Thanks guys for pointing out the XPE is a 'hack' and sharing your opinions. I'm well aware of it and I wouldn't recommend it to anyone without full disclosure of any involved risks. My comment was that I think DSM has much nicer interface than FreeNAS 11, in my opinion. What I'm doing right now is just an evaluation of various options just to educate myself a bit more about the user interfaces of these options, as i'm mostly a CLI guy I don't play around with GUIs that much.
While we're sharing opinions here... I find it interesting to see the various opinions from people who are comfortable with risk vs those who are not. not just talking about this thread, but other threads i've seen around here about hacking PDBs, Fans, HBAs, etc. It reminds me of the early days of Linux, which started out as a school project/hobby OS, aka 'hack'. At the time, I was working at a large corporation that exclusively used Solaris, IRIX, and Win NT for server OSes. The mention of using Linux made so many people uncomfortable, especially among the "manager types". Some of the techies that were familiar with it were all over it. I remember an instance where the guys trying to push for Linux found a pretty bad bug in the SCSI storage layer; the risk averse anti-Linux crowd were silently cheering through the office, and then 2 hours later Alan Cox replied to an email with a kernel patch and the Linux guys were compiling their kernels and the problem was fixed that day. The anti-Linux folks sort of shut up, because at the time they were dealing with a problem with some UltraSPARCs and Sun was giving them the run around without a fix for months up to that point, and then eventually officially blamed it on "cosmic rays." (no joke, it was official) I think the moral of the story is that "risk" is all about knowledge - whether you're working through official channels/vendor support or a community of capable hobbyists/hackers doesn't really matter, what matters is being in a position that provides the most knowledge to counter the risks.
Another story about risk... a close friend last year found a very low mileage salvaged title Porsche 911 Targa 4S at a used car website, which turned out to be sort of scam. The pictures of the car looked like it was in bad shape, the entire interior was missing, etc. He eventually tracked the car down to where it was really being sold at auction. He then did further investigating and found the whole backstory to the car, which involved some very wealthy person who parked the car with the top open and the car got wet. The water damage wasn't all that bad in reality, but the owner couldn't stand the idea of his new car (he had just bought it new a few months ago) having water damage, and apparently did a lot of business with the dealership folks, so they supposedly did him a favor and took the entire car apart and told the insurance that it was going to be $90K to properly fix the car, so the insurance company paid the owner so he could buy another brand new one. All the interior bits were still at the dealership. My friend asked them what it would take for them to put the car back together with those parts and was quoted about $3K. Armed with that knowledge he went to auction and out bid everyone else and got the car put back together and shipped to his house. In the end, he got a Targa 4S with a few thousand miles, granted with salvaged title, for less than half the price of a brand new one. He's enjoying every moment of driving that car up until this day, everything works, and the minor water damage is no longer visible after a good interior detail job.
So, bringing this back to this thread, in my opinion, I think "risk" isn't the same for everyone, and is relative to how much knowledge one has, or is willing to acquire. I have a lot of clients who don't have the knowledge, nor the time, and mostly don't have the will to acquire the knowledge, so their way to manage their risk is to pay someone (vendor, consultants, etc.). But there are clients who are much more technical, or willing to acquire the knowledge they need, and they are completely comfortable using something like the community version of FreeNAS, CentOS (rather than RHEL), or even something like XPE, etc. for their production workloads. I've met clients that would take apart a major brand (think Cisco, Juniper, etc.) network device and take a soldering iron to it to repair a problem rather than pay for support!! Most of my clients are risk averse, and I get that they just want to focus on their core business, but working with them is "just another day in IT consulting." I personally really enjoy working with those that are not risk averse as they are much more interesting, creative, and innovative; and I find myself learning new things from such people which is much more exciting to me.