Using business-grade intrusion prevention technology, this package inspects the incoming and outgoing traffic of your network and blocks malicious packets from passing through.2
Identify the weakest links
See which devices on your network have triggered high-severity events. You can then decide whether they need a virus scan or should be temporarily blocked from the internet.
Review trends and statistics
A summary of all security events over the past 7 or 30 days helps you analyze which regions or IP addresses most attacks originated from.
Enjoy stellar performance
Intelligently designed to make threat detection more efficient, Threat Prevention allows you to enjoy great security with minimal impact on internet speeds. Learn more
Work in bridge mode
Your Synology Router can seamlessly work alongside your existing modem or router to provide an extra layer of security, without the need to reconfigure the network.
Built-in security databases
DNS & IP threat intelligence
SRM’s Safe Access package leverages several databases to block domain names and IP addresses identified as related to dangerous websites, malware, internet attacks, phishing, and more. At the same time, it provides you with detailed logs on the users or devices that attempted to access these sites.
Google Safe Browsing
Helping to keep over 3 billion devices safe every day, Google Safe Browsing is available on every Synology Router. Extend Google’s defense against malware, unwanted software, and social engineering to all types of devices and platforms in your network.3
DNS over HTTPS New
Most modern websites are encrypted by HTTPS, but DNS queries are not. This poses a risk, as outsiders might eavesdrop on the domains you visit and even leverage such data for man-in-the-middle attacks. Synology Router supports DNS over HTTPS functionality by Google and Cloudflare, allowing DNS queries from all devices in the network to be encrypted to keep them safe from prying eyes.
Let's Encrypt® integration New
Let’s Encrypt® makes it possible to apply for and automatically renew free SSL certificates on Synology Routers, removing the costs and maintenance efforts associated with HTTPS deployment. A wildcard certificate is available to Synology DDNS users to secure all subdomains — especially beneficial for companies hosting VPN Plus Server for remote access to their intranet.
With a track record of 1.2 software updates per month and 5.6 CVE fixes per update on average, Synology helps you ensure that your router is always properly equipped to confront emerging threats. Other security mechanisms implemented include:
Additional network layer for advanced security
Administrators can create up to 5 networks and 15 SSIDs,4 distributing endpoints across different networks to achieve network isolation and to customize firewall rules, internet access policies, QoS rules, and other settings according to the purpose of each endpoint.
Support for a dual-stack (IPv4/IPv6) firewall enables businesses to secure their network when gradually transitioning to IPv6. Tools such as Geo-IP blocking also allow them to quickly set up firewall policies based on their specific requirements.
Automatic blocking and two-factor authentication
Automatically block IP addresses after repeated unsuccessful login attempts and set up an extra layer of access security with two-factor authentication.
Automatic security database updates
All security databases used in SRM, such as Threat Prevention signatures, IP filters, and Google Safe Browsing databases, are updated as soon as new data become available and do not have to rely on SRM system updates.
Cisco VNI Report, Strategy Analytics.
Currently available on RT6600ax, RT2600ac, and RT1900ac only. External storage is required.
Learn more about how to enable the feature here
Currently available on RT6600ax. Admins can create up to 5 VLANs per router and up to 3 Wi-Fi SSIDs per VLAN with Smart Connect turned off.