A Synology NAS has been a staple item in my infrastructure for over a decade. Looking back I started my journey with Synology back when DSM 4 was freshly launched, and today we are at DSM 7.2.
I was recently provided with a Synology DS423+, a four bay chassis aimed at professional teams and small businesses looking to step into the world of local centralised storage.
First Impressions
From a purely visual perspective, there is little in the way of changes in the design of the Synology four bayers.
The main difference compared to the (much) older models, there is no longer a cover in front of the drive bays. And to be accurate, it hasn’t been around for quite a while but I just happened to have a dinosaur sitting in the rack.
All the familiar things are there, the black chassis with the mix of gloss and matte finishes, with the four bays dominate the front of the unit.
As Paul mentioned in his review of the DS923+, the newer generations of DS have a smaller footprint and lighter.
Getting Going
No tools are needed to pop your drives in, with the clever interlocking rails provided by Synology. From the DS923+ to the DS423+, the drive trays looked exactly the same to me.
I thought I would be cheeky and swap one of my chassis over and it was as simple as pulling the drive trays out of one chassis and into the new one. Yes I did turn off the original NAS first.
What is also super important is to repopulate the chassis with the hard drives in the same bays that they came from. You have been warned.
Not having done an upgrade for a little while, I was caught a bit by surprise when my NAS didn’t come back online. I had to take the extra little step of using the Synology Assistant to confirm that I have performed a chassis upgrade and all was well afterwards.
Nothing like a surprise to get the heart racing.
In Use
The primary use case I have for a Synology is raw storage. I have a lot of data, data that are irreplaceable if do lose it.
In the decade plus years of experience I have with a Synology DS, it has always served me with rock solid reliability in the many different places I have called home in that period.
Why do I store my data locally when cloud can be so convenient? After all, each move comes with a risk such as damage, theft and lost in transit. Well it is because I own that data, and it is managed by me in the same data jurisdiction that I control without being beholden to others.
I am not reliant on having an internet connection, or the need for a high bandwidth pipe in order to get access to large files such as my library of RAW images.
Over the past two years I have pushed my DS instances to do more and more, to the point where I have decommissioned my pizza box HP Proliant server because it is no longer serves any role that cannot be done by DSM.
These are what the DS423+ now handle as part of my core home services are:
- Surveillance Station
- DocSpell (Electronic Document Records Management System) in a Docker container (well five actually)
- Home Assistant in a virtualised instance
- Bunsen Labs in a virtualised instance
- Windows in virtualised instances
- File share
- Photos
- NoteStation
Yes my DS handles a lot of work and I did have to throw additional RAM at it. In this case, it was as simple as powering down the DS, pop all the drives out and access the DIMM slot on the inside right of the chassis. Job done.
Stepping through what the DS is serving up and how it can serve a team of professionals, a small business or a power user trying to make life easier for the family.
Surveillance
It would be pretty remiss to not have some kind of security camera system anywhere now. However many consumer cameras require on-going cloud subscriptions to have access to your footage. Additionally many brands have had suffered security breaches.
What if there is a way to take back control of your camera footage and reduce some of the dependencies on cloud services? Well DSM comes with a full featured software by the way of Surveillance Station, and the free tier provides support for up to two cameras.
As it happens when I started the review of the DS423+, I also fitted in a core infrastructure redesign to consolidate and reduce the equipment clutter that happens as networks grow. This meant I removed a dedicated Network Video Recorder and consolidated the feeds into Surveillance Station.
Synology talks about how simple it is to run Surveillance Station and the statement is both true, and false. Like anything there is some learning curve involved, and primarily the false part of the statement is that you do need to understand the Surveillance System effectively runs on it’s own interface and it pops up as a separate tab on your browser. There are quite a few components to Surveillance Station if you are to take full advantage of the software.
On the other hand, it was incredibly simple and easy to pull in multiple cameras into Surveillance Station. I won’t go through the step-by-step process but your hand is held along the way with the wizard.
I do want to point out that when you add cameras in multiple batches, Surveillance Station allows you to copy the existing settings from a configured camera and apply to other cameras. This makes it incredibly simple to set up one camera, or one camera per type, as your master configuration and ensure that all units will follow the same configuration.
Speaking of cameras, Surveillance Station pretty much will support anything with ONVIF or RTSP so you can aggregate different brands and cameras together into the same pane of glass.
I have just scratched the surface and it has taken very little effort to get the basics working. There are plenty of features still to be explored such as Notifications, Action Rules, Audio Patterns as well as an Application Center to add support for IO modules, IP speakers, door controllers for example.
File Storage and EDRMS
The DSM is a very capable file system, but it is just a file system at the end of the day. How you create your folder structure governs your ability to … rediscover your data later.
Leaning on my many years of working along side records management boffins, I started testing out a deployment of document management system for home. I didn’t need anything that costs 6+ figures in licensing, teams of developers, ability to create workflow rules or anything like that. I just wanted something that I can dump data into, tag it appropriately so I can retrieve them easily with a search.
So why did I use DSM to host it? Because when I was testing out different products, I could easily spin up or destroy instances. Whether it is a virtual machine, or a Docker container, it was a no brainer. Considering all the different software I tested along the way, none of them left any trace when I decided to destroy their instances.
Secondly I can simply back up my container for data protection purposes, without needing to run an agent on another machine.,
If you are curious, I am running an instance of DocSpell in Container Manager (nee Docker). It barely registers a blip for CPU usage, and chews up just 1GB of RAM. When it is ingesting data and performing OCR on PDF documents, it does raise the metrics a little but this is generally a task I let run overnight.
Home Assistant
One of the perils of being a tech reviewer is that I will never have consistency across brands in the home. My partner regularly have to ask me what apps are still in use, and which device is controlled by which app. In simple terms, my home network is not user friendly. And truth be known, it is not even admin friendly. If I get hit by a bus tomorrow, it would be far simpler to just start from scratch then unravel what I have done.
But given I do enjoy a challenge and learning new things, I decided to throw some efforts into learning Home Assistant beyond the basics of having a network wide ad blocker and some centralised infrastructure management.
My HA instance is spun up in Virtual Machine Manager. One of the reasons it is not a Docker instance is due to the need to run Add-ons and HACS, which I have since been told is also possible in Docker. This is something I may look into later to move across.
What HA allows me to do is to consolidate pretty much every smart device I have into a single pane of glass. I can view the status, and control my lights such as all my Google Nests, Nanoleafs, smart globes, climate control from the same portal.
Diverging for a minute, there is no genuine access control lists for Home Assistant. Essentially all users get access to everything.
It take a bit of effort to learn and configure, and I am learning a lot from Google and lots of frustrating hours of trial and error writing YAML. However even as a work in progress, the payoff has been well worth it.
Note Station
I moved over to Note Station when Evernote limited the free tier to two devices only. It was the push I needed to bring things in-house and after trying out various alternatives such as OneNote, I settled on Note Station.
Many people love OneNote but not me. I loath it with a passion. Instead I embraced Note Station which whilst was not a like-to-like replacement for Evernote, was familiar enough and close enough that I could live with it.
There are a few quirks of the interface, but I have learned to live with it and embrace it. That said though, it feels like the product is not getting much in the way of development.
Remote Access
Synology DSM offers multiple pathways to access services and files on the NAS.
By default, QuickConnect is the easiest pathway for remote access to your DSM. Once QuickConnect is connected to your Synology account, all your apps will be able to channel through it to access your data. There is no requirements to learn about networking and ports as everything is channelled through the Synology QuickConnect portal. For many years I have used this solution in conjunction with some custom firewall rules to obfuscate additional ports that I open.
In more recent times I have also dabbled in the VPN Server package that can be installed in DSM. This has given me better control on giving access remotely but require networking knowledge.
With the huge popularity of DSM, it also attracts bad actors to probe the security of the devices. As part of standard security measure. Synology no longer have an account called “admin” as this is a very common attack vector. In the interest of increasing my security posture, I transitioned over to TailScale during my infrastructure redesign.
Regardless which way you want to go, there are plenty of secure methods to access your data outside of your internal network.
If all your users require is file share access, Synology Drive is a useful replacement for Dropbox whilst keeping the data in house. There is essentially no change in how the user performs their job, but in the background, the DS can perform NAS-to-NAS synchronisation for data protection.
Data Protection
Data protection is not a sexy topic, but when things go wrong and you can recover data with no fuss, you will be the person of the moment.
More importantly, Synology provides numerous ways to create an off-site copy of your data to mitigate the risk of a single point of failure making the DSM an ideal forward location server.
There are tools from simple drag and drop (File System), to snapshot replications (Hyper Backup), full system and cloud backups (C2, Cloud Sync) just as examples.
I cannot stress enough the importance of having multiple copies of your data, and regular manual checks that your data is being backed up.
From a deployment perspective, having forward base DS units on a remote sites allows me to easily replicate the data back into a centralised storage and then into a data protection regime. It is a low effort implementation for maximum benefit.
Conclusions
It is no secret that I am a big fan of the Synology NAS devices. I have been on the journey with DSM evolve over the last three generations into the product of today. Over time, my use of DSM has also evolved to take advantage of the new features that are introduced. My DSM runs core services for my home and whilst there are quite a lot of moving parts, it is also useful to demonstrate just how much you can push one device.
I have been an advocate of smaller on-premise footprints over cloud solutions. Part of the strategy revolves around data jurisdiction. With the data being stored on-prem, you remove the issues of the data-at-rest issue.
You could treat your NAS as a server at a substantially lower cost of ownership. On top of that, Synology is very active across the board and I have only had good experiences reaching out for support.
Synology has in my case, proven to be a robust and reliable companion, having used number versions over the past decade extensively. I personally has never encountered a fault has resulted in outage and data loss that wasn’t self induced.
DRN would like to thank Synology for their continued support.
