Hello all,
I have a few questions about immutable backups on QuObject at Qnap.
Ok I make S3 compatible bukket on my qnap and veeam makes its backups on it.
But if someone connects to the qnap, a virus or a malicious person, can they break my backup?
By deleting the Quobject or by formatting the qnap, or by deleting the raid or the volume.
Are the backups on Qnap in s3 really immutable?
Thank's for your answer
-
Jhnn
- Lurker
- Posts: 1
- Liked: never
- Joined: Nov 30, 2016 11:26 am
- Full Name: Johann
-
Gostev
- Chief Product Officer
- Posts: 31816
- Liked: 7302 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: Qnap Quobjet really immutable ?
Hello, these are two separate issues actually:
1/ Technically speaking they are really immutable and can never be deleted from backup software or through direct connection to the QuObject S3 endpoint, however
2/ You're also right that QNAP has a very large attack surface due to all its features and is thus a relatively soft target to cyberattacks, which we often see in the news... while if a hacker gets into QNAP management console then protocol-level immutability does not matter indeed.
This is why approach to security is always multi-layered. For example, with Veeam Hardened Repository the main focus for us was reducing an attack surface to the bare minimum. Which really paid of as I'm not aware of a single successful attack on our hardened repository despite there are already over 100K of them deployed.
Thanks
1/ Technically speaking they are really immutable and can never be deleted from backup software or through direct connection to the QuObject S3 endpoint, however
2/ You're also right that QNAP has a very large attack surface due to all its features and is thus a relatively soft target to cyberattacks, which we often see in the news... while if a hacker gets into QNAP management console then protocol-level immutability does not matter indeed.
This is why approach to security is always multi-layered. For example, with Veeam Hardened Repository the main focus for us was reducing an attack surface to the bare minimum. Which really paid of as I'm not aware of a single successful attack on our hardened repository despite there are already over 100K of them deployed.
Thanks
-
sfirmes
- Veeam Software
- Posts: 296
- Liked: 141 times
- Joined: Jul 24, 2018 8:38 pm
- Full Name: Stephen Firmes
- Contact:
Re: Qnap Quobjet really immutable ?
As Anton noted there are a few levels where the answers are different.
To answer your 1st question:
While each level has its strengths, they also have their weaknesses. But combining them you will have much more secure backups.
Hope this helps.
To answer your 1st question:
QNAP's QuObject does use the S3 object lock APIs and by doing so, your backups will be safe from virus and malware attacks. Additionally a malicious person won't be able to "break" your backups via the QuObject interface, aws cli, or VBR.
BUT - if the attacker(s) get root access to the QNAP appliance, then yes they can destroy your data via reformatting the disks. This isn't unique to QNAP, but other products do a much better job of preventing root access. One products that I am aware of disables the root account once you enable immutabilty.
To a degree the backups are immutable. But as Anton noted and it can't be stressed enough, your complete security strategy needs to be multi-layered. In your example, a single level is enabling immutability on the QuObject storage. Another level would be to restrict/eliminate root access to the QNAP.
While each level has its strengths, they also have their weaknesses. But combining them you will have much more secure backups.
Hope this helps.
Steve Firmes | Senior Solutions Architect, Product Management - Alliances @ Veeam Software
Who is online
Users browsing this forum: No registered users and 4 guests