Can I use FreeNAS for this?

[Manoe]

Hi, I have been tasked with building a new server that interfaces with an already existing 100TB NAS system.

Basically the idea is that I should build a new server that has two virtual server inside it, one being a webserver that is used to show data that resides inside the already existing 100TB NAS and the other server being some kind of data-transferring server that fetches data from remote locations and then resends that data to two different locations, one being the 100TB NAS and the other being a another long term data storage facility.

So the question is, is it possible to install a webserver on FreeNAS so I can use it to retrieve and resend data to different locations then use it to fetch Read-only data from the 100TB NAS and show it through the webserver?

If not does anyone have any other already existing operating system or software in mind that can achieve this?
attached picture to help explain what im trying to do: http://imgur.com/a/7yN9f

 

[Ericloewe]

It's certainly not the easiest thing to do with FreeNAS. Since you're not actually storing things on this new server, you're better just taking vanilla FreeBSD and assembling the bits and pieces.

 

[iposner]

This diagram looks wrong to me:

1) Why would you want your data storage (even short term) to be on the internet-side of your firewall? Your firewall is clearly in the wrong place.

2) The firewall should be between your remote hosts and your webserver. This way you're only exposing ports 80/443 to the internet.

3) You could add a second firewall between your webserver and all of your storage, essentially placing your webserver in a DMZ, and carefully open up SMB/CIFS/NFS ports to provide inbound access to the storage. Remember that network security is only ONE TOOL within the security arsenal: Ensure that the account under which the webserver writes files to the storage is different to the account used for syncing those changes to longer term storage. Give the webserver process MINIMAL permissions on the target filesystem to do that which is required.

4) Your inner-most network zone (your organisations internal or backend network) should be where your data resides. You can enable one-way networking between that network and your DMZ (rules to allow new and related packets) which will allow you to control servers in the DMZ transparently from the internal network.

 

[Manoe]

The long term data storage is a bought service from a datacenter, the data there is basicly just a backup of a backup. Only the webserver is really accessible from outside , its only for others to read the data that we provide.

The remote hosts are all behind their own seperate firewalls on the field, outside our company. The webserver and the data collecting server are seperate virtual server under same hardware, mayby that wasnt clear from the picture.

The data server is in noway accessible from the outside and it only works as a relay dataserver, pulling data from the remote hosts and dumping it to the NAS, where it is then linked to the webserver where the data is readable only from the outside.

The original question was if FreeNAS could have served as the data pullin/pushin server, incase it had some neat ready features to do this.
Since then we have decided to do our own python program to automate the data transfers from remote hosts > dataserver > NAS > long term storage