Storage Sync is primarily deployed behind the firewall and as such it is accessed by users who are explicitly authorized by the IT for accessing the Storage Sync device. This greatly mitigates external security risks especially if you have adopted all the appropriate security measures and best practices within your company firewall. The Meltdown and Spectre security patch is an optional (opt-in) security measure to ensure that your Storage Sync device cannot get compromised even inside your company firewall.
The Meltdown security patch, when enabled, has performance implications. Users can experience about 100% increase in browse time for folders when they access Storage Sync device. Additionally, they might experience 30% performance degradation for file read and write.
In order to install the patch, make sure that Storage Sync is currently running the latest Storage Sync version 11.1.x. If your Storage Sync version is older than 11.1.1, migrate to Storage Sync version 11.1.x and enable the Storage Sync Meltdown patch. Download the latest Storage Sync version.
The are two different paths described here -
I. Devices upgraded from Storage Sync 11.1.1
II. Devices that are new or have been migrated from 11.0.x or earlier
I. After upgrading from v11.1.1 to v11.1.3
1. Before installing the patch, make sure that a sync has completed successfully.
2. Login to the Storage Sync device in a terminal with the egnyteservice account
3. To download the script, run the following command:
> curl -o upgrade_for_meltdown.sh https://egnyte.egnyte.com/dd/kC1mfOCCUv
4. Run the script
> sudo sh ./upgrade_for_meltdown.sh
5. After the script completes, reboot the device
II. After deploying a new Storage Sync 11.1.3 OVA
This version will include the Meltdown security patch, however it will not be enabled by default. To enable the Meltdown security patch after installing the 11.1.3 OVA, please perform the following steps:
1. Download the script:
> curl -o enable_meltdown_patch.sh https://egnyte.egnyte.com/dl/a99xIMaxM5
2. To enable the Meltdown security settings, run the script:
> sudo sh ./enable_meltdown_patch.sh
3. After the script completes, reboot the device