Remote access: WebDAV or VPN

avatar

 

“How can I access my files in DiskStation over the Internet, just like the way I could in my home?” One of my close friends asked me once. I offered him a simple 3-step guide:

  1. First, download the file via various protocols like FTP, File Station, or File Browser.
  2. Then, edit the file.
  3. After editing, upload the file back onto DiskStation.

But he wasn’t satisfied. “There must be an easier option, like a one-stop approach,” he said.

In fact, there is. WebDAV and VPN are the two options you can try. While WebDAV is already implemented in DSM, VPN Center was just released recently as an optional DSM package. In this article, I’d like to compare their similarities and differences, and help you determine if they are the right access tool for you.

Network File System Metaphor

Let’s drift off for a minute and explore how files are saved. You may answer that they are stored on hard disks, which is 100% correct. But how? And how do hard disks communicate with PC or NAS server?

It all starts with “file system”. Nowadays, all operation systems provide a file system on the physical storages to act an abstraction layer for applications running on that OS. On any direct-attached storage, like the hard disk in your PC or laptop, applications will use API (Application programming Interface) or system calls to access files stored in it. API and system calls are like the language spoken between the operating system, the application, and the storage device.

Now what if your storage device is not directly connected to PC, but needs to be communicated through network? How would the applications access files through network cable? Sure, FTP is a good way, but it’s not convenient enough for constant data access. And not every application supports common network protocols like FTP or WebDAV. While application updates may be able to offer the support, the extra effort it requires on updating all applications is enough to get anyone turned down. Were such be the case, it’s hard to imagine anyone using NAS as a central storage device.

This is why most operating systems provide a Network File System facility. The Network File System is mounted on the local file system’s namespace. It allows a client computer to access files over a network in a way that’s similar to how local storage is accessed. This is also why DiskStation supports Windows File Sharing Service (CIFS), Apple Filing Protocol for Mac and NFS for Unix users. In Windows, users only need to map a DiskStation’s shared folder as a network drive, and then all applications can access network storages through it. This is because the operating system has handled all underlying complexities.

WebDAV

You probably noticed that I mentioned WebDAV in the previous section. So what exactly is WebDAV?

WebDAV (Web-based Distributed Authoring and Versioning) is a file sharing and management protocol based on the Hypertext Transfer Protocol (HTTP). The WebDAV protocol allows you to edit documents directly over the Internet, making the Web a readable and writable medium. The beauty is – since it’s an extension from HTTP, most firewalls won’t block it. And Synology DiskStation has supported it since DSM 3.0.

Most operating systems have built-in support for WebDAV. The setting is similar to a network drive or a network shared folder. With no updates required, applications can access files stored in WebDAV folder over the Internet seamlessly. Many cloud storage services already employ WebDAV as a standard to access their online storages. One of the examples is Apple’s MobileMe iDisk service, which appears in your Mac Desktop just like a local disk.

And for those who seek having an extra layer of protection, WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. You can also install SSL certificates to increase security measure.

VPN

While WebDAV provides a secure and transparent way to access remote files, sometimes we want to do more than just access files remotely. Companies may have certain IT system or services that are not exposed to the Internet due to security concern. In this case, you should use VPN.

Basically, VPN (Virtual Private Network) creates a secure tunnel between the client and remote private network. A common way to illustrate the idea is to imagine there is a virtual leased line connecting the local and remote network. You can access remote services in the same way as you could in your local network. To open a remote document, simply do it as you would to map a network drive by typing in a UNC path like “\\192.168.0.8\office documents”.

In a package just released by Synology, DiskStation can now act as a VPN server and work as a secure gateway for your network in offices or home. This package includes the PPTP support, which is a popular VPN protocols supported by most operating systems. Also basic OpenVPN support has been built-in, which gives users a starting point to explore more advanced functions provided by OpenVPN server.

Bandwidth Consideration

All good things come at a price, and this stays true in the digital world. While you can get instant and transparent access to remote files, just like you would to a local file on your computer, you may want to make sure there’s enough Internet bandwidth to ensure a smooth operation.

While the access to files is very fast in local disks or local area network, the same speed may not directly apply to your access over the Internet. For example, some applications may create many temporary files during operation. Access on these files is quick within local area network, but can be very slow when it’s performed via remote access. Also, VPN technology will encapsulate your network packets with additional payloads when transmitting them in the secure tunnel. This means that it requires more bandwidth than when transmitting in a local area network. Basically, no matter if you are using VPN or WebDAV, make sure the Internet connection is stable and provides high-capacity bandwidth.

Summary

In summary, WebDAV provides a simpler, light-weight and firewall-friendly way to access files over the Internet than VPN. But VPN has better advantage to access various intranet network resources due to its protocol-transparency and better security features. This is why most SMB or enterprises nowadays choose to setup a dedicated VPN server to access remote office resources. As a rule of thumb, most home users would find it usually just enough to use WebDAV most of their time.

- Allen