Best Practices To Secure Your NAS

Zyxel_Jerry
Zyxel_Jerry Posts: 741
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 500 Comments
 Guru Member
edited October 2022 in Consumer Product FAQ

Suggestions

If your NAS is using public IP address on the internet, It is in a high potential risk to attack by a malicious attacker, please do not set a public IP on your NAS, put a router or a firewall above the NAS would be more safety. below are best practice steps to securing the network for NAS.

1.    Do not expose unnecessary services to the internet.
You can reduce NAS services exposure to the internet by using a VPN on the above router or firewall. For details, refer to this article ( VPN Guideline –Choosing right VPN-type for your Home-Office

2.    Disable SMB 1 on your end device.

3.    Disabled option SMB and CIFs when using UPnP, if the router above supports adding a firewall rule, it is recommended to allow specific IP to access the NAS.

4.    The password is recommended to contain both upper and lower case letters and at least one numeric character (0~9).

5.    Regularly update your password

6.    Back up your data regularly

7.    Do not enable telnet or SSH if you’re not using the services.

8.    Change Web GUI management port.

Note: By default the device uses port 80 and 443.

To change the management port go to Control Panel > Network > TCP/IP,

Under Web Configuration, you can change the ports in this page.



Updating the firmware to the latest version

1.    Log on to NAS web GUI

2.    Go to Control Panel > System > FW Upgrade

Under Latest Firmware Check, click Check now

It will show the current status of your NAS



Note: You can also download the firmware from zyxel download library and do a manual upgrade

Go to Zyxel Download Library and search your NAS model to download the latest firmware.



Set up “Periodically check for the latest firmware automatically”

Make sure the Zyxel NAS is always running the latest firmware release. 
Please set up check firmware automatically on your NAS.

To configure Periodically check for the latest firmware automatically” feature Go to Control Panel > System > FW Upgrade,

It is under  Latest Firmware Check