New storage... what about file server
-
@gros96 sorry for the information overload. But you literally hit on the number one most famous topic in this community. We've written about it, done the math, written the books, hosted the conferences, lol. This is THE community for IT architecture.
-
@scottalanmiller said in New storage... what about file server:
@dashrender said in New storage... what about file server:
Are you sure? He said he had servers with internal storage... and now as a SC5020 - so sure, now he has a IPOD, but it sounds like before he was probably OK - each host was separate. Then the QNAP was a NAS file server.. and least that's the way I read it.
Oh maybe. QNAP has both SAN and NAS components. All garbage, of course. But it can do either.
Really we don't have enough information to know if he was using the QNAP for VM storage or not...
Since he mentioned the servers had local storage - I will admit I assumed the Servers (I also assumed they were using VMs) used the local storage for VMs and that the QNAP was solely to act as a file server for, you know - user files.. not VM files...
-
@scottalanmiller just out of curiosity what file server do you recommend with local storage for your average medium-sized business?
-
@eleceng said in New storage... what about file server:
@scottalanmiller just out of curiosity what file server do you recommend with local storage for your average medium-sized business?
On average, I recommend moving to something more modern like DropBox, Zoho WorkDrive, Sharepoint, etc. if hosted will work or something like NextCloud if you need to host your own. Avoiding file serving in general and moving to data-backed services is ideal, and then modern "cloud" storage for remaining files that cannot be modernized. Using files at all is a "failure mode" that we all have to deal with, but we want to minimize it.
Even if mapped drives are required, you can do that with the above. But we want to avoid that, that's a ransomware vector. Not that other things aren't. But it is THE ransomware vector.
If you absolutely must have a legacy mapped drive infrastructure then you have a lot of limitations and you basically have three options: Windows, Linux/BSD or a NAS (which is generally just someone else building option number two for you.)
When possible, I avoid Windows because it adds little to no benefit but takes more resources to manage and more to support and more to run. If I'm trying to modernize a business and not just get in and out quickly, then I want something more forward looking that's going to help them as much as possible move towards modernization even if it isn't immediate - basically I don't want to lock them into something unnecessary.
So unless given a solid reason to need Windows, Linux would be my first choice, with FreeBSD equally as good but with a lot less industry support. Linux has the broadest support of all - companies have no challenge all getting good Linux support anytime, Windows has just as many good support people out there but with millions of totally unqualified people in the pool as well making it all but impossible to find qualified people in the crowd.) So Ubuntu with Samba is generally what I deploy. It's easy to set up, easy to support, easy to get support, easy to support remotely, less costly through every part of the life cycle, no licensing overhead (which is 90% the human cost of managing the licenses) and more flexibility to do whatever needs to be done today or in the unforeseen future.
-
@scottalanmiller That's insightful and makes a lot of sense. Also, I never knew mapped drives were that much of a security risk.
I would say 95% of the customers I deal with still stand up new offices that way and have shared drives for the user base.
-
@eleceng said in New storage... what about file server:
Also, I never knew mapped drives were that much of a security risk.
Mapped drives, Active Directory and other 1990s "pre-Internet / LAN focused" legacy holdover techs are the only significant pathway for modern threats. They've become so valuable and easy as a target that the entire modern threat vector ecosystem is based around using them. Do other threats exist? Obviously, and lots of them.
But most traditional malware and essentially all ransomware rely solely on companies continuing to use these technologies decades after they were outdated conceptually. Companies that depend on these technologies tend to also be the ones that have poorly decoupled backups, don't take security seriously, don't update things, etc.
All of those techs can be secured and secured decently, but they represent huge unnecessary risks that very, very few companies actually benefit from. Most deploy them only because they are confused, and most only have them because they don't want to swallow the pill of modernizing.
-
@eleceng said in New storage... what about file server:
I would say 95% of the customers I deal with still stand up new offices that way and have shared drives for the user base.
Yup, of course. Remember that 85% of new companies fail, too. The average, and by average we mean 80-90%, of businesses are totally incompetent and clueless (and will almost certainly lose money and fail.) Likewise, as a business department, the average IT shop is terrible and does no research, lacks any training, and just does whatever a salesperson tells them to do or repeats a pattern they saw somewhere before.
So the expectation is that the worst patterns, like deploying legacy technologies, failing to take real backups, failing fundamental security, deploying IPODs and other well documented "anti-best practices", won't just happen, but will represent nearly all real world situations. IT, and business in general, is not a field that is filtered in any way, except by economics. So anyone who wants to claim to be qualified can do so, it is up to the customer to vet who they hire. And you know how little of that happens in this industry.
So companies, with CEOs that have no idea how business, let alone business infrastructure, should work, then hire random people with zero IT clue, and try to run their companies that way. And the entire IT reseller / vendor market has sprung up to prey on them. So because everyone does it, and all the money is made from selling crap to those people who aren't really evaluating what they buy.... so the entire market of vendors that you see are vendors selling to those people.
It's the "stupid rich" strategy as defined by CIA economist Scott Adams.
-
While it is never a good idea to avoid the crowd only because they are a crowd (a crowd will still run from a tsunami)...
The general rule in business is.... if most people (companies) are doing it, it's a very bad idea.
The majority almost always do really, really poor IT (and business in general.) They don't have good decision making processes, they have loads of internal politics (and probably corruption), they will likely fail either by becoming orbital or totally failing, they don't hire well, they never evaluate if they are succeeding or not, etc.
So don't avoid things simply because the majority of people do it, but if you find yourself doing what the majority does... you should stop and ask how the majority were able to find themselves doing something smart. It can happen, but it's very rare.
-
Now at really, really unhealthy businesses will prioritize internal politics over profits. This is a huge sign of corruption and is a violation of SEC law if you are publicly traded, but every big business does it and it is all but impossible to prove in court. So you are pretty free to do it. If you are in that situation, then you do what the majority does because there's zero IT involved and you are just, essentially, laundering money.
-
WOW @scottalanmiller thats a lot to take in, will take someone a week to read and digest all that lol
But all good. -
@hobbit666 said in New storage... what about file server:
WOW @scottalanmiller thats a lot to take in, will take someone a week to read and digest all that lol
But all good.If it helps it to make more sense.... remember that business is all about offering something special. If you just do what everyone else does, business can't work. You have to go above and beyond to succeed. So since IT is just business, the same applies. our job is to be significantly better than if someone wasn't doing something special. Therefore if everyone is doing something, it can't be that.