Solved

File access restriction on windows 2008 r2 with NAS

Posted on 2014-04-08
4
751 Views
Last Modified: 2014-04-24
what is the best way to protect my department data access from the unauthorised people within the company . we have R&D and HR type department and need to manage security
we have AD setup and one NAS . but we used one user account for all the users within the department . Is it possible to add NAS in to the AD . if yes I am trying to apply the file level security (shard + NTFS ) with the AD user login

No file server in the system  . all the files in the NAS

is there any other way apart from the above mention method  ? any special device like switch with FW  in the market for this requirement
0
Comment
Question by:cur
  • 2
4 Comments
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 200 total points
ID: 39988195
You can simply join your NAS to active directory and from active directory you can manage its

Also then you can create CIFS shares on NAS for which you can control NTFS permissions through windows servers by going to compmgmt.msc and connecting to NAS storage by root user (NAS Administrator)

Share permissions need to be configured through NAS only
Normally it provide all users read and write share permissions

Mahesh.
0
 

Author Comment

by:cur
ID: 39988364
what is the best approch on the security point of view .
NTFS+shard than EFS  someting like that
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 200 total points
ID: 39988403
I assume that NAS is joined to domain.
I hope you are accessing NAS through IP addresses such as \\IP_ADDRESS

By default when you configure Shared volume on NAS storage, you need to grant everyone read \ write access share permissions
Then underneath you will configure individual folders

Now you can access NAS storage volumes through windows server computer management console by connecting to NAS storage IP address and from there you can adjust NTFS permissions
Now, On every root folder (Volume level) you need to provide list folder contents NTFS permissions to authenticated users
Then underneath root folder you need to provide granular permissions to individual groups on individual folders with required level of access (Such as Read, Read\write\, Modify)

Also you can't use EFS on non windows servers such as NAS.
According to me you can use EFS only on windows based file servers as it is Microsoft technology and NAS is using different technology
What you can do, you can encrypt data with EFS on client machines and can save on NAS folders

Mahesh.
0
 
LVL 10

Accepted Solution

by:
Pramod Ubhe earned 100 total points
ID: 39988602
NTFS+shared is the correct approach. Configure everyone wth full controll on shared permissions and restrict access using NTFS permissions. For that you can create two types of groups - read access and write access on the share and configure read/write permissions to those groups so that you only need to add users in those groups to grant the access.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now