ICAP Compliance/Support is required by CyberSecurity Protection Solutions in order to integrate their solutions with TrueNAS.
ICAP was requested several years ago (back in April of 2021), on the old TrueNAS Support Site ([ICAP | TrueNAS Community](https://Old TrueNAS Community - ICAP Support)), now archived. It was acknowledged by Mr. @kris Moore, but it doesn’t appear this went anywhere.
I did search this Discourse forum for additional discussions on this topic and found zero. This begs the question, how are users integrating Commercial/Enterprise CyberSecurity Solutions?
Using only the definition of NAS, I think it is easy to see the impact of this issue, due to the number of servers and workstations which connect to and use data off the TrueNAS device. Some CyberSecurity Solutions can scan the shares, from specific machines, but there doesn’t seem to be a way to get active scanning nor connectivity to any cloud-based dashboard, without ICAP compliance/support
Dell®, EMC®, IBM®, Hitachi®, HPE®, Oracle®, and other NAS Solutions are ICAP Compliant, but TrueNAS doesn’t seem to be, nor does appear to be in the works. Admittedly, I could have missed it, but I cannot seem to find any information on the topic, as it relates to TrueNAS.
I’m not sure what you mean by “Do you currently use ICAP?” I need to use ICAP but TrueNAS doesn’t support it.
ICAP in this case, would be for virus scanning and other cyber security related integrations.
“How valuable is it…” Well, I’ll have to quit using TrueNAS and switch to another ICAP compliant NAS solution. This means a partner of TrueNAS (OWC Jupiter) will loose my business and likely others, when they learn there isn’t a commercial nor enterprise cyber solution they can integrate with their Jupiter, due to lack of ICAP support.
Just to clarify, the OWC Jupiter systems are not in partnership with iXsystems/TrueNAS. They are running the Community Edition of the software. If we end up prioritizing ICAP down the road, I would expect it to be limited to official TrueNAS Enterprise systems only, since that is very much an Enterprise feature to build and support.
Yep, that is the community edition of SCALE as well. Same operating model as CORE/Enterprise. There is a SCALE Community and then an Enterprise licensed version on our official TrueNAS Appliances.
In any event, I think it is best for TrueNAS to offer ICAP across all the TrueNAS options, although I’m not necessarily against upgrading to TrueNAS Enterprise. The problem remains how do Corporations and Enterprises deploy Corporate/Enterprise versions of Antivirus and/or CyberSecurity solutions on devices running TrueNAS, without ICAP? Or are people simply not interested in protecting the data they trust TrueNAS with?
Its been on our backlog wish-list for a while. We don’t get asked about it a whole lot, most corporations deal with their AV issues client-side, not running directly on the storage array. But we get that there is a use-case where it makes sense to scan directly from the storage.
If there is enough business justification behind it then we will of course look at re-prioritizing. If your corporation has a big need for this I suggest talking with @Captain_Morgan or a member of our sales team.
I understand business justification and I understand these things don’t happen overnight. However, Cyber Attacks are going after more than just data these days.
Honestly, we chose OWC’s Jupiter because of the companies behind them. OWC and TrueNAS have solid reputations in their spaces. Combining the two seemed to make sense. However, I’d never used TrueNAS for anything other than a small home-NAS appliance before this and that was back when it was FreeNAS.
I know TrueNAS Scale is based on Debian. So it may be possible to simply install certain AV & Cyber Protections via the OS. This will apply to the Jupiters we are quoting now, but not to the ones we purchased last year. They are TrueNAS CORE.
I would like to connect with both you and @Captain_Morgan outside of the confines of this thread. Is that possible?
