Western Digital My Cloud DL4100 Business NAS Review
by Ganesh T S on March 4, 2015 5:30 AM EST- Posted in
- NAS
- Storage
- Western Digital
- Enterprise
Encryption Support Evaluation
Consumers looking for encryption capabilities can opt to encrypt a iSCSI share with TrueCrypt or some in-built encryption mechanism in the client OS. However, if requirements dictate that the data must be shared across multiple users / computers, relying on encryption in the NAS is the best way to move forward. Most NAS vendors use the industry-standard 256-bit AES encryption algorithm. One approach is to encrypt only a particular shared folder while the other approach is to encrypt the full volume. Western Digital supports encryption on a volume basis only.
On the hardware side, encryption support can be in the form of specialized hardware blocks in the SoC (common in ARM / PowerPC based NAS units). In x86-based systems, accelerated encryption support is dependent on whether the AES-NI instruction is available on the host CPU. Rangeley SoCs have AES-NI support and the performance difference between the encrypted and non-encrypted volumes can be expected to be reasonable.
Read transactions don't have much penalty, but writes to encrypted volumes are much slower compared to non-encrypted volumes. For example, there is a 20 MBps difference in our standard robocopy test of writing a Blu-ray folder to the NAS. Compared to other NAS units, the raw numbers are very good, thanks to the hardware acceleration available. If other Rangeley-based units such as the Synology DS415+ or the Seagate NAS Pro 4-bay are considered, the numbers are more or less the same.
In our first pass with the NASPT benchmark, we saw that the mapped CIFS share from the encrypted volume randomly disconnected from the client during the middle of the fourth pass (the NASPT batch run has five passes of each test). Unfortunately, this was again not a repeatable issue, as our second batch run completed without problems.
Facebook
Twitter
RSS
27 Comments
View All Comments
kepstin - Wednesday, March 4, 2015 - link
Hmm, you say "the board must definitely be sporting a PCIe - USB 3.0 bridge", but then don't bother to look up the PCI ids from the lspci output. The device "1b21" "1142" is an ASMedia ASM1042A USB 3.0 Host Controller.pwr4wrd - Wednesday, March 4, 2015 - link
Building a custom FreeNas or Nas4Free box depending on your needs is a much better solution than any one of these anemic underpowered and overpriced solutions. Presence of ZFS on FreeNas is by far the most critically important aspect. If data loss prevention and integrity top priority, which should be, there are two great articles by Robin Harris. These articles are titled "Has Raid5 Stopped working?" and "Why Raid5 stops working in 2009" can be found with a quick search. Mr. Harris clearly explains the inadequacy of Raid5 and 6 as viable storage solutions. As far as I am concerned, most of these off the shelf units are not good options for data safety. Considering the rock solid encryption option ZFS offers its value becomes even more important.Black Obsidian - Wednesday, March 4, 2015 - link
People considering COTS NAS boxes are doing so either because they're a business that needs real support, or a consumer who needs ease-of-use and hand-holding, all of which being areas that a custom FreeNAS/Nas4Free box utterly fails to deliver. While both are great products, their target market doesn't have much overlap with the target market of these COTS boxes.The articles by Robin Harris are unimpressive. He assumes that the advertised BER is a maximum, where in fact it appears to be a minimum (and several consumer lines advertise higher than 10^14 anyway). He also over-dramatizes an array rebuild failure due to read error; in that event, you simply create a new array from scratch and restore data from backups, since unlike Harris, you remember that RAID is a solution for AVAILABILITY, not backup.
pwr4wrd - Wednesday, March 4, 2015 - link
I see your points. Our data is very important to us at our business. So we have to approach things as worst case scenario possibility. And some arguments made here make no sense. For businesses that NEED serious support this is NOT that SERIOUS of a product. And yes FreeNas does offer home/soho version of the product that was very well reviewed. For the individual that needs "hand-holding" availability of RAID means next to nothing. A simple back up drive from costco would do fine.Spoogie - Wednesday, March 4, 2015 - link
This has been debunked, which is why ZFS adoption has not taken hold.http://www.high-rely.com/blog/why-raid-5-stops-wor...
pbrutsche - Wednesday, March 4, 2015 - link
Sorry, that link doesn't explain why ZFS hasn't taken hold.Spoogie - Wednesday, March 4, 2015 - link
The fact that IT pros haven't adopted it in in spite of this sort of debunked fear mongering makes it pretty clear. Don't believe it? Fine, then use ZFS if it makes you feel better.pwr4wrd - Wednesday, March 4, 2015 - link
How can you fear monger in order to capitalize on a free product?dave_the_nerd - Wednesday, March 4, 2015 - link
It's not free if you have to buy a support contract and consulting services from iXSystems.dave_the_nerd - Wednesday, March 4, 2015 - link
Are you running your business without support agreements/maintenance contracts on your servers? *horror*