Cisco Cisco NSS030 Smart Storage External Power Adapter Livre blanc
12
Security Considerations White Paper for Cisco Smart Storage
White Paper
Figure11 Example of Black List Access Control
Deployment Model Specific Security Considerations
Depending on the method of deployment, the security considerations for the NAS
fall into one of these categories:
•
Security considerations when the NAS is connected directly to the public
Internet (
).
•
Security considerations for the NAS with LAN only access (
•
Security considerations when the NAS is accessible from the Internet via
port forwarding on the router (
).
•
Security considerations when running services on the NAS (web server,
MySQL server, etc.)
Security Considerations When the NAS is Connected Directly to the
Public Internet
This is the case where the user wants to have easy access to the files on the NAS
from anywhere that has Internet access.
The access methods are either by FTP, SMB/CIFS or Web File Manager. In this
configuration, the NAS is open to the public and most vulnerable to DoS and
security hacks. To minimize these threats, please consider the following:
•
Use and enforce complex passwords for admin and user accounts.
•
Disable telnet and SSH.