Secure offsite backup with second Synology

#1

Hi!

I am planning to set up a second Synology at remote location, for offsite backup from my main Synology.
My main concern is how to set it up securely, like for an example, is Synology´s own Hyper-Backup softwares own “transfer encryption” secure enough?
I have a pfSense box at my main location, that i can use, but for the the remote location, there is only a ISP provided router/firewall, that allows just simple features.
At some point, thanks to Lawrence Systems, i learned about ZeroTier VPN solutions. They offer a package for Synology, so what are the opinions on setting it up on both Synologys NAS devices?

Or does anybody have any other recomendations?

Thanks!

#2

You could load ZeroTier on each Synology and they could easily and securely talk to each other.

#3

Thank You!

At first, the ZeroTier package seems bugged on Synology NAS. Are there any good alternatives for ZeroTier?

#4

I would configure an IPSec tunnel between the two locations (if at all possible, ISP allowing) and if the ZeroTier solution is not working for you. If IPSec tunnel is not possible I would setup wan access via a public IP on the remote location and secure it via ACL.

Re the encryption of Hyper-Backup (from Synology’s website):

Data encryption and compression
Military-grade AES-256 and RSA-2048 encryption technologies protect data from illicit access. Compression reduces outbound traffic and storage consumption.

So in my mind, if your offsite location is secure and you have a secure mechanism to transfer the data and your offsite NAS is encrypted then I think we have ticked a lot of boxes.