in place, consider backing it up and taking the data offsite...
Check out
http://www.smallnetbuilder.com for NAS reviews.
Based on the reviews on that site and others, I just put in AN order for a Netgear ReadyNAS Duo RND2110 from Fry's. It has 1 x 1 TB drive and has room for another (which I already have).
http://www.readynas.com/?cat=3
Brands to consider are QNAP, Synology, Buffalo, Netgear.
The above URL is the most comprehensive review site I've seen so far.
Cheers!
[Reply]
Cyclone 11:35 AM 04-23-2010
The 2nd URL in the above post leads to a TON of info about the ReadyNAS....
Now I'm even more excited about my purchase...
[Reply]
68TriShield 11:48 AM 04-23-2010
Originally Posted by Cyclone:
The 2nd URL in the above post leads to a TON of info about the ReadyNAS....
Now I'm even more excited about my purchase...
Excited like the little fella in your avatar?
:-)
[Reply]
Cyclone 12:18 PM 04-23-2010
Originally Posted by 68TriShield:
Excited like the little fella in your avatar? :-)
LOL... Yup!
Adam is a direct carbon-copy of me at the same age...
:-):-)
[Reply]
I run 2 of the ReadyNas at my office and take care of a lawyer and doctors office. Small company requirements are very unique as compared to the domain setup a larger office might have.
The NAS have nice redundancy in the RAID and feed the clients fairly fast. Based on my clients needs I have them backing the NAS up to single drive external drives (ethernet or USB depending on their budget). Redundant drives ARE NOT a backup plan. Buildings burn and multiple drives can fail. Always have off site backups. My lawyer and doctors clients for obvious reasons do not allow cloud storage.
The NAS are setup with passwords for some level of protection. This setup is technology low and works well for my smaller businesses using the KISS method. A few gigs... Both way to low and prolly not avalaible. Remember in a RAID setup 4 250G drives do not equate to 1T of storage. Better to have too much than to go small and spend more in 2 years because the drives are full.
If you need more specics, PM me and I'll help where I can.
[Reply]
These ended up being too small for my company, but are perfect for small-med/small businesses.
http://www.barracudanetworks.com/ns/...p_features.php
Small fee for the device, and it replicates the data off to two datacenters; one on the east coast one on the west coast. It includes automated backup software/agents.
[Reply]
Cyclone 01:31 PM 04-23-2010
Hey Volt,
We have the same type of clients and needs...
I'm about to build a new server for one of my lawyer clients and am considering a NAS to backup their server plus USB storage to take off-site.
Good info!
[Reply]
jkim05 01:40 PM 04-23-2010
Thanks for all the help guys. I run a doctor's office, and we have ~10 users max at any time. We actually don't really have any sensitive data on our computers with the exception of our scheduling/practice management software, which we currently back up onto an external HD. Our technology implementation is actually pretty outdated, but since we have no need to upgrade, we haven't. My plan is gradually begin upgrading, rebuilding and/or replacing most of the computers in this office over the next couple of years and having centralized storage would make that much simpler as I would no longer have to figure out what data is stored on what computer.
As for size, I'm thinking 500gb in a RAID 1 configuration should be sufficient, though I'm tempted to go much larger. Is it cost effective to go much larger than that? Also, is it even worth it to RAID two drives or should I just go for external backup to the NAS?
[Reply]
Originally Posted by jkim05:
Thanks for all the help guys. I run a doctor's office, and we have ~10 users max at any time. We actually don't really have any sensitive data on our computers with the exception of our scheduling/practice management software, which we currently back up onto an external HD. Our technology implementation is actually pretty outdated, but since we have no need to upgrade, we haven't. My plan is gradually begin upgrading, rebuilding and/or replacing most of the computers in this office over the next couple of years and having centralized storage would make that much simpler as I would no longer have to figure out what data is stored on what computer.
As for size, I'm thinking 500gb in a RAID 1 configuration should be sufficient, though I'm tempted to go much larger. Is it cost effective to go much larger than that? Also, is it even worth it to RAID two drives or should I just go for external backup to the NAS?
Yes RAID 1 (mirroring) is a good idea. It provides quick, cheap, reliable redundancy. Offsite storage is really more for disaster recovery, aka building burns down and the company has to rebuild.
Also, I have worked for a regional hospital (medical group of 7 or 8 hospitals) and you DO have sensitive data. HIPPA requires you to protect that data or
YOU (not your company/employer) can be sued or heavily fined. Even names/addresses can be considered patient data. DO NOT neglect your responsibility to protect it. I would highly recommend that you use some form of encryption. Even if it is a freebie like PGP, it's better than nothing. Most new external hard drives offer it as a feature if you go that route.
If you use encryption and it gets cracked at least you made the effort. That will usually prevent legal action against you or your company. If you do not make the effort, you are at risk should that data get compromised.
[Reply]
mithrilG60 02:23 PM 04-23-2010
How much need for future expandability to the NAS do you foresee? Will you need to add space to the initial RAID set you configure or will your initial sizing be enough for the lifespan of the device?
I'd personally look at
FreeNAS, it'll do what is sounds like you're after and can run on pretty much any old hardware you have lying around. If you're looking for a good case for a home built NAS, check out the
Fractal Design R2. 8 3.5" drive bays plus 2 5.25" bays, fully sound insulated. Amazing case, just picked one up last night for my movie/tv NAS at home.
[Reply]
jkim05 02:29 PM 04-23-2010
Originally Posted by 357:
Yes RAID 1 (mirroring) is a good idea. It provides quick, cheap, reliable redundancy. Offsite storage is really more for disaster recovery, aka building burns down and the company has to rebuild.
Also, I have worked for a regional hospital (medical group of 7 or 8 hospitals) and you DO have sensitive data. HIPPA requires you to protect that data or YOU (not your company/employer) can be sued or heavily fined. Even names/addresses can be considered patient data. DO NOT neglect your responsibility to protect it. I would highly recommend that you use some form of encryption. Even if it is a freebie like PGP, it's better than nothing. Most new external hard drives offer it as a feature if you go that route.
If you use encryption and it gets cracked at least you made the effort. That will usually prevent legal action against you or your company. If you do not make the effort, you are at risk should that data get compromised.
Ok, I guess that is something to consider. As far as I know, as long as data is not stored or transmitted off-site or across a network encryption was not necessary. Basically since all the computers are locked up inside of the office, the office as a whole complies with HIPAA. I could be totally wrong though. In any case I guess there is no reason not to encrypt data, so I might as well.
[Reply]
Originally Posted by jkim05:
Ok, I guess that is something to consider. As far as I know, as long as data is not stored or transmitted off-site or across a network encryption was not necessary. Basically since all the computers are locked up inside of the office, the office as a whole complies with HIPAA. I could be totally wrong though. In any case I guess there is no reason not to encrypt data, so I might as well.
It's a touchy thing. If one computer has internet access, and it networked to others, all data on each one of them could be considered at risk. I know you probably have a firewall and/or router, but they are not foolproof. It doesn't take much effort/$$$ in a small environment like that so it's usually better safe than sorry.
[Reply]
dunng 02:34 PM 04-23-2010
Stay away from the Seagate Black Armour NAS... the internal OS crashed and took my data with it! As well, there is a very limited technical support period for this device.
Regarding data encryption, just hope you don't have any data for MA residents...
http://infosecuritydecisions.techtar...ompliance.html
:-)
[Reply]
Originally Posted by dunng:
Stay away from the Seagate Black Armour NAS... the internal OS crashed and took my data with it! As well, there is a very limited technical support period for this device.
Regarding data encryption, just hope you don't have any data for MA residents... http://infosecuritydecisions.techtar...ompliance.html
:-)
I have done some work with PCI (Payment Card Industry) stuff and they are way more stringent. TJ Maxx got sued class-action style because they lost 43 million credit card numbers. Cost them over $140 Million. Worst part is they were 95% of the way through their PCI compliance process when it happened. So, even though they were trying to do the right thing, they were compromised and were considered liable.
[Reply]
dunng 02:39 PM 04-23-2010
TJ Maxx is in MA... and that is where 201 CMR 17 comes from. The difference is this applies to everyone unlike PCI.
:-)
[Reply]
Kreth 02:42 PM 04-23-2010
Originally Posted by Volt:
Always have off site backups.
This needs repeating.
:-)
Posted via Mobile Device
[Reply]
Originally Posted by Cyclone:
Hey Volt,
We have the same type of clients and needs...
I'm about to build a new server for one of my lawyer clients and am considering a NAS to backup their server plus USB storage to take off-site.
Good info!
I don't even really like the Doc on a server but it's needed and teh lawyer is straight NAS. I don't charge them a lot, but everything I can do to keep the technology low and minimize my trips actually works to the good for me.
The hrad part for me was working around the zero data loss requirements the lawyer has. They swap out a USB portables each night to minimize data loss. Cloud backup would be nice but lawyer files and patient records - maybe not so much. Their call.
[Reply]
Originally Posted by Kreth:
This needs repeating. :-)
Posted via Mobile Device
:-)
So I will. On site backups are great for restoring a deleted word file. They cannot be used to setup a new office in a different location when the creek floods the building over night and frys all the electronics. Wether you take it home daily or weekly depends on the pain of a lost weeks worth of work.
[Reply]
Originally Posted by jkim05:
Thanks for all the help guys. I run a doctor's office, and we have ~10 users max at any time. We actually don't really have any sensitive data on our computers with the exception of our scheduling/practice management software, which we currently back up onto an external HD. Our technology implementation is actually pretty outdated, but since we have no need to upgrade, we haven't. My plan is gradually begin upgrading, rebuilding and/or replacing most of the computers in this office over the next couple of years and having centralized storage would make that much simpler as I would no longer have to figure out what data is stored on what computer.
As for size, I'm thinking 500gb in a RAID 1 configuration should be sufficient, though I'm tempted to go much larger. Is it cost effective to go much larger than that? Also, is it even worth it to RAID two drives or should I just go for external backup to the NAS?
Raid 1 is pretty expensive in terms of disk space usage and most NAS I have used came with 4 or 5 disks. At a minimum I would go 3 disks and use RAID 5. Faster feeds, redundancy if 1 disk fails, and if you go to 4 disks so much the better. Disks are cheap insurance.
"Also, is it even worth it to RAID two drives or should I just go for external backup to the NAS?"
Yes, with at leat Raid 1 or better RAID 5 if one drive fails they are still in business and can keep the doors open. If you JBOD (RAID 0) if 1 disk fails - close the doors and go find your backup plan. RAID 5 with 4 disks is the route I would go minimun especially if IT support on site is weak. Disks are cheap....
So my thoughts...
RAID 5 with 750 - 1T for day to day file usage. Even if they don't have a lot of "data" yet, set it up to hold images of the workstations, your Office loads (faster than a cd, etc)
Use 1 or 2 externals to swap out daily to bring one home each night.
[Reply]