Question about FreeNAS on ESXi without connectivity to the outside world?

[Aristotle]

I have a couple of VM's hosting various things on ESXi.
I wanted to build an array for storing important stuff that is secure, and unhackable. I realize that no system is un-breakable, but with whatever decent security I can add to my array, so that no one from the outside world can get into this particular vm host.

I'd like to access this host from my macbook, and other computers within the network, the array will be hosting personal home albums, pics, videos, important documents, etc.

Please correct me if i am wrong, and if this is the right way to go about it.
1. Disable SSH login.
2. Disable Root login.
3. Enable cert key based login... (hopefully i am using the correct term).
Just gathered these things off the internet.

Please guide.
I also have a Sophos UTM firewall. Do i also need to add aditional stuff on the firewal to block off the internet on this host?

 

[joeschmuck]

You have a failry simple answer here since you are using Sophos UTM, just enable the VPN. Now I may say this is simple but in fact Sophos is a pain in the rear to configure but the VPN isn't bad. Just do a Google search for it and there are a few places describing in detail how to adjust your Sophos.

If you really wanted it to be supper secure then you could build an entire authentication system usiung an RSA token (the authentication number changes once every minute and appear random but it's not) but that is a whole lot of overkill for a home system and very expensive. Use the VPN and a unique strong password.

Good Luck.