My first NAS (Network Attached Storage) - Any advice?

[johng]

On 8/16/2021 at 11:37 AM, KhunHeineken said:

You've used a term I am not familiar with.  Can you briefly tell me what a Carrier Grade Nat is?  

It's a method internet service providers use to deal with the lack of ipv4  addresses   they basically do what your home router does  

that is pass (NAT) many  Ip addresses through  one ip address that is exposed to the internet.

 

[Brew]

I use my Synology for years with Quickconnect or IPv6 and Synology DDNS or own domain, external IPv4 is disabled.

IPv6 update of own domain with qmcgaw-ddns-updater in Docker.
No problems, in Thailand even the cellphone providers offer IPv6.

[johng]

7 minutes ago, Brew said:

in Thailand even the cellphone providers offer IPv6.

ToT  doesn't ????

[KhunHeineken]

Bumping the thread.

 

Thanks to members that have replied to me.  I will individually reply to your posts in the near future.

 

After some research, procrastination, supply chain issues, and then waiting for a while for the next model to be released, I didn't want to wait any longer and eventually settled on a brand new, but superseded Synology DS918+.

 

One of the main reasons I chose the superseded model is it has two accessible ram slots which makes it easier for a ram upgrade, where as the current model, the DS920+ has 4GB of ram soldered on, which means the maximum ram you can have is 12GB, not 16GB. I know using another brand of ram voids my warranty, so I will not head down that path straight away, but the option is there for the future when I start learning about adding a virtual machine etc.  Also, should that soldered on ram ever die, it is unknown if the NAS will run off the other slot, or the NAS becomes a throw away.

 

There was a lot of debate whether the processor can use 12GB or 16GB of ram, as Intel say maximum ram for that processor is 8GB.  Does any member have experience with installing more ram than what Intel says their processor can utilize?  Youtube clips showed the ram being used in the NAS software, but some argued the processor will only use 8GB.

 

The processor is faster on the newer model, but I don't think I will notice it too much.  It's not a business NAS.  If back ups take some hours, no problem.

 

The superseded model was only marginally cheaper than the new model, with some reports of the superseded model rising in price after the new model was released, possibly due to the soldered on ram. 

 

My research lead me to believe Synology is going down the path of forcing its customers to use their ram and their HDD's.  This also was a factor in choosing the older model.

 

It's a 4 bay NAS, and I have populated it with 3 x 4TB Ironwolf Pro drives.  I'll keep a bay spare at this stage.   

 

I really liked a QNAP NAS that had just about everything you could think of, but it was considerably more expensive, and I doubt I have the knowledge or use for most of its capabilities.  

 

Does anyone own a DS918+, or a similar spec Synology? 

 

Any thoughts on my choice of NAS? 

 

Here's the data sheet.

 

https://global.download.synology.com/download/Document/Hardware/DataSheet/DiskStation/18-year/DS918+/enu/Synology_DS918_Plus_Data_Sheet_enu.pdf

[KhunHeineken]

I have anti-virus on all my devices.  

 

Once question I have is, what do you do for anti-virus on a NAS?

 

My NAS will be exposed to the internet as I wish to back up remotely.  

Edited December 8, 2021 by KhunHeineken

[recom273]

18 hours ago, KhunHeineken said:

Bumping the thread.

 

Thanks to members that have replied to me.  I will individually reply to your posts in the near future.

 

After some research, procrastination, supply chain issues, and then waiting for a while for the next model to be released, I didn't want to wait any longer and eventually settled on a brand new, but superseded Synology DS918+.

 

One of the main reasons I chose the superseded model is it has two accessible ram slots which makes it easier for a ram upgrade, where as the current model, the DS920+ has 4GB of ram soldered on, which means the maximum ram you can have is 12GB, not 16GB. I know using another brand of ram voids my warranty, so I will not head down that path straight away, but the option is there for the future when I start learning about adding a virtual machine etc.  Also, should that soldered on ram ever die, it is unknown if the NAS will run off the other slot, or the NAS becomes a throw away.

 

There was a lot of debate whether the processor can use 12GB or 16GB of ram, as Intel say maximum ram for that processor is 8GB.  Does any member have experience with installing more ram than what Intel says their processor can utilize?  Youtube clips showed the ram being used in the NAS software, but some argued the processor will only use 8GB.

 

The processor is faster on the newer model, but I don't think I will notice it too much.  It's not a business NAS.  If back ups take some hours, no problem.

 

The superseded model was only marginally cheaper than the new model, with some reports of the superseded model rising in price after the new model was released, possibly due to the soldered on ram. 

 

My research lead me to believe Synology is going down the path of forcing its customers to use their ram and their HDD's.  This also was a factor in choosing the older model.

 

It's a 4 bay NAS, and I have populated it with 3 x 4TB Ironwolf Pro drives.  I'll keep a bay spare at this stage.   

 

I really liked a QNAP NAS that had just about everything you could think of, but it was considerably more expensive, and I doubt I have the knowledge or use for most of its capabilities.  

 

Does anyone own a DS918+, or a similar spec Synology? 

 

Any thoughts on my choice of NAS? 

 

Here's the data sheet.

 

https://global.download.synology.com/download/Document/Hardware/DataSheet/DiskStation/18-year/DS918+/enu/Synology_DS918_Plus_Data_Sheet_enu.pdf

Yes, I have the other model, the 418play, sitting redundant in my spare room.

 

I wanted a rack mount NAS, instead of a black box - So I "upgraded" I also chose a last years model for my rackmount. I think it's a wise move not to buy the latest model. I have no idea what Synologys idea is, they are rock solid tools but very boring in their approach.

 

I think If I didnt want to save space then I would still be very happy with the 418play, they do the job - they struggle with 4K video, I use mine just for backups and document storage.

 

 

[OneMoreFarang]

Here is my personal story about NAS - or no NAS.

 

Until now I only backed up my important data. In part on external HDDs and in part online. That was good enough to be sure I don't lose anything important.

But recently I thought about a full backup of all my data, currently that is about 5TB.

I thought about NAS and then I discovered how expensive many of them are. And then I looked at some videos which explained the difference between external hard disks (HDD) and NAS. The videos explained that NAS had lots of additional functions and at least some models would be faster and usable in a network, etc.

And then I decided for myself: I don't need all that extra functionality, I just want a backup.

And then I looked for online backup, the cloud. Obviously that is an option but with multiple TB that cost a lot of money.

 

What I did at the end was that I purchased 4 external cases for 3.5" HDDs with USB3 connection. And I purchased four 6TB HDDs from two different brands. In my case Seagate and WD.

 

My backup strategy is now the following: 

Full backup on the first Seagate HDD and (more or less at the same time) full backup on the first WD HDD.

And then, maybe a few weeks later the same procedure on the second set of HDDs.

 

My reasoning for above:

Making two times the same backup is similar to RAID1. But because it is just a copy to hard disks it's easier accessible than RAID1. It will work on any PC independent of the chipset (with included RAID controller).

Years ago I had a problem that the same disks from the same brand, which I used as RAID1 at that time, crashed at the same time. BAD! So now by using different brands that scenario if very unlikely.

The reason for the second set of disks is that one set of disks (with all the data) is not connected to the PC. So if there is a bad virus or a fire I always have one set of disks with my data. Maybe not the very newest data but new enough.

I store one pair of disks in another building to be sure I still have a backup in case of fire, etc.

 

I bought external cases and HDDs separately because sometimes the electronic in external HDDs fails. With the external cases it takes just a minute to change one HDD into a different external case - if necessary.

 

And I still have my important (constantly changing) data online on OneDrive, accessible on multiple PC and from anywhere.

 

All in all it is almost impossible that I lose my data because I always have two disks with a full backup in another building.

And all this for a lot less money than a NAS.

 

That doesn't mean NAS are not good. They have a reason that they exist. But just for backup they are not needed.

[recom273]

59 minutes ago, OneMoreFarang said:

 

That doesn't mean NAS are not good. They have a reason that they exist. But just for backup they are not needed.

 

Totally.

A NAS can do a multitude of things; automated processes, NVR for your security cameras, media server, run personal websites, databases or wikis, act a crypto nodes. This is why I say Synology are boring because they just aren't as flexible as something like OMV or as easy to use as an Unraid server. To use a brand new one (15K+ plus a minimum of 3 HDD to run SHR ) to solely make nightly backups of changes to your data is rather pointless and expensive.

 

The beauty of Synology over your solution is that everything, once setup is going on in the background, (although I guess you to also have sync apps running) for me, I like that my important data is kept away safe from servers that I expose to the internet or that I use for playing around on, testing out new applications or whatever.

 

Another appeal of a NAS, for me is the idea that your data is your own (rightly or wrongly), you aren't lending it out to others, and I hate paying monthly subscriptions for things, like apps or cloud storage, so NAS and Servers sit happily in my thoughts.

[KhunHeineken]

On 12/9/2021 at 2:43 PM, recom273 said:

Yes, I have the other model, the 418play, sitting redundant in my spare room.

 

I wanted a rack mount NAS, instead of a black box - So I "upgraded" I also chose a last years model for my rackmount. I think it's a wise move not to buy the latest model. I have no idea what Synologys idea is, they are rock solid tools but very boring in their approach.

 

I think If I didnt want to save space then I would still be very happy with the 418play, they do the job - they struggle with 4K video, I use mine just for backups and document storage.

 

 

 

I looked at cheaper models, but because I want to run it as a Plex Media Server, and Wireguard VPN, I needed a device with some CPU power. 

 

It came down to Synology DS918+ and DS920+, and even then, their processors are not fast.

 

My research told me they use slower processors that are energy efficient, but to me, this only caters for the people leaving their NAS on 24/7.

 

I would have liked a Core i5 or even Core i7 NAS, and then use the Wake On Lan feature for energy efficiency.  I am only a home user, but I would have liked the option of having the power to transcode HD and a faster VPN when needed.  

[KhunHeineken]

Bumping the thread.

 

My NAS has been running for a while now and I am now familiar with some basic features.  I'm learning about new features all the time.  The NAS is quite a versatile device.

 

I have a few questions, but will start with this question that I asked before, but never received a reply, and that is, antivirus  on a NAS.  The Synology came with AV, and I enabled it, but all it seems to do is scan the files I am storing. 

 

What about some type of attack?  The Synology AV doesn't seem to run the same way as my PC antivirus, and the NAS is online 24/7.  

 

What do you guys do to protect your NAS from some type of attack, particularly ransomware?

Edited March 7, 2022 by KhunHeineken

[BritManToo]

torrents ........

 

[OneMoreFarang]

30 minutes ago, KhunHeineken said:

Bumping the thread.

 

My NAS has been running for a while now and I am now familiar with some basic features.  I'm learning about new features all the time.  The NAS is quite a versatile device.

 

I have a few questions, but will start with this question that I asked before, but never received a reply, and that is, antivirus  on a NAS.  The Synology came with AV, and I enabled it, but all it seems to do is scan the files I am storing. 

 

What about some type of attack?  The Synology AV doesn't seem to run the same way as my PC antivirus, and the NAS is online 24/7.  

 

What do you guys do to protect your NAS from some type of attack, particularly ransomware?

Let me clarify what happens with malware - the rough concept: I.e. you receive an email with malware or you visit an infected website. If your anti-virus on your computer is up to date and if the malware is already a couple of days old then likely your computer will detect the malware before it is downloaded or installed on your PC.

If the malware if brand new and/or your computer's anti-virus protection is not good or not up to date then your PC won't stop the malware. Then it will be installed on your computer. And the malware will save infected and infecting files on your computer and your NAS.

The NAS works mostly just like an external hard disk. You access files on your PC and you access files on the NAS. And whenever you access files and you have a virus then the virus might infect/change these files. It doesn't matter where the files are saved. 

Some viruses also infect or encrypt all files which they can access. This means all files on your PC, all files on the NAS, all files in the cloud (which are accessible by you), etc..

 

The most important virus protection is the protection which checks all incoming internet traffic, all new files i.e. from USB sticks, DVDs, etc. That is or should be always active on your PC.

 

Any anti virus on the NAS is only secondary protection. 

 

[KhunHeineken]

2 hours ago, OneMoreFarang said:

Let me clarify what happens with malware - the rough concept: I.e. you receive an email with malware or you visit an infected website. If your anti-virus on your computer is up to date and if the malware is already a couple of days old then likely your computer will detect the malware before it is downloaded or installed on your PC.

If the malware if brand new and/or your computer's anti-virus protection is not good or not up to date then your PC won't stop the malware. Then it will be installed on your computer. And the malware will save infected and infecting files on your computer and your NAS.

The NAS works mostly just like an external hard disk. You access files on your PC and you access files on the NAS. And whenever you access files and you have a virus then the virus might infect/change these files. It doesn't matter where the files are saved. 

Some viruses also infect or encrypt all files which they can access. This means all files on your PC, all files on the NAS, all files in the cloud (which are accessible by you), etc..

 

The most important virus protection is the protection which checks all incoming internet traffic, all new files i.e. from USB sticks, DVDs, etc. That is or should be always active on your PC.

 

Any anti virus on the NAS is only secondary protection. 

 

Thanks for the explanation.  I was more concerned about the way these hackers scan for ports, not so much what I look at on the internet.  I'm pretty careful about opening a link in an unsolicited email.

 

If they can get into an open port, they will have my NAS.  I purchased the NAS mainly so I could do some offsite back up, so I am in Thailand, but can store photos and things on my NAS that is back in my home country.  

 

I suppose if I am not doing anything on the internet on my home network because I am overseas, that's a considerable less chance of becoming a victim by downloading a malicious file, but that also means the network I am using in Thailand could pose a risk.  I do have AV on my laptop, so maybe it's just same same.     

[moogradod]

Most has been explained already - but Synology is the way to go. A UPS (I recommend APC) is mandatory as is an external USB disc for offline backup. I use their NAS for many years now. Combined with Clickatell as SMS provider (for personal alerts). And they have a very good support. In the beginning I had some nasty problem (most probably self initiated - I like to play around with stuff) which needed a deeper look. They contacted me from Singapore while I was living in Switzerland. And all components (NAS, USB disc plus APC UPS are available in Thailand).

Edited March 7, 2022 by moogradod

[OneMoreFarang]

27 minutes ago, KhunHeineken said:

Thanks for the explanation.  I was more concerned about the way these hackers scan for ports, not so much what I look at on the internet.  I'm pretty careful about opening a link in an unsolicited email.

 

If they can get into an open port, they will have my NAS.  I purchased the NAS mainly so I could do some offsite back up, so I am in Thailand, but can store photos and things on my NAS that is back in my home country.  

 

I suppose if I am not doing anything on the internet on my home network because I am overseas, that's a considerable less chance of becoming a victim by downloading a malicious file, but that also means the network I am using in Thailand could pose a risk.  I do have AV on my laptop, so maybe it's just same same.     

Open ports are a problem and bad operating system, firmware, software on the NAS or your computers can be a problem.

From time to time I read about security holes in NAS which allow hackers to access those devices. That means they could possibly look at your files, delete your files, upload (virus infected) files to your NAS, etc.

 

You can google: NAS security issues [your NAS name]

and you will find articles like this:

 

https://www.f-secure.com/gb-en/press/p/new-nas-vulnerabilities-are-pretty-much-as-bad-as-they-get 

 

[moogradod]

I would rather put data on the NAS that SHOULD be accessible from outside (like photos or films you want to show somewhere) or as a single point of access to your internal display devices (music, films in any room where you have a network connection (WiFi works wonderfully) or to connect to the build in surveillance station (just need some cameras of course as well).

 

For backup of serious confidential data there are other solutions. My Synology has a virus scan facility by the way although it takes AGES to scan.

[KhunHeineken]

6 minutes ago, moogradod said:

I would rather put data on the NAS that SHOULD be accessible from outside (like photos or films you want to show somewhere) or as a single point of access to your internal display devices (music, films in any room where you have a network connection (WiFi works wonderfully) or to connect to the build in surveillance station (just need some cameras of course as well).

 

For backup of serious confidential data there are other solutions. My Synology has a virus scan facility by the way although it takes AGES to scan.

I enabled the Synology AV, and it took hours to scan.  My question is, does it offer any protection while the NAS is just sitting idle, 24/7?   

[fdsa]

21 minutes ago, OneMoreFarang said:

Open ports are a problem and bad operating system, firmware, software on the NAS or your computers can be a problem.

From time to time I read about security holes in NAS which allow hackers to access those devices. That means they could possibly look at your files, delete your files, upload (virus infected) files to your NAS, etc.

 

You can google: NAS security issues [your NAS name]

and you will find articles like this:

 

https://www.f-secure.com/gb-en/press/p/new-nas-vulnerabilities-are-pretty-much-as-bad-as-they-get 

 

  

54 minutes ago, KhunHeineken said:

If they can get into an open port, they will have my NAS.

 

 

this is correct. A usual antivirus will not help because NAS's get infected via vulnerabilities in their software, not via malware on your computer.

The best solution is - do not allow external access from the Internet to the NAS.

Or setup a VPN on the NAS or on the router and connect from the outside Internet via encrypted VPN.

Edited March 7, 2022 by fdsa

[BritManToo]

5 hours ago, KhunHeineken said:

What do you guys do to protect your NAS from some type of attack, particularly ransomware?

I do nothing, as it appears to me to be fear for fears sake.

I don't even have AV running on my PC.

 

No banking on my PCs, let them hack away.

Edited March 7, 2022 by BritManToo

[OneMoreFarang]

2 hours ago, fdsa said:

The best solution is - do not allow external access from the Internet to the NAS.

Or setup a VPN on the NAS or on the router and connect from the outside Internet via encrypted VPN.

In theory: yes

In real life: Make sure you know what you are doing. A well configured firewall and VPN are fine. But it is not trivial to set them up correctly. I wouldn't recommend that a normal user tries this. Because it is just too easy to make mistakes and feel protected because you have a firewall and VPN. Be careful and don't overestimate yourself.

And I include myself in this. I setup already a few firewalls and VPNs. But because I do that seldom, like maybe once a year, I have to review again all the details. Did I do everything correctly? Did I forget anything? Be careful! 

[moogradod]

2 hours ago, fdsa said:

  .......this is correct. A usual antivirus will not help because NAS's get infected via vulnerabilities in their software, not via malware on your computer.

The best solution is - do not allow external access from the Internet to the NAS.

Or setup a VPN on the NAS or on the router and connect from the outside Internet via encrypted VPN.

The Synology AV runs on the NAS, not the PC. But you have given the most appropriate advice: No access from the Internet, or via VPN. Let me add: Do not store sensible data on any device accessible from outside unless you do not have a really heavy protection like 2 security zones with hardware firewalls etc. But we are talking private use here so no overexagerration needed. A picture of your mom and dad having dinner together might be OK, but the key to your Cryptouniverse is a completely different ballpark.

 

Memorable pictures are regarded as security relevant and must be stored Ransomware proof. However I would not recommend to run absolutely no protection on a PC. There are even solutions for free, so why not have it. If you have many PCs there is a chance that they somehow are connected even if you did not intend to do so. If you need something to experiment, then on a completely standalone PC via a seperate router.

 

 

[recom273]

I believe Synology has a set of security features built into DSM, best to start there along with configuring your router firewall rules. I think smartconnect takes care of a lot of settings for you.

 

 

https://www.wundertech.net/how-to-secure-a-synology-nas-tutorial/#23_Reverse_Proxy_Cloudflare

 

https://www.howtogeek.com/435452/how-to-secure-your-synology-nas-from-ransomware/

 

 

Although I own an Synology RackStation, I use it for internal backups with no need to expose to the internet. I use this method to mitigate attacks on unraid servers which run plenty of services that accessed remotely. It won't really help you with ransomware, but then if someone wants to lockup my pirated video library, go for it, I will just download the whole lot again.

 

 

[MJCM]

On 3/7/2022 at 9:29 AM, KhunHeineken said:

What do you guys do to protect your NAS from some type of attack, particularly ransomware?

My NAS isn't connected to the outside world.

 

I connect to my NAS at another location via a Wireguard Server running on Raspberry PI (on that local network) and when I connect to it, I can access the NAS

 

I also have enabled .SSH keys on the NAS

 

link: https://community.synology.com/enu/forum/1/post/136213

 

Please note: On the NAS SSH / SFTP access is disabled but I can enable it when needed remotely)

 

Ps: Make 2 user accounts on your NAS, 1- With FULL admin rights and a difficult password 2- one with normal user rights and a difficult password.

 

Also enable RECYCLE BIN on your NAS, and only GIVE the ADMIN user ACCESS to it, so even when a hacker could access the NAS, and deletes file you still have them in the Recycle BIN.

 

And do backup your DATA to another OFFLINE location (just to be sure)

 

Edit: I connect to the other location via DDNS (if you are on 3BB internet there is a manual for it on the 3BB site (which even works if you are behind CGNAT)

Edited March 8, 2022 by MJCM

[MJCM]

3BB DDNS

 

 

[MJCM]

Here a screenshot connected to the other location via Wireguard

 

10.0.0.100 is my PC here

10.6.0.2 is the Wireguard Connection

10.95.0.160 is a PC in the other location I am accessing via TightVNC

The Synology Screenshot is the NAS on the same network (10.95.0.x) as the PC at the other location

 

 

Edited March 8, 2022 by MJCM

[GrandPapillon]

On 12/8/2021 at 4:21 AM, KhunHeineken said:

Does anyone own a DS918+, or a similar spec Synology? 

what would be the justification of buying such a top end NAS? do you really need that much storage or power?

 

You can buy an entry Synology for 100 USD, that would take care of 99% of your needs

 

very few people need a DS900 series Synology, seems over kill

 

[KannikaP]

What am I doing wrong. All my data is on my One Drive which I can access via any of the PCs and phones on my Network.

If I want to share anything with someone else, I send them a link. 

[recom273]

15 hours ago, KannikaP said:

What am I doing wrong. All my data is on my One Drive which I can access via any of the PCs and phones on my Network.

If I want to share anything with someone else, I send them a link. 

I presume you are talking about the need for a NAS, right?

 

Nothing wrong? If it suits your purpose. If you are keeping pirated video files, aren't you scared that they will be analyzed, tagged as illegal content and deleted or your account suspended? like with the google drive.

 

I just don't like the idea of paying for anything (on a monthly basis) that I don't own. I run all those cloud services on servers at home where I have complete control. It probably doesn't save any money but I get the satisfaction of knowing my data is private and I also enjoy maintaining and watching the development of open source self-hosted software.

 

 

 

[KhunHeineken]

On 3/8/2022 at 7:48 PM, MJCM said:

My NAS isn't connected to the outside world.

 

I connect to my NAS at another location via a Wireguard Server running on Raspberry PI (on that local network) and when I connect to it, I can access the NAS

 

I also have enabled .SSH keys on the NAS

 

link: https://community.synology.com/enu/forum/1/post/136213

 

Please note: On the NAS SSH / SFTP access is disabled but I can enable it when needed remotely)

 

Ps: Make 2 user accounts on your NAS, 1- With FULL admin rights and a difficult password 2- one with normal user rights and a difficult password.

 

Also enable RECYCLE BIN on your NAS, and only GIVE the ADMIN user ACCESS to it, so even when a hacker could access the NAS, and deletes file you still have them in the Recycle BIN.

 

And do backup your DATA to another OFFLINE location (just to be sure)

 

Edit: I connect to the other location via DDNS (if you are on 3BB internet there is a manual for it on the 3BB site (which even works if you are behind CGNAT)

Remote access is one of the main features why I purchased my NAS.  I travel a lot, and take a lot of photos. 

 

I was backing up photos,  and a small amount of music, to a large USD drive which I would carry on a key ring.  This meant the laptop and camera were in the hotel room / condo, and the USB drive was on my person, so I had the data on two different devices, in two different locations.  The USD drive only held photos, video, and a small amount of music, but I wanted to back up system images and large folders, so I went for a NAS. 

 

I set up the VPN to the NAS, as you have done.  Couldn't a virus or malware just be encrypted and decrypted in the VPN tunnel? 

 

I have made the two user accounts also. 

 

I haven't done the Recycle Bin setting yet.  That sounds like a good idea.  Thanks.

 

I understand that any device on the internet is vulnerable.  We access so many servers in our daily life that I thought I would set up a small one of my own.   

 

I have a large HDD at a relative's place, but that would not get backed up until a return from my travels, and while it's still handy to have, I would like a system that is more instant, at the time of camera upload.   

[KhunHeineken]

On 3/8/2022 at 8:42 PM, GrandPapillon said:

what would be the justification of buying such a top end NAS? do you really need that much storage or power?

 

You can buy an entry Synology for 100 USD, that would take care of 99% of your needs

 

very few people need a DS900 series Synology, seems over kill

 

Good question, and I'll explain my reasoning.

 

You are correct, a 4 bay NAS was an overkill for me, but I always wanted more than one bay.  A single HDD NAS would not provide the redundancy I would like.  

 

The logical solution was to look at a 2 bay NAS, and while they can't do a RAID configuration, they can mirror, so if one HDD goes down, you have the mirror and all is good.  The chances of both HDD's going down, at the same time, would be slim.

 

When I started looking at 2 bay NAS units, I quickly discovered the 4 bay units were less than $100 more, and sometimes only $50 or $60 more than the 2 bay units.  I thought this was strange, so compared many websites, but it was correct.  I guess the processor and RAM and OS is the same, and it's not much more to just add two extra bays, so I paid the extra and got a 4 bay NAS.  

 

You must have a minimum of 3 bays for a RAID configuration, so I have a 4 bay NAS with 3 HDD's in it and running SHR.  If I need more storage in the future, I can add a fourth HDD.  

 

I viewed the NAS as a device that would meet my needs for years to come, so went bigger and better to offer some future proofing.  

 

To keep the price down, I went for the DS918+ which was superseded by the DS920+, so I got it cheaper, but the previous models do hold their value.  Also, I preferred the 918+ over the 920+ for reasons I set out in another post.

 

I don't think I have wasted my money, especially as I learn more and more about the capabilities of this NAS.