What's new in Synology DSM 7? We analyze 7 improvements for a business customer

I'm not wrong to say that Synology's DSM 7.0 has become one of the most anticipated operating systems in the world (along with iOS and Android), and is certainly the most desired release in the world of storage systems. In the spirit of modernity, "seven" was supposed to be released in 2019, but the release was constantly postponed, and now the moment has come when the release was released. It's no joke - the description of innovations that Synology provided to journalists takes up as much as 80 A4 sheets. And here is a familiar mix of feelings: as a child, you are happy that you have added and are offended by the developers, as you used to be offended by Santa Claus, who did not bring what you dreamed of for the New Year.

Synology is now in a position to benefit from the development of On-Premise, the transformation of Cloud, the Edge boom, and even the move to remote. We have already said that the well-known analytical company Gartner quotes Synology in the same list with the luminaries of the storage market, the so-called A-class brands, and this is a very big achievement for a manufacturer that started with desktop NAS-s on 4 disks and took a share in the established market.

And now, to meet the high status and move up the rating, Synology must simultaneously maintain a sound conservatism, and not be afraid to experiment with new directions, and complete all its existing developments and lead to higher corporate standards. DSM 7 is a striking example of a combination of these three qualities, so let's make our hit parade of significant changes in the DSM.

1. Появилась поддержка Fibre Channel

It's hard to believe, but for a decade the FC interface has not gone away and has not given way to full-fledged NAS-am. Synology products have always been opposed to cheap SAN devices, and under the pressure of customers, the company gave up: first, it released a rather unusual dual-controller IP-SAN device UC3200, and now it introduces FC support at all.

Anna Balasheva, Team manager - Russia, Ukraine, CIS, Turkey - Synology:

We were often asked by partners and clients about our plans for FC, as Synology solutions could not participate in some fairly large projects due to the lack of support for this particular Protocol. It took several years for a more thorough analysis of the FC market potential. Feedback from the market confirmed that many more companies use FC. With the growth of sales and requests from corporate clients for Synology equipment, the issue of FC support has become even more urgent for our company. We know that this Protocol is one of the most widely used in the corporate segment, and it is primarily distinguished by reliability, stability, and minimizing downtime. For companies with an established it infrastructure, the cost of rebuilding a system for Synology with iSCSI can be very resource-intensive and expensive. Therefore, we decided to provide opportunities for our customers who would like to use our own DSM OS in their infrastructure with FibreChannel. This will be possible even for devices that have already been put into operation using the optional PCIe FC network card and the SAN Manager package. Thanks to this, our products can be used in both iSCSI and FC environments. We plan to support FC models in the corporate segment.

In addition to traditional NAS, support for Fibre Channel is also planned for UC3200 IP-SAN devices.

There is no need to explain what this gives the customer: it is both integration into the existing infrastructure, and the ability to get higher speeds with lower delays compared to iSCSI. By implementing SAN on the BTRFS file system, you can offer absolutely fantastic configurations with support for compression, deduplication and replicated snapshots, with support for instant copying and versioning.

As for expansion cards, there is no doubt that Synology will release its own branded models-there are not so many chip manufacturers for FC16 today, and Linux support is very good, so most likely all current FC8/16 solutions will be supported by NAS-s.

2. There is hope for global deduplication

And if we said about deduplication, we regret to add "Coming Soon": the manufacturer promises to implement it for volumes in version 7, but for now this technology is only available for backups in the Active Backup for Business package. Although, to be honest, I don't understand why development takes so long - as an experiment, I showed you how to configure deduplication via Docker two years ago (unfortunately, after the Duperemove updates, this method stopped working and we remove article from our website). In any case, it's nice that this technology is already in the plans, since almost the entire range of NAS's for business at Synology today is built on powerful processors that can handle large extent tables without harming storage performance.

3. Active Backup for Business

This package is a gem of Synology DSM, and I'm particularly pleased to see that it has received special attention. First, we have AES-256 protection for the backup folder. For each such storage, it is enabled once when creating a backup task, and it is not disabled in the future. Nothing prevents you from reserving some backups to open folders, and some to protected from unwanted persons. At the same time, deduplication works within a single storage, whether AES-256 is used or not.

Second, there is compression at the copy storage level. The feasibility of this is clearly confirmed by our simple test of backups of four virtual machines with a total volume of 60 GB. The screenshot shows that archiving helps reduce the backup volume by an additional 9%, and in General, compression is now "free" in terms of processor resources, so you can add it anywhere.

Remember, in our Active Backup for Business test, I was amazed at the speed of instant recovery of a virtual machine from VMWare ESXi directly to the NAS's built-in hypervisor? It took only 11 seconds, but the question remained: do you need to keep the restored VM on the NAS? Now Synology has a beautiful answer: a virtual machine restored to the built-in hypervisor can be smoothly migrated to the main host, but only when it is turned off. Please note: Synology Virtual Machine Manager allows you to migrate virtual machines from VMware and Hyper-V to your QEMU and back, and it works even with those machines that are loaded via UEFI, which is a huge plus in terms of compatibility with the existing infrastructure. But for some reason there is no support for "native" Synology VMM hypervisors on Linux: the OpenStack infrastructure from the same Red Hat or free CentOS is a significant market share.

The turn came to the physical Linux servers (although it is not clear why the "penguins" were not added to the PC tab). You can now back them up using a command-line software agent. It comes with open source code and is compiled on your server. After connecting to the system, everything happens exactly the same as with a normal server: you select the volume to save and the backup parameters.

At the time of writing, the backup agent was available for Red Hat Enterprise Linux / Centos / Fedora, Ubuntu / Debian operating systems. If your infrastructure uses dedicated servers running Linux, such as PostgreSQL, you can provide them with instant recovery protection. Interestingly, the company plans to introduce support for Apple devices under MacOS and DSM itself, although no one will allow you to restore "Apple" computers to a virtual machine, so this feature will simply be a pleasant alternative to Time Machine with centralized backup management from a single interface.

4. Redesigned storage system

Much of what Synology has reworked in the field of storage itself can only be evaluated in some special cases, but nevertheless, for many of the company's customers, this is very important. If you are using a HDD array with an SSD read/write cache (for more information about SSD caching in Synology, see our article), you can transfer all metadata to a fast solid-state storage layer. This will increase the speed of processing large volumes of small files, including those that are constantly changing. For example, this applies to the above-mentioned Active Backup for Business, Snapshot Replication, and Hyper Backup.

When one of the drives in the SSD read/write cache fails, Synology DSM automatically resets all contents to the HDD array to avoid data loss. We managed to speed up this process by 200%, although from my point of view this is not so significant in real conditions: this situation is rare, but we still welcome any optimization and any acceleration.

Much more interesting is that RAID 6 was accelerated, both functioning normally (80% faster than DSP 6.2) and damaged (70% faster than DSM 6.2). In other words, if earlier you were afraid to use RAID 6 in SSD arrays with intensive writing due to higher delays, now you are also having a holiday on your street. In one of our next reviews, we will conduct a detailed analysis of the performance of RAID arrays in Synology.

But to maintain readiness, there was a predictive substitution of spare drives. What this means: when using hot spare disks, the array now doesn't wait for the incoming drive to finally break. As soon as the SSD or HDD self-diagnosis issues a status warning (Critical or Failing), a spare one assigned to replace it will automatically take its place.

In addition, the accelerated array recovery feature has finally appeared, in which only the data used is written to the new drive. Yes, it seems strange at the end of 2020, but all this time Synology only had the function of full array recovery: even if you used 10 GB out of 100 TB, the NAS recalculated all 100 TB during the rebuild, and the process could take several days. By the way, everyone has a quick rebild for a long time, and here Synology, as they say, just "pulled up their tails".

Well, a separate item in the list is support for 1 Pb volumes for creating large archives.

5. Active Insight

In the corporate sector today, any storage system must have a service for analyzing the state and predictive response based on artificial intelligence. Roughly speaking, comparing parameters such as temperature, load on interfaces, SOFTWARE versions and S. M. A. R. T. hard drives, the storage system should offer you something to fix in advance before the state of your services becomes critical or even before something breaks. Usually, Big Data is used for analysis, which is a metric from thousands of devices around the world. For large storage providers (which Gartner quotes above Synology), this service is usually paid, but Synology does not like to charge money for functionality.

The Active Insight package provides centralized monitoring of the main parameters of all Synology devices in your company. The following metrics are available to you:

  • CPU / memory / paging file usage
  • Volume load metrics
  • Maximum delay
  • Storage temperature, utilization, and speed indicators

All this will be sent to the servers, processed and visualized in the form of graphs, and you can monitor the operation of the infrastructure through the app on your smartphone. The basic version will probably include licensing based on the number of devices in your company, but Active Insight will probably remain free for 1-2 machines.

6. Hybrid folders, a mix of cloud and NAS

Synology has its own "C2" cloud, which is used for data storage and is characterized by very affordable prices. Previously, you could only use it for backups, but now the company was able to cross a shared folder on the NAS and the cloud. In General, this technology has long been known to us - Synology has the same solution for a local folder on your computer, Synology Drive: you work locally with some data, and they are slowly synchronized with the NAS: you simultaneously have a huge SSD speed of your computer, and an unlimited amount of file storage. Now the same thing has appeared, linking the NAS itself and the C2 cloud. This solution is dictated by the popularity of Edge applications, when you need to, for example, spread simple 2-disk NAS-s across objects, but give everyone access to data for hundreds of terabytes. Please allocate a local cache folder on each device and use the infinite Synology C2 space to store any amount of data.

You work with this shared cloud folder as with a regular NAS: you can connect to it using CIFS/NFS protocols, you can add backups to it, you can enable AES-256 and generally use it as a shared Drive folder with versioning, and it quietly syncs with the cloud, leaving only the most frequently requested data locally.

The easiest way to imagine this sequence is to use the example of a video processing Studio: somewhere out there, in the cloud, hundreds of terabytes of videos are stored in 8K resolution. Locally on the NAS, 10 TB of the media library that the editors work with is synced, and on their computers on SSD, there is 1 TB of synced footage in the shared folder that is directly involved in the project that is currently being worked on. No one thinks about copying and moving data from the NAS to a local disk or to the cloud - data circulates between devices automatically. Of course, when you pull out of the cloud cache, you will have a delay, but the smaller the size of the required file, the less you will notice it.

Moreover, when users don't have access to the NAS, they can download their folder data from the cloud using the Synology Hybrid Share Download Tool. So on the periphery, in a remote taiga or on a construction site where the Internet and electricity are constantly cut off, your data is always with you: both in the cloud and on the NAS.

7. FIDO2 password-free authentication

In terms of security, this is probably the most noticeable improvement in recent years: passwords are getting harder and harder to remember, so let's do without them altogether! The latest two-factor authentication technology is based on the use of a public-key cryptographic system using hardware security devices, mobile phones, and biometric data readers.

Currently, you can configure authentication via Windows Hello (when the operating system in which the user is logged in confirms that he is he) or via a fingerprint scanner in Apple laptops.

In principle, if the term "password-less authorization" makes you shiver, then the above methods can be used as an additional authentication factor in addition to the password, making your NAS even more secure.

Other improvements for which there is no room in the article

Of course, much of what was done in DSM 7.0 was aimed at improving existing features: the speed of switching nodes in the High Availability cluster was increased, and the time required to install DSM updates was reduced by 85%. The Hyper Backup program has added the ability to back up Synology CMS, Cloud Sync, USB Copy, and other applications. For photo hosting, we improved face recognition and thumbnail preparation, redesigned the storage Manager interface, and finally added schematic NAS images to it so that you can see which disk to change. We made it easier to work with mass access levels to folders, allowed you to unblock files that have open connections, and delegated some administrative rights to users so that the sysadmin could safely transfer the reins of power without giving root access. And just updated the interface, making it a little easier, brighter and more modern.

What was forgotten / ignored / left out?

By virtue of my profession, I have the right to criticize any, even the most masterful masterpiece, and while maintaining objectivity, I would like to say that developers either do not notice any of the user's wishes, or put them on hold.

  • Well, for example, the entire DSM interface is designed for two volumes, and as soon as you create a third one, wherever you deal with volumes, you will scroll, and even the desktop widget will not display more than two volumes without scrolling.
  • Widgets seem to have been forgotten: they were not written for Docker, Virtual Machine Manager, or any other applications, and they did not allow the community to make them independently. I really hope that all this will be in the release, because it is modern and in demand!
  • There is still no object Storage Server, and it is not clear why to support two backup systems, Hyper Backup and Active Backup for Business, instead of merging them into a single application.
  • And if, for example, we implement the mechanism for copying virtual machines on the 1-2-3 principle, then "1 "is the NAS itself with a web recovery portal, external storage" 2 "is simply not provided here, and as" 3 " you can only use your own Synology C2 cloud.
  • Even the mechanism of disk recycling by multiple Erasure is not provided, unless the drive itself can not erase itself, that is, it does not support Secure Erase.
  • There is no native plugin for exporting to Zabbix / Prometheus monitoring systems, although this should have been available a long time ago.
  • And nothing new has been done in the field of video surveillance, although to be fair-there are enough improvements in the form of a facial recognition mechanism this year.
  • Where is RAID 50/60? Yes, for weak processors, these arrays are too heavy, but in the top FlashStation are powerful Xeon-s? And where, I ask you, are the arrays with three parity blocks that can withstand the failure of 3-drives? 2021 is in the yard!

Bottom line

DSM 7 brings very significant improvements that will be noticed by corporate users. Clearly, it makes sense to update the existing Synology server fleet for the DSM release and consider integration into new services already taking into account hybrid clouds, the Fibre Channel Protocol and active monitoring. We look forward to deduplication and updates in packages such as Mail Station and Active Backup for G Suite / Office 365.

Michael Degtjarev (aka LIKE OFF)
08/12.2020


Read also:

Impregnable NAS: hardening and protecting Synology

A modern NAS is quite capable of protecting itself from most attacks and guaranteeing not only the continuity of the service, but also the inviolability of the stored data. Even with minimal settings and following the manufactur...