Nextcloud doubts



  • One of my friends was looking for a self hosted storage solution and i suggested NextCloud.

    He had few doubts regarding that, I didn't get much time to check on this but thought of posting it here.

    What does the community/free edition lacks compared to the enterprise version. I didnt see a comparison list on the site. The guy wants to setup for a small office of 50 users, he want to add a local NextCloud server and another nextcloud in a dc to sync from the local.

    He also asked about ransomware risks.



  • Assuming you don't use the end-user sync client you don't have to worry about cryptoware... A virus wouldn't have access to the data directly.
    What I dont know is how you work with those files without first downloading them to the local computer then edit then reupload via the website.



  • His plan is to use sync clients on local machines, syncing to the local server. Then from the local NextCloud to the remote Nextcloud in the dc (I assume NextCloud to NextCloud sync is possible!)



  • Other than OneDrive, I don't think NextCloud integrates directly into word, excel, etc... So not using the local sync client makes things much harder.



  • @Ambarishrh said in Nextcloud doubts:

    His plan is to use sync clients on local machines, syncing to the local server. Then from the local NextCloud to the remote Nextcloud in the dc (I assume NextCloud to NextCloud sync is possible!)

    Then you are completely open to crypto attacks.
    Same goes for OneDrive synced.



  • @Dashrender said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    His plan is to use sync clients on local machines, syncing to the local server. Then from the local NextCloud to the remote Nextcloud in the dc (I assume NextCloud to NextCloud sync is possible!)

    Then you are completely open to crypto attacks.
    Same goes for OneDrive synced.

    Or using a CIFS/NFS file server. The only real protection against cryptolocker-esque systems is a good backup.



  • @coliver said in Nextcloud doubts:

    @Dashrender said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    His plan is to use sync clients on local machines, syncing to the local server. Then from the local NextCloud to the remote Nextcloud in the dc (I assume NextCloud to NextCloud sync is possible!)

    Then you are completely open to crypto attacks.
    Same goes for OneDrive synced.

    Or using a CIFS/NFS file server. The only real protection against cryptolocker-esque systems is a good backup.

    Exactly, but if you use OneDrive integration with Office, you also don't worry about cryptoware.

    But if using non MS products, I'm not sure there is any integration available.



  • @Dashrender said in Nextcloud doubts:

    @coliver said in Nextcloud doubts:

    @Dashrender said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    His plan is to use sync clients on local machines, syncing to the local server. Then from the local NextCloud to the remote Nextcloud in the dc (I assume NextCloud to NextCloud sync is possible!)

    Then you are completely open to crypto attacks.
    Same goes for OneDrive synced.

    Or using a CIFS/NFS file server. The only real protection against cryptolocker-esque systems is a good backup.

    Exactly, but if you use OneDrive integration with Office, you also don't worry about cryptoware.

    But if using non MS products, I'm not sure there is any integration available.

    That's true. Or only use the new libreoffice integration with NextCloud. Not sure how far along they are with that though.

    It also assumes that they only use Microsoft products and don't need access to anything else.



  • @coliver said in Nextcloud doubts:

    The only real protection against cryptolocker-esque systems is a good backup.

    Oh, and that synced copy at the remote DC is not a backup in this case... It would just replicate the encrypted files over there too.

    Beat you could hope for would be versioning.



  • @Dashrender said in Nextcloud doubts:

    @coliver said in Nextcloud doubts:

    The only real protection against cryptolocker-esque systems is a good backup.

    Oh, and that synced copy at the remote DC is not a backup in this case... It would just replicate the encrypted files over there too.

    Beat you could hope for would be versioning.

    Versioning would help but it isn't really a backup.



  • @coliver said in Nextcloud doubts:

    @Dashrender said in Nextcloud doubts:

    @coliver said in Nextcloud doubts:

    The only real protection against cryptolocker-esque systems is a good backup.

    Oh, and that synced copy at the remote DC is not a backup in this case... It would just replicate the encrypted files over there too.

    Beat you could hope for would be versioning.

    Versioning would help but it isn't really a backup.

    Of course not. 🙂



  • So what could be the possible safe options? Ofcourse first step would be lock down workstations, proper end point protection etc but how can we make sure that using a second nextcloud doesnt really affect when the primary is affected or are there no options in this case?



  • @Ambarishrh said in Nextcloud doubts:

    One of my friends was looking for a self hosted storage solution and i suggested NextCloud.

    He had few doubts regarding that, I didn't get much time to check on this but thought of posting it here.

    What does the community/free edition lacks compared to the enterprise version. I didnt see a comparison list on the site. The guy wants to setup for a small office of 50 users, he want to add a local NextCloud server and another nextcloud in a dc to sync from the local.

    He also asked about ransomware risks.

    You can do all of the things your friend wants for file sharing.

    Crypto mitigation is not solved by any sync service. That comes to backups.



  • @Ambarishrh said in Nextcloud doubts:

    So what could be the possible safe options? Ofcourse first step would be lock down workstations, proper end point protection etc but how can we make sure that using a second nextcloud doesnt really affect when the primary is affected or are there no options in this case?

    There are no options. It's the nature of syncing that makes this a problem.

    Real backs are completely different in that they are a snapshot in time, and that snapshot is unchangeable.



  • Got it! What about the difference between the free and enterprise version of NextCloud? And I hope syncing between 2 NC servers are possible



  • The use of NextCloud at the remote datacenter is almost entirely about availability, if not completely about that.

    If you can live with downtime if your local device has an issue or your internet is down. Then I'd skip the DC install. In any case, you need a backup solution for the NextCloud server.



  • Support is the only difference that I am aware of. The Enterprise version includes support in the license whereas the Community version does not.



  • @Ambarishrh said in Nextcloud doubts:

    What does the community/free edition lacks compared to the enterprise version.

    Nothing. Only support. There is only one product. 100% open source, that was one of the reasons that they split from ownCloud.



  • @scottalanmiller said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    What does the community/free edition lacks compared to the enterprise version.

    Nothing. Only support. There is only one product. 100% open source, that was one of the reasons that they split from ownCloud.

    So it's like RHEL 🙂



  • @scottalanmiller said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    What does the community/free edition lacks compared to the enterprise version.

    Nothing. Only support. There is only one product. 100% open source, that was one of the reasons that they split from ownCloud.

    And I will be rightfully skeptical for a year or so, until they prove they can maintain this model.



  • @Ambarishrh said in Nextcloud doubts:

    He also asked about ransomware risks.

    Depends how he sets it up. It has versioning and you back up the whole thing. You can use BtrFS and snap the system internally quickly and often.



  • @Ambarishrh said in Nextcloud doubts:

    And I hope syncing between 2 NC servers are possible

    This has been a feature of ownCloud for a few years. SO of course it was in the code at the fork to NextCloud



  • @Ambarishrh said in Nextcloud doubts:

    So what could be the possible safe options? Ofcourse first step would be lock down workstations, proper end point protection etc but how can we make sure that using a second nextcloud doesnt really affect when the primary is affected or are there no options in this case?

    If they sync to each other, then one infects the other. That's how replication works.



  • @Dashrender said in Nextcloud doubts:

    @scottalanmiller said in Nextcloud doubts:

    @Ambarishrh said in Nextcloud doubts:

    What does the community/free edition lacks compared to the enterprise version.

    Nothing. Only support. There is only one product. 100% open source, that was one of the reasons that they split from ownCloud.

    So it's like RHEL 🙂

    Yes


Log in to reply