Data Immutability in QNAP an Synology with WORM

Due to escalating concerns surrounding ransomware and cyber attacks, many organizations are seeking to implement measures to make their data immutable, meaning data that cannot be altered once written.

For both QNAP and Synology devices, immutability can be achieved through the use of WORM (Write Once Read Many) technology.

Immutability through WORM in QNAP QuTS Hero

QNAP supports WORM functionality with its QuTS Hero OS. If your device runs on QuTS, enabling WORM is straightforward. This setting must be configured at the time of creating the folder, and you have the option to choose between two modes: Enterprise and Compliance.

• Enterprise WORM mode is less stringent, allowing administrators to delete files within the folder.
• Compliance WORM mode, on the other hand, is more rigid and prevents deletion or modification of files regardless of privilege level.

That's it, once you have enabled WORM on the folder, you will only be able to copy the files to it. These files won't be allowed to be changed and deleted after they are locked. You can specify the time after which the file can be locked , or you can do it manually.

If you try to delete the file, you don't get a deny access at all. The file is deleted and you get the notification that the file is deleted BUT it comes back in the same folder.

Immutability in Synology Through WORM

Synology also achieves immutability through WORM, although with slightly different settings. Unlike QNAP, Synology allows for files to be appended (i.e., additional content can be added). Your volume must be a Btrfs volume as the WORM functionality is based on Copy on Write.

The more strict Compliance and less strict Enterprise WORM modes are similar to those in QNAP. Additionally, Synology offers the option for an immediate lock on files, unlike QNAP, where there is a minimum 1-minute delay before locking the file, though in my test I saw it takes 30-40 seconds for the file to get locked.

Another distinction is that the file cannot be deleted, contrasting with QNAP, where the file is marked as deleted to the operating system but reappears in the folder.

WORM immutability is software-based

It's crucial to recognize that this immutability operates on the Copy-on-Write (COW) mechanism of Btrfs and ZFS. Although there are no known vulnerabilities associated with this immutability, organizations needing an air-gapped immutable data copy may require a removable tape backup solution like LTO or RDX.