Go Back   Hardware Canucks > SOFTWARE > Networking

    
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old October 16, 2013, 01:52 PM
SugarJ's Avatar
Moderator
F@H
 
Join Date: Jan 2008
Location: Langley, BC
Posts: 6,101

My System Specs

Default Limit access to directories by user?

Last week I asked about a NAS, but we've had a situation here that's changed the way we think about access to our storage.

Long story short, we caught a now ex-employee with a USB stick full of company info 5 minutes after he gave his notice yesterday. Fortunately he didn't have any financial or project info, just all our safety manuals and procedures that he had compiled as part of his job.

So we now want to limit which users or IP addresses have access to which folders/directories on our storage.
1. Can we do this with a commercial NAS?
2. Are we looking at a server situation with logins?
3. If so, what server OS would you recommend? Our office PC's are a mixture of XP Pro and 7 Pro.

It's been a long time since my Netware 3.0 days, so your help is appreciated.
Reply With Quote
  #2 (permalink)  
Old October 16, 2013, 02:09 PM
AkG's Avatar
AkG AkG is offline
Hardware Canucks Reviewer
 
Join Date: Oct 2007
Posts: 4,308
Default

Near any consumer NAS will do basic folder share restrictions. But if you want something a bit more powerful, manageable, etc.... new WD Sentinel (DS5100 / 6100) would be very sweet kit. More like a mini-server than a NAS per say. Runs Windows Server 2012 Essentials (upgradeable to full on 2012). Xoen CPU. upgradeable ecc ram. uses ssd in R1 for its 'os' drive. 4 bays for storage. Decent kit. Of course HP, Dell and the like all make similar devices ...all comes down to how much IT staff you got and your budget. Easy enough to get Server 2012 and do a homebrew on the cheap. ;)
__________________
"If you ever start taking things too seriously, just remember that we are talking monkeys on an organic spaceship flying through the universe." -JR

“if your opponent has a conscience, then follow Gandhi. But if you enemy has no conscience, like Hitler, then follow Bonhoeffer.” - Dr. MLK jr
Reply With Quote
  #3 (permalink)  
Old October 16, 2013, 02:11 PM
SugarJ's Avatar
Moderator
F@H
 
Join Date: Jan 2008
Location: Langley, BC
Posts: 6,101

My System Specs

Default

IT Staff of 1 (me) and low to no budget as per usual.

EDIT: Looks like the QNAP TS-469L recommended last week should fit the bill. I can't find that new WD Sentinel available anywhere.

Last edited by SugarJ; October 16, 2013 at 02:43 PM.
Reply With Quote
  #4 (permalink)  
Old October 16, 2013, 04:33 PM
supaflyx3's Avatar
Hall Of Fame
F@H
 
Join Date: Jun 2010
Location: Chilliwack BC
Posts: 2,537

My System Specs

Default

I'm not sure what your data needs are, but SVN is also an option, but is only useful over other options if you and other staff edit files often.
__________________
Reply With Quote
  #5 (permalink)  
Old October 16, 2013, 07:01 PM
JD's Avatar
JD JD is offline
Moderator
F@H
 
Join Date: Jul 2007
Location: Toronto, ON
Posts: 6,926

My System Specs

Default

Even if you restrict access at the NAS level, they are still free to copy said information to a USB drive, unless you outright disable USB and deny majority of Internet access too.

But I agree with AkG, Windows Server 2012 Essentials (I would wait for R2 personally) is a great OS and would fit your needs perfectly. Build it around a simple dual-core setup, 4GB RAM, and as many HDD's you feel fit with whatever RAID you want. The management is truly effortless. I actually have R2 running and if you drop me a PM, I can set you up with remote access to it (also very easy to do) so you can "demo" it. Cost might be prohibitive though I guess and I think it's limited to 25 users? Or maybe its 40? Not sure off hand.

Going back to the QNAP, as I have that same model, it does have a LDAP server which I would imagine allows some sort of localized authentication. I'm not sure if you can "join" Windows machines to it though. I use Active Directory at home myself, so I've never bothered attempting to use it. I imagine if you setup local user accounts on the NAS with the same username/password that is used on each desktop, it would also work too, but obviously this is harder to manage, especially as people come and go.
Reply With Quote
  #6 (permalink)  
Old October 16, 2013, 08:16 PM
odis172's Avatar
Allstar
F@H
 
Join Date: Oct 2008
Location: Ottawa, ON
Posts: 683

My System Specs

Default

I have a synology and you can create a local user database, create network shares, then assign users privileges to those shares. If you want to get more complicated, there are advanced features and services you can activate to sync users and passwords from other systems.
__________________
Laptop: Lenovo T420 - Core i5 2520 - 8GB DDR3
Server: 2 xeon E5530 - Asus Z8N-D6 - 12GB DDR3 - 8x 500GB raid 50 - Perc 6/i - Compucase RA448A00
Reply With Quote
  #7 (permalink)  
Old October 16, 2013, 09:33 PM
SugarJ's Avatar
Moderator
F@H
 
Join Date: Jan 2008
Location: Langley, BC
Posts: 6,101

My System Specs

Default

Quote:
Originally Posted by JD View Post
Even if you restrict access at the NAS level, they are still free to copy said information to a USB drive, unless you outright disable USB and deny majority of Internet access too.
We're not going that far yet. It's mostly to keep anyone with access to our shop and shared foreman's computer from being too nosy about our estimating and quotes. All financial and payroll information is on another computer under lock and key. As long as I can keep access to 2 folders to a limited number of users, it will work fine.

Kind of locking the barn after the horse is stolen, but in the construction industry we're way behind. They finally started doing estimates on an Excel spreadsheet 5 years ago after I started.
Reply With Quote
Reply


Thread Tools
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Changing Directories jpark245 Guides & How-to's 7 December 2, 2012 03:25 PM
Really Pushing The 920 To Its Limit ! JORD4N CPU's and Motherboards 48 January 28, 2010 08:45 PM
Shaw limit Unknownm Off Topic 15 January 11, 2010 01:59 AM
How can I limit Bitlord...? Lamb Networking 21 April 24, 2009 06:59 PM
Cannot access certain websites, intermittent website access chrisk Networking 16 November 30, 2008 11:24 AM