ReadyNAS Duo v2 Windows 10 2019 Fall Update SEcurity and Shares

The Duo v1 was discontinued in 2011; the Duo v2 was discontinued in 2013.  Netgear ended firmware updates for both models in 2017 (similar to Microsoft ending support for Windows 7).  

Both models have much less memory than currently shipping ReadyNAS, and both have slow CPUs by modern standards.  Neither has hardware support for AES encryption and authentication, so performance with SMB 3 would be very slow (and likely isn't possible at all on the v1 - it's hardware design is very old).

Newer ReadyNAS (including the entry level RN212) support SMB 3.  They also get regular security updates (including hot fixes pushed by Netgear).

FWIW, SMB 3 isn't enough to protect you from ransomware.  Generally ransomware comes in through your PC, and it can spread to the NAS if the PC can access it.  SMB 3 helps in enterprise networks (because it can limit the spread of the ransomware if you have a lot of PCs).  But (IMO) it doesn't help much on home networks.

The best approaches are to use secure cloud backup (which generally does include some ransomware protection), or to have local backups of your data that can't be accessed by your PCs.  Running real-time malware protection on the PCs can also help - though new malware might still get through.

---

Woodfield wrote:

 

5. Worse perhaps, although you can see your shares in a browser, you will be warned that the certificate used by Netgear is unsafe. Carry on at your own risk. In other words, the firm cannot even be bothered to update its certificate, never mind deal with an appropriate software update - despite the warning from Micorosoft. 

You misunderstand certificates.  Netgear can't provide a CA certificate for your NAS - because that certificate declares that Netgear owns it and that it is under their administrative control. Which of course isn't the case.  Only you can get and install a CA certificate for your NAS.  The process isn't easy (and that doesn't have anything to do with Netgear).

What Netgear can do is generate a self-signed certificate.  That does allow the use of encrypted https, but it is vulnerable to man-in-the middle attacks (for instance, an evil server that intercepts transactions going to your bank website).  Generally that's not a real threat on a home network - but it is a big problem with internet-hosted servers (and that is why the browsers give you those warnings).

BTW, I do still have a Duo v1 (and an NV+ v1) in service.  Both are used as secondary backups for my primary NAS (an RN526).  SMB is disabled on them altogether, they back up selected shares on the main NAS using rsync.