Is Security Isolation Mode too isolated?

[bidmead]

Security Isolation Mode seems like an excellent idea, particularly in the light of intensive ransomware attacks. It provides your NAS with an air-gap from the Internet, while still allowing regular file access over your LAN.

There are some necessary limitations, of course. You won't be detecting or receiving TOS 5 firmware updates. But there are also what strike me as quite unnecessary limitations: Security Isolation Mode also makes it impossible to run PHP and Java.

Not running these, of course, materially hardens security. But it also means that many apps like WordPress (which depends heavily on PHP) are precluded. I'm not at all clear why this is necessary.

Why not a double switch: close off the Internet with one and -- optionally -- use the other to shut down PHP etc?

--
Chris

[TMroy]

When you isolate your TNAS from the outside world, why do you still need wordpress?

Limit PHP and Java helps to stop some Malicious codes from running.

[bidmead]

WordPress is just one example of an app dependent on functions that Security Isolation Mode denies. It's a reasonable question, though -- why use WordPress without an Internet connection?

As I explain in part 2 of Tested Technology's TerraMaster review, WordPress has been introducing a lot of novelty recently. There's a dilemma here: new features need to explored but you won't necessarily want them running on a production system. The F2-221 makes it very easy to install a local WordPress testbed for running any manner of wild plugins and for checking the rapidly evolving features of the (IMHO) still not mature enough Gutenberg block editor that WordPress is promoting.

It's even entirely practical to draft articles on the local WordPress installation and transfer them across to our production system -- professionally hosted by Machine Networks.

PHP is widely used in Internet applications but has no dependence on Internet connection. A Web site is safer (but very must less capable) without PHP. But once the machine is isolated from the Internet there's no reason that I can think of interdict PHP.

Java, also shut down by Security Isolation Mode, is an even less arguable case. Many cross-platform local applications rely on Java.

--
Chris

[TMroy]

{L_BUTTON_AT}bidmead

So for your scenario, you do not need the Security Isolation Mode, you only need to create a simple Firewall rule to block all outside IP access. The Security Isolation Mode is for the users who put data security first priority but do not need to run some other applications.

[bidmead]

I think I understand the argument. Java and PHP certainly offer useful attack surfaces for bad agents entering your NAS from the Internet. But if Security Isolation Mode truly provides an air-gap, what's the value of interdicting Java and PHP if the invaders can't get to these functions?

Yes, you're probably helping to insulate the system from a local, manual attack. But that's a very different and much rarer issue. Why not put the Java/PHP kill on a different switch (Total Security Mode?), in the same way that we can independently switch off ssh access?

The value of Security Isolation Mode, it seems to me, is that its principle is simple for the end user to understand and the process is easy to put into effect. Correctly tailoring a firewall is a different proposition: complex in theory and very easy to mess up.

--
Chris

[TMroy]

We will put your comment to the product team, may be we can do something on it in the future.

[bidmead]

Thanks for that, @TMroy. Very much appreciated.

--
Chris

[TMroy]

No problem.