Synology NAS solutions questions

bikegremlinbikegremlin ModeratorOGContent Writer
edited August 2023 in Technical

There are threads touching upon this topic, but it they are old.
https://lowendspirit.com/discussion/3721/your-advice-how-to-store-20-tb-of-data-raid-array-at-home/p1
https://lowendspirit.com/discussion/4170/building-a-home-plex-server

I am considering to get a NAS for backups. Could people with experience with Synology chime in and correct me if I got something wrong?

  • It would be cool for it to be idiot-friendly, and easy to reach via Internet.
  • Ideally, have two separate units, at two separate locations, sync with each other (or have one "main" and another one that syncs with it) - as I don't consider any RAID to be reliable enough as a backup, especially in case of theft or fire and similar.
  • Full volume encryption would be very, very practical and welcome.
  • Being able to play a 1080p mp4 film from it, without having to FTP-dowload the film would be nice, but not a must-have.

It is my understanding that Synology's DSM 7.2 offers a full-volume encryption.
https://kb.synology.com/en-global/DSM/tutorial/Which_models_support_encrypted_volumes

Questions:

1)
How does Synology's SHR RAID (so, not their SHR2) play with non-Synology hard disks (I'm eyeing Seagate IronWolf Pro NAS 8TB drives)?

They seem to "stongly discourage" the use of non-Synology drives with their SHR RAID - and say that one should use third-party drives with "classic" RAID (like RAID5 and similar).

2)
Does it make any sense whatsoever to go with a model that has 8GB of RAM?

Comparing the prices of DiskStation DS923+ and DiskStation DS1522+, one difference seems to be the extra RAM (923+ has 4GB, 1522+ has 8GB).

Right now, my best man Gox and I have under 8 TB of data worth storing, but that will grow over time. I was thinking about getting three 8TB drives in RAID5 (or Synology SHR if possible with third-party drives), then add one more 8TB drive if needed (Synology should let me do this and expand the volumes if I got it all correctly).

1522+ has more room for expansion, but I don't think we will use up the storage provided by 923+ in the next 5 to 10 years (though there is no amount of memory that human stupidity can't fill up).

I would rather not mess with building a NAS using desktop or similar stuff. If Synology software is as good as it sounds, it's worth the extra price IMO.

Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews

Comments

  • FAT32FAT32 OGSenpai

    1) Works perfectly fine, no issues with third party disks, it is basically just LVM under the hood)
    2) Buy one that allow you to upgrade RAM, anything 16GB or above (after own upgrade) you will be bottlenecked by CPU anyway

    Generally I have been very happy with my Synology, adding a NVMe RAID to store all your Docker containers or VMs make it really snappy. UI have been really easy for non tech-savvy people

    The only disadvantage is the full volume encryption's key is default to be stored on the same device, so anyone who stole the whole unit can still decrypt it

    Currently the best setup that works for me is self-host a remote key management system (KMIP Server) so Synology connects to it. Even if the server is offline you can manually unlock it using the .key file it generated

    Thanked by (1)bikegremlin

    食之无味 弃之可惜 - Too arduous to relish, too wasteful to discard.

  • bdlbdl OG
    edited August 2023

    This script helps with both NVMe RAID and non-official storage :) https://github.com/007revad/Synology_HDD_db

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @FAT32 said:
    1) Works perfectly fine, no issues with third party disks, it is basically just LVM under the hood)
    2) Buy one that allow you to upgrade RAM, anything 16GB or above (after own upgrade) you will be bottlenecked by CPU anyway

    Generally I have been very happy with my Synology, adding a NVMe RAID to store all your Docker containers or VMs make it really snappy. UI have been really easy for non tech-savvy people

    The only disadvantage is the full volume encryption's key is default to be stored on the same device, so anyone who stole the whole unit can still decrypt it

    Currently the best setup that works for me is self-host a remote key management system (KMIP Server) so Synology connects to it. Even if the server is offline you can manually unlock it using the .key file it generated

    Sorry if it's a stupid question:

    Is it not possible to just "mount" the drive/volume using a password (and have it require the password after having been turned off)?

    Regarding RAM:
    I don't plan to run any VMs.
    Just host backup files, and occasionally watch an .mp4 film from the storage.

    Do you thing 4 GB should suffice for that, or should I look for 8 (or 8 + expansion module with another 8 GB)?

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • bdlbdl OG
    edited August 2023

    4GB is fine, also stay away from any SMR drives. The Ironwolfs or Ironwolf Pros are fine, WD Reds are the ones to avoid. 923+ sounds good for your current use, you can always upgrade to a newer unit in future and the 923+ can be your backup NAS. Synology has a built in program called Hyperbackup (basically rsync behind the scenes) which enables one click backup of NAS to NAS/B2/other cloud storage.

    You can also add more ram to the 923+ in the future should your requirements change.

    For file sharing just share the data as a NFS/SMB share and your clients can see it that way

    If you don't want prebuilt there is also openmediavault, unraid and/or freenas to look at

    Thanked by (1)bikegremlin
  • FAT32FAT32 OGSenpai

    @bikegremlin said:
    Sorry if it's a stupid question:

    Is it not possible to just "mount" the drive/volume using a password (and have it require the password after having been turned off)?

    Regarding RAM:
    I don't plan to run any VMs.
    Just host backup files, and occasionally watch an .mp4 film from the storage.

    Do you thing 4 GB should suffice for that, or should I look for 8 (or 8 + expansion module with another 8 GB)?

    Nope I have similar concerns as what you have now before I own one

    That would be the old folder based encryption with a lot more limitations. Sadly Synology seem to only focus on 2 options now:

    1. Auto decrypt on boot (Honestly I feel this just makes full volume encryption pointless)
    2. Decrypt using remote KMIP server (For this, my trick is to just setup the server once for it to "validate". In subsequent reboot when KMIP server is no longer reachable, manually decrypt in the WebUI using the .key file that were obtained during creation step)

    4GB should be sufficient but in my opinion additional RAM is very helpful for cache. Consumer SSD as a cache is quite bad as it can wear out quickly.

    If the price for both your options (1522+ vs 923+) doesn't differ by too much, go for 1522+ as it comes with 1 more HDD slot, 1 more eSATA port and 2 more RJ45 port, which is very good for expansion (RAM is the less significant "pro" here as you can also do 4+4GB on your 923+)

    Thanked by (1)bikegremlin

    食之无味 弃之可惜 - Too arduous to relish, too wasteful to discard.

  • Run XPnology on a standard x64 PC and you get the best of both worlds.

    Thanked by (1)bikegremlin

    The all seeing eye sees everything...

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @terrorgen said:
    Run XPnology on a standard x64 PC and you get the best of both worlds.

    I would rather avoid that, for several reasons (running a basically desktop PC and dealing with non-static IP connections to it).

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said:

    @terrorgen said:
    Run XPnology on a standard x64 PC and you get the best of both worlds.

    I would rather avoid that, for several reasons (running a basically desktop PC and dealing with non-static IP connections to it).

    Curious, besides the hardware, what is the difference?

    XPEnology is basically the OS Synology uses. Synology is forced to release the software to the public because GPL.

    The all seeing eye sees everything...

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @terrorgen said:

    @bikegremlin said:

    @terrorgen said:
    Run XPnology on a standard x64 PC and you get the best of both worlds.

    I would rather avoid that, for several reasons (running a basically desktop PC and dealing with non-static IP connections to it).

    Curious, besides the hardware, what is the difference?

    XPEnology is basically the OS Synology uses. Synology is forced to release the software to the public because GPL.

    Hardware is one thing - not a small one (decent quality hardware may be cheaper for lower performance, but isn't free). There's also the size and space needed (physical).

    Also, connecting remotely to the NAS over a home non-static IP is another potential problem. I'd like to go with as close to set-and-forget and plug-and-play as possible.

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said: Hardware is one thing - not a small one (decent quality hardware may be cheaper for lower performance, but isn't free). There's also the size and space needed (physical)

    I can see that.

    @bikegremlin said: Also, connecting remotely to the NAS over a home non-static IP is another potential problem. I'd like to go with as close to set-and-forget and plug-and-play as possible.

    This is nothing specific to {Sy,XPE}nology though. You'll need DDNS, which {Sy,XPE}nology conveniently provides a UI for it.

    Thanked by (1)bikegremlin

    The all seeing eye sees everything...

  • Would be possible to translate the usage of such setup to a dentist? Thanks.

    Thanked by (1)bikegremlin

    I believe in good luck. Harder that I work ,luckier i get.

  • bikegremlinbikegremlin ModeratorOGContent Writer
    edited August 2023

    @FAT32 said:

    @bikegremlin said:
    Sorry if it's a stupid question:

    Is it not possible to just "mount" the drive/volume using a password (and have it require the password after having been turned off)?

    Regarding RAM:
    I don't plan to run any VMs.
    Just host backup files, and occasionally watch an .mp4 film from the storage.

    Do you thing 4 GB should suffice for that, or should I look for 8 (or 8 + expansion module with another 8 GB)?

    Nope I have similar concerns as what you have now before I own one

    That would be the old folder based encryption with a lot more limitations. Sadly Synology seem to only focus on 2 options now:

    1. Auto decrypt on boot (Honestly I feel this just makes full volume encryption pointless)
    2. Decrypt using remote KMIP server (For this, my trick is to just setup the server once for it to "validate". In subsequent reboot when KMIP server is no longer reachable, manually decrypt in the WebUI using the .key file that were obtained during creation step)

    4GB should be sufficient but in my opinion additional RAM is very helpful for cache. Consumer SSD as a cache is quite bad as it can wear out quickly.

    If the price for both your options (1522+ vs 923+) doesn't differ by too much, go for 1522+ as it comes with 1 more HDD slot, 1 more eSATA port and 2 more RJ45 port, which is very good for expansion (RAM is the less significant "pro" here as you can also do 4+4GB on your 923+)

    I've further looked into this - both the auto decrypt on boot and the KMIP.

    Correct me if I'm wrong, but this seems like it was designed by idiots (pardon for the harsh language).
    You could steal the NAS and get all the data.
    Or, if KMIP is used - if KMIP unit fails or gets stolen, your encrypted data is lost - correct?

    This looks like a deal-breaker from my point of view.

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @Chievo said:
    Would be possible to translate the usage of such setup to a dentist? Thanks.

    Store and backup data you don't won't unauthorized people to see.
    And share some family photos and films (this needn't be encrypted, but should be preserved, i.e. backed up).

    Thanked by (1)Chievo

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said:

    @Chievo said:
    Would be possible to translate the usage of such setup to a dentist? Thanks.

    Store and backup data you don't won't unauthorized people to see.
    And share some family photos and films (this needn't be encrypted, but should be preserved, i.e. backed up).

    Interesting ! Many thanks for explaining it :)

    Thanked by (1)bikegremlin

    I believe in good luck. Harder that I work ,luckier i get.

  • havochavoc OGContent Writer

    @bikegremlin said:

    Also, connecting remotely to the NAS over a home non-static IP is another potential problem

    You can probably you use a VPS to get around that. Haven't tried it but NAS connecting to vps with wireguard and you connecting to same should work.

    Alternatively I know clouflare tunnels can get around the dynamic ip issue, but unsure if they'll freak out re loads of video data.

    And then there is classic dyndns

  • bdlbdl OG
    edited August 2023

    @havoc said:

    @bikegremlin said:

    Also, connecting remotely to the NAS over a home non-static IP is another potential problem

    You can probably you use a VPS to get around that. Haven't tried it but NAS connecting to vps with wireguard and you connecting to same should work.

    Alternatively I know clouflare tunnels can get around the dynamic ip issue, but unsure if they'll freak out re loads of video data.

    And then there is classic dyndns

    Tailscale https://pkgs.tailscale.com/stable/#spks

    re: xpenology/syno - I used to have one syno and an xpen as a backup NAS and then upgraded the synology to a newer model, kept old one for backup and then the backup xpenology as a backup backup NAS.

    I was using Synology's Hyperbackup for ease of use, but have been migrating to Duplicacy (https://forum.duplicacy.com/t/duplicacy-web-edition-1-7-2-releases/7323)

  • bikegremlinbikegremlin ModeratorOGContent Writer

    A moment of inspiration: :)

    Thanked by (1)Chievo

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said:
    A moment of inspiration: :)

    Smoking serbijan tobacco packet near the nice bike :)

    I believe in good luck. Harder that I work ,luckier i get.

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @Chievo said:

    @bikegremlin said:
    A moment of inspiration: :)

    Smoking serbijan tobacco packet near the nice bike :)

    For Serbian standards: while it is not in the bin, it is near enough!
    :)

    Thanked by (1)Chievo

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • @bikegremlin said:
    A moment of inspiration: :)

    I see no gremlin :'(

    Thanked by (2)bikegremlin FrankZ
  • @bdl said:

    @bikegremlin said:
    A moment of inspiration: :)

    I see no gremlin :'(

    How are the serbian bike roads??? How is the quality?

    I believe in good luck. Harder that I work ,luckier i get.

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @Chievo said:

    @bdl said:

    @bikegremlin said:
    A moment of inspiration: :)

    I see no gremlin :'(

    How are the serbian bike roads??? How is the quality?

    The best - all the bikes from Germany and Austria go here!

    :)

    Thanked by (1)Chievo

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • FAT32FAT32 OGSenpai
    edited August 2023

    @bikegremlin said:
    I've further looked into this - both the auto decrypt on boot and the KMIP.

    Correct me if I'm wrong, but this seems like it was designed by idiots (pardon for the harsh language).
    You could steal the NAS and get all the data.
    Or, if KMIP is used - if KMIP unit fails or gets stolen, your encrypted data is lost - correct?

    This looks like a deal-breaker from my point of view.

    Sorry I forgot to answer this question.

    Yes I agree that it is a bummer that they implemented it this way. Yes there's a risk that when KMIP unit fails / gets stolen the encrypted data is lost.

    However, this is what happened when you create an encrypted volume via KMIP:

    1. Setup a KMIP server, this is a good open source solution: https://github.com/rnurgaliyev/kmip-server-dsm
    2. Configure your DSM to store key in this KMIP server instead of locally
    3. Create an encrypted volume in Synology DSM
    4. Synology DSM will prompt to download a .key file for manual decryption if necessary in the future
    5. Synology will store the key in KMIP server

    In this case, the key is always stored at 2 places (1 in KMIP, another in your local device / laptop / mobile). When your Synology boot, it will first try to reach the KMIP server to auto decrypt on boot. If this failed, you can go to Synology DSM to manually decrypt it by uploading the .key file.

    To be safe, you can encrypt the KMIP Server data / the .key file using VeraCrypt or similar mechanism so it is securely stored unless you have the password.

    It is not user friendly for non-tech savvy, but it is a workaround that is useful enough that it is not a deal breaker for me

    Thanked by (2)FrankZ bikegremlin

    食之无味 弃之可惜 - Too arduous to relish, too wasteful to discard.

  • bikegremlinbikegremlin ModeratorOGContent Writer
    edited August 2023

    @FAT32 said:

    @bikegremlin said:
    I've further looked into this - both the auto decrypt on boot and the KMIP.

    Correct me if I'm wrong, but this seems like it was designed by idiots (pardon for the harsh language).
    You could steal the NAS and get all the data.
    Or, if KMIP is used - if KMIP unit fails or gets stolen, your encrypted data is lost - correct?

    This looks like a deal-breaker from my point of view.

    Sorry I forgot to answer this question.

    Yes I agree that it is a bummer that they implemented it this way. Yes there's a risk that when KMIP unit fails / gets stolen the encrypted data is lost.

    However, this is what happened when you create an encrypted volume via KMIP:

    1. Setup a KMIP server, this is a good open source solution: https://github.com/rnurgaliyev/kmip-server-dsm
    2. Configure your DSM to store key in this KMIP server instead of locally
    3. Create an encrypted volume in Synology DSM
    4. Synology DSM will prompt to download a .key file for manual decryption if necessary in the future
    5. Synology will store the key in KMIP server

    In this case, the key is always stored at 2 places (1 in KMIP, another in your local device / laptop / mobile). When your Synology boot, it will first try to reach the KMIP server to auto decrypt on boot. If this failed, you can go to Synology DSM to manually decrypt it by uploading the .key file.

    To be safe, you can encrypt the KMIP Server data / the .key file using VeraCrypt or similar mechanism so it is securely stored unless you have the password.

    It is not user friendly for non-tech savvy, but it is a workaround that is useful enough that it is not a deal breaker for me

    Thank you for the explanation. I agree that is the best way to do it as it is now.

    I intend to wait a bit to see if they'll figure out how stupid their current key storage system is and fix it, as well as to hear feedback on how the HAT3300-8T and HAT3300-12T hard disks perform (the 12TB version is with helium so it could be less noisy despite having "higher revs"). My current pick for drives is Seagate Ironwolf, but if these are at least a bit more quiet, even if slower, and reliable enough - they are worth considering. The price in Germany seems to be on par with the Ironwolf, and it is my understanding that Seagate builds these for Synology.

    Synology Plus (HAT3300) drive series specs:
    https://www.synology.com/en-us/products/drives/hdd/plus-hat#specs

    Looking for a not-too noisy and idiot-friendly solution, that is still secure enough in case of theft.

    Edit:
    If the full volume encryption remains broken, I suppose I could use encrypted folders, and store non-compressed archives there, just to avoid any path-length-limit problems?

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • FAT32FAT32 OGSenpai

    @bikegremlin said:
    Thank you for the explanation. I agree that is the best way to do it as it is now.

    I intend to wait a bit to see if they'll figure out how stupid their current key storage system is and fix it, as well as to hear feedback on how the HAT3300-8T and HAT3300-12T hard disks perform (the 12TB version is with helium so it could be less noisy despite having "higher revs"). My current pick for drives is Seagate Ironwolf, but if these are at least a bit more quiet, even if slower, and reliable enough - they are worth considering. The price in Germany seems to be on par with the Ironwolf, and it is my understanding that Seagate builds these for Synology.

    Synology Plus (HAT3300) drive series specs:
    https://www.synology.com/en-us/products/drives/hdd/plus-hat#specs

    Looking for a not-too noisy and idiot-friendly solution, that is still secure enough in case of theft.

    I am using third-party disks as I dont want to pay for the premium (WD Ultrastar, Toshiba N300), both Helium. The noise is not bad because I store it inside a cabinet. I prefer getting drives from different vendor / models as it helps to reduce the risk of all disks failing at the same time. For some reason I dont have much luck on Seagate (all failed within 1 year) but would recommend the following:

    • WD Red Pro
    • WD Ultrastar
    • WD Gold
    • Toshiba N300
    • Toshiba Enterprise (MG Series)
    • Seagate EXOS

    The 5 year warranty on Enterprise drives mean you have less to worry about, can just send in RMA to get a replacement if anything goes wrong

    Thanked by (1)bikegremlin

    食之无味 弃之可惜 - Too arduous to relish, too wasteful to discard.

  • bikegremlinbikegremlin ModeratorOGContent Writer

    @FAT32 said:

    @bikegremlin said:
    Thank you for the explanation. I agree that is the best way to do it as it is now.

    I intend to wait a bit to see if they'll figure out how stupid their current key storage system is and fix it, as well as to hear feedback on how the HAT3300-8T and HAT3300-12T hard disks perform (the 12TB version is with helium so it could be less noisy despite having "higher revs"). My current pick for drives is Seagate Ironwolf, but if these are at least a bit more quiet, even if slower, and reliable enough - they are worth considering. The price in Germany seems to be on par with the Ironwolf, and it is my understanding that Seagate builds these for Synology.

    Synology Plus (HAT3300) drive series specs:
    https://www.synology.com/en-us/products/drives/hdd/plus-hat#specs

    Looking for a not-too noisy and idiot-friendly solution, that is still secure enough in case of theft.

    I am using third-party disks as I dont want to pay for the premium (WD Ultrastar, Toshiba N300), both Helium. The noise is not bad because I store it inside a cabinet. I prefer getting drives from different vendor / models as it helps to reduce the risk of all disks failing at the same time. For some reason I dont have much luck on Seagate (all failed within 1 year) but would recommend the following:

    • WD Red Pro
    • WD Ultrastar
    • WD Gold
    • Toshiba N300
    • Toshiba Enterprise (MG Series)
    • Seagate EXOS

    The 5 year warranty on Enterprise drives mean you have less to worry about, can just send in RMA to get a replacement if anything goes wrong

    The “folder” encrypt option seems to be allowing you to not store the key on the NAS.
    A lot more performance lost, but it should be secure enough.

    I’ve had very good experience with Toshiba so far. The prices are good too.

    Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
    BikeGremlin's web-hosting reviews

  • FAT32FAT32 OGSenpai

    @bikegremlin said:
    The “folder” encrypt option seems to be allowing you to not store the key on the NAS.
    A lot more performance lost, but it should be secure enough.

    I’ve had very good experience with Toshiba so far. The prices are good too.

    Yup that's what I use before moving to full volume encryption. The biggest issue with that for me is there's a character limit of 143 characters (or 47 Unicode characters, which is quite easy to hit), some metadata is not encrypted as well. I didnt do any benchmark but full volume encryption should be faster.

    Mix and match different brands so you can see which one last longer :)

    食之无味 弃之可惜 - Too arduous to relish, too wasteful to discard.

  • bdlbdl OG
    edited August 2023

    @bikegremlin said:

    @FAT32 said:

    @bikegremlin said:
    I've further looked into this - both the auto decrypt on boot and the KMIP.

    Correct me if I'm wrong, but this seems like it was designed by idiots (pardon for the harsh language).
    You could steal the NAS and get all the data.
    Or, if KMIP is used - if KMIP unit fails or gets stolen, your encrypted data is lost - correct?

    This looks like a deal-breaker from my point of view.

    Sorry I forgot to answer this question.

    Yes I agree that it is a bummer that they implemented it this way. Yes there's a risk that when KMIP unit fails / gets stolen the encrypted data is lost.

    However, this is what happened when you create an encrypted volume via KMIP:

    1. Setup a KMIP server, this is a good open source solution: https://github.com/rnurgaliyev/kmip-server-dsm
    2. Configure your DSM to store key in this KMIP server instead of locally
    3. Create an encrypted volume in Synology DSM
    4. Synology DSM will prompt to download a .key file for manual decryption if necessary in the future
    5. Synology will store the key in KMIP server

    In this case, the key is always stored at 2 places (1 in KMIP, another in your local device / laptop / mobile). When your Synology boot, it will first try to reach the KMIP server to auto decrypt on boot. If this failed, you can go to Synology DSM to manually decrypt it by uploading the .key file.

    To be safe, you can encrypt the KMIP Server data / the .key file using VeraCrypt or similar mechanism so it is securely stored unless you have the password.

    It is not user friendly for non-tech savvy, but it is a workaround that is useful enough that it is not a deal breaker for me

    Thank you for the explanation. I agree that is the best way to do it as it is now.

    I intend to wait a bit to see if they'll figure out how stupid their current key storage system is and fix it, as well as to hear feedback on how the HAT3300-8T and HAT3300-12T hard disks perform (the 12TB version is with helium so it could be less noisy despite having "higher revs"). My current pick for drives is Seagate Ironwolf, but if these are at least a bit more quiet, even if slower, and reliable enough - they are worth considering. The price in Germany seems to be on par with the Ironwolf, and it is my understanding that Seagate builds these for Synology.

    Synology Plus (HAT3300) drive series specs:
    https://www.synology.com/en-us/products/drives/hdd/plus-hat#specs

    Looking for a not-too noisy and idiot-friendly solution, that is still secure enough in case of theft.

    Edit:
    If the full volume encryption remains broken, I suppose I could use encrypted folders, and store non-compressed archives there, just to avoid any path-length-limit problems?

    Honestly - just get Ironwolf's and be done with it. With the money you save you can get a spare. Maybe buy from different stores so you get a range of serial numbers/batches. With the script I posted above you can use any drives and it marks it them as fine with the Synology - https://github.com/007revad/Synology_HDD_db - I just run it before and after each update. Synology has some arrangement with Seagate as they have extra Ironwolf health check support in the firmware but it's much of a muchness.

    If you want silence the enterprise drives ones are usually louder, too.

    I'm against WD Reds because of the SMR WD Red mess a few years ago and often Ironwolf's are cheaper in my region anyway.

    Oh, and if you do go Synology always update the firmware/OS of the unit a few weeks after it's released - I always check reddit first to make sure it hasn't nuked the early adopters.

    Thanked by (1)bikegremlin
Sign In or Register to comment.