Supports security priority mode and network stability priority mode
Specifications
Supports up to 30,000 self-defined class and signature policies
Supports viewing the details of malicious events
Supports scheduled signature updates
Supports notifications via Email, SMS, and push notification services
Displays the geographical distribution of malicious sources
Sets storage limit of log files
Supports the backup and restoration of the app configuration
Security Advisor
Features
Safeguards the system by threat detection and update notifications
Specifications
Checks for available SRM and package version updates to ensure security and protect against vulnerabilities
Scans system and related network settings, and detects and removes malware for enhanced system security
Supports account and password strength detection
Automatically updates security definitions database to stay up-to-date
Firewall
Features
Manages multiple firewall rules for specific protocols and services
Specifications
Access to ports or services can be individually customized to allow/deny specific IP addresses
Internet access can be disabled for client devices
Controls the traffic of services and TCP/UDP ports
Protects your Synology Router and client devices from DDoS attacks
Supports firewall rules based on geographic regions
Supports VPN pass-through
Auto Block
Features
Automatically blocks IP addresses with a high number of failed login attempts
Specifications
IP block can be triggered based on a specified number of failed login attempts within a predefined duration
Supports customization of expiration time
Supports allow list and block list to increase management flexibility
VPN Services
VPN Plus Server
Features
An intuitive VPN server that features hassle-free setups, secure access, and smooth connections
A centralized platform for multiple types of VPNs
Real-time monitoring and management of VPN connections
Specifications
Supports customization portal page for WebVPN
Supports split tunneling for SSL VPN
Supported VPN services:
WebVPN
SSL VPN
Remote Desktop
SSTP
OpenVPN
L2TP over IPSec
PPTP
Supported for Site-to-Site VPN:
Dead Peer Detection (DPD)
Perfect Forward Secrecy (PFS)
DNSSEC Validation for Site-to-Site VPN
Supported for Remote Desktop Protocol (RDP):
Windows 10 Enterprise (Professional)
Windows 8.1 Enterprise (Professional)
Windows 7 Enterprise (Professional)
Supported for Virtual Network Computing (VNC):
macOS 10.11, 10.12, and 10.13
Application support for TightVNC and XVNC
Supported client applications for SSL VPN:
Synology SSL VPN Client (for Windows/macOS)
VPN Plus mobile app (for iOS/Android)
Generates traffic reports for activated VPN services
Allows setting of permissions to manage VPN connections for selected users and groups
VPN Plus (mobile)
Features
Allows mobile devices to have fast, easy and secure access to local network resources via Synology SSL VPN service
Specifications
Minimum system requirements:
Android 7 and above
iOS 11 and above
Supports certificate-based authentication and certificate management to enhance the security of network connections
Supports two-step verification
All-In-One Server
File Station
Features
The default file manager for browsing, previewing, and managing folders and files stored on your Synology Router
Easy and safe file sharing
Specifications
Supports moving files by dragging and dropping them between browser windows
Displays photos and videos with Photo Viewer and Video Player
Supports file sharing with other users on the same Synology Router via easily generated shared file links or QR codes
Configures shared file links:
Configure validity periods of shared file links to enhance security
Centrally manage where users can edit, share, or remove existing shared links with Shared Links Managers
Share files as email attachments
Controls the maximum bandwidth available for users and groups transferring files
Limitations
Dragging and dropping between browsers or between tabs is not supported on Internet Explorer
DNS Server
Features
Resolution from domain names to IP addresses for devices or resources connected to the Internet or local area networks (LAN)
Master, slave, and forwarding zones that ensure high availability of DNS service
Specifications
Supported resource records: A, AAAA, CNAME, MX, NS, PTR, SPF, SRV, and TXT
Provides access control for zone transferring, DNS queries, and dynamic zone updates
Safeguards the following mechanisms via TSIG (Transfer Signature) keys:
Synchronization of DNS files
Dynamic updates from master zones
Sends recursive queries to resolve external DNS records
Supports forwarders for resolving external DNS records
Supports slave zone notifications
Supports importing and exporting zone settings and resource records
Supports split-horizon DNS, providing each client with customized DNS information
Supports forward and reverse DNS lookups
Supports exporting logs
Supports customizing the number of system resources used by DNS activities:
Maximum cache size
Maximum cache TTL (Time-to-Live)
Maximum number of recursive clients
Maximum number of TCP connections
Maximum log size
Log Center
Features
Offers an easy solution for gathering and displaying log messages on your Synology Router
Centralized log management interface and the flexible search function to help users find useful information efficiently
Specifications
Displays charts for analyzing log activities
Archives logs by specified time, number of logs, the data size, and hosts
Sends logs to another log server
Supports TCP and UDP transfer protocol
Supports BSD (RFC 3164) and IETF (RFC 5424) format
Supports secured SSL connection by importing certificates
Supports sending logs filtered by service categories or log levels
Receives logs from the other log servers
Supports TCP and UDP transfer protocol
Supports BSD (RFC 3164), IETF (RFC 5424), and other customized formats
Supports secured SSL connection by importing certificates
Receives 50 - 3,000 syslog events per second
Proactive email notification according to log level or specified keywords
Advanced log search engine filtering logs by keywords, date range, and log level
Supports exporting logs to HTML or CSV files
RADIUS Server
Features
Provides centralized authentication, authorization, and account management for wired or wireless network access
Logs events to ensure connection monitoring
Specifications
Supported authentication protocols: EAP-MSCHAPv2, EAP-TTLS, MS-CHAP, PAP, and PEAP
Supports translating account names in accordance with authentication sources to which the server is appointed
Supports multiple types of user authentication:
Local users only
LDAP users only
Domain users only
Local users and LDAP users
Local users and domain users
Supports blocking unpermitted access
Supports exporting logs in HTML format
Supports various delimiters for distinguishing account types (local users have the highest priority when there are duplicate usernames):
@: LDAP users or domain users
\ : Domain users
No delimiters: Local users, LDAP, or domain users
Limitations
Client names must be between 1 and 32 Unicode characters
Client names do not support special characters "!"#$%&'()*+-,/:;<=>?@[]\^`{}|~"
External Access
QuickConnect
Features
Allows secure and smooth connections from mobile and PC clients to your Synology Router via the Internet without the hassle of setting up port forwarding rules
Specifications
Ensures server connection efficiency by a LAN/WAN detection mechanism to choose the optimal connection method (Learn more)
Ensures server reachability by choosing the optimal connection route and the optional QuickConnect relay service
Secures network connections with end-to-end encryption if SSL is enabled
Applies required port forwarding rules to compatible UPnP routers automatically
Supports customized access privileges to applications via QuickConnect
Supports detailed incident records for QuickConnect on the Synology Service Status website (Learn more)
Limitations
Not supported on certain services and packages that require mapping directly to an IP address or a DDNS
Relayed QuickConnect connections may be slower than connections via port forwarding because of longer network latency
Relay service might not work because of certain limitations of ISPs in some regions
DDNS
Features
Translates the domain name of your Synology Router to an IP address
Supports multiple DDNS providers
Affiliated Utility
DS router (mobile)
Features
Versatile mobile application: do initial setup, manage Wi-Fi networks, monitor network status, and manage Internet activity of client devices
Manages Wi-Fi points (mesh Wi-Fi systems)
Specifications
System requirements:
iOS 12.0 or above
Android 8.0 or above
Compatible with SRM 1.2 or above
Supports installation of SRM for your Synology Router
Controls traffic to and from specific devices
Supports Safe Access functions:
Create user or network profiles
Set up different levels of web filters
Impose daily time quotas and Internet schedules on different devices
Manages and shares Wi-Fi networks (SSIDs)
Adds or removes Wi-Fi points as well as deploys, monitors, and manages a mesh Wi-Fi system
Supports WPS connections to a specific Wi-Fi network
Creates, edits, or deletes MAC filters
Manages Internet connection types, including PPPoE, Auto IP, manual IP, and DS-Lite
Binds a Synology Account to your Synology Router to set up QuickConnect
Supports firewall configuration by LAN or specific IP addresses
Configures auto IP blocking with the options of blocking rules and block/allow list
Displays and configures basic settings such as event notifications, basic router information, and attached USB devices for your Synology Router
Supports push notifications when specific system events take place
Wakes up compatible wired clients remotely using Wake on LAN function
Limitations
SRM 1.3 and above versions are only supported by DS router 2.0 and above