Store

Cart summary ()

Total (undefined items)Exact taxes and shipping will be calculated at checkout.

Continue shopping

Bee Series by Synology
Products A-Z
Store

ActiveProtect Manager

APM Version

General

Features

Specifications

Backup and Recovery

Overview

Features

Specifications

Limitations

Personal Computers (Windows)

Features

Specifications

Limitations

Personal Computers (Mac)

Features

Specifications

Limitations

Physical Servers (Windows)

Features

Specifications

Limitations

Physical Servers (Linux)

Features

Specifications

Limitations

Virtual Machines

Features

Specifications

Limitations

Databases

Features

Specifications

Limitations

File Server

Features

Specifications

Limitations

Microsoft 365

Features

Specifications

Limitations

Backup Copy

Features

Specifications

Limitations

Centralized Management

Features

Specifications

Limitations

Account and Privileges

Local Users and Groups

Features

Specifications

Limitations

Domain and LDAP

Features

Specifications

Limitations

Permission Management

Features

Specifications

System monitoring & Management

Storage

Features

Specifications

Network

Features

Specifications

Limitations

Security

Features

Specifications

Limitations

Resource Monitor

Features

Dashboard

Features

Activities

Features

Specifications

Limitations

Notification

Features

Limitations

Log

Features

Specifications

Limitations

Affiliated Utility

Synology ActiveProtect Agent

Features

Specifications

Synology ActiveProtect Recovery Media Creator

Features

Specifications

Synology ActiveProtect Recovery Tool

Features

Specifications

Affiliated Package

ActiveProtect Vault

Features

Specifications

Limitations

General

Features

  • ActiveProtect Manager (APM) is a Linux-based operating system designed for Synology ActiveProtect appliances, offering a complete set of data backup and recovery features
  • Its intuitive web interface simplifies management, making it easy to protect and restore your digital assets

Specifications

  • Supported browsers:
    • Google Chrome
    • Safari
    • Microsoft Edge
    • Firefox
  • Supported languages:
    • Czech, Dutch, English, French, German, Italian, Japanese, Korean, Polish, Russian, Simplified Chinese, Spanish, Traditional Chinese

Backup and Recovery

Overview

Features

  • Provides comprehensive backup solutions for Windows/Linux physical servers, Windows PCs/Macs, SMB/NetApp/Nutanix file servers, VMware vSphere/Microsoft Hyper-V virtual machines, and Microsoft 365
  • Features protection plans with flexible scheduling and version retention policies, streamlining backup management across multiple targets to meet enterprise requirements
  • Reduces data transfer size with Changed Block Tracking (CBT) and Resilient Change Tracking (RCT), improving backup performance and storage utilization
  • Enhances storage and backup efficiency using block-level global deduplication to reduce data redundancy
  • Offers multiple recovery options, including entire machine restore, instant restore, and granular file restore/download
  • Enables IT personnel to run recovery tests in a sandbox environment using the built-in hypervisor

Specifications

  • Protection plan coverage
    • Time zone options for scheduled execution
    • Backup settings:
      • Flexible scheduling: hourly, daily, or weekly
      • Version retention rules
      • (Machines) Custom backup windows for allowing or restricting backups at specific times
      • (PCs and physical servers) Custom volume backup
      • (Physical servers and virtual machines) Application-aware processing and backup verification
      • (Virtual machines) Storage space detection
      • (Windows PCs and physical servers) Automatic shutdown after backup, sleep prevention during backup, and wake-on-backup
      • (Microsoft 365) Custom backup scope for Exchange
    • Backup copy settings (Refer to the Backup Copy section)
  • Immutable backups
    • Prevents deletion of backups and backup copies during a specified retention period
    • Lock periods are determined by the retention periods set at version creation. Subsequent changes to retention settings do not affect the lock periods of existing versions
  • Maximum concurrent backups
    • Physical servers and PCs: 60
    • Virtual machines and file servers: 5
    • Cloud applications: 60
  • Retention rules
    • Supports retention by days, version count, and advanced rules (GFS)
    • Retention enforcement runs daily at 1:00 AM

Limitations

  • Refer to the Active Backup for Business documentation for limitations when adding Synology NAS to an ActiveProtect site
  • When using an immutable protection plan, version retention can only be set based on the number of days

Personal Computers (Windows)

Features

  • Backup
    • Leverages Microsoft Volume Shadow Copy Service (VSS) and Changed Block Tracking (CBT) to perform incremental backups
    • Optimizes backup and storage efficiency using Changed Block Tracking (CBT) and source-side global deduplication
    • Backs up device data and system settings via an agent, available for download from ActiveProtect Manager or the Download Center
    • Supports block-level backups, allowing flexible restoration of full devices (including data and system settings), system volumes, or specific volumes
    • Supports event-triggered backups based on the following events: lock screen, user sign-out, system startup
    • Supports defining allowed time slots for running backups
    • Provides detailed logs for backup monitoring and troubleshooting
    • Allows you to configure automatic shutdown after backup, prevent sleep during backup, and wake the device for scheduled backups
  • Restore
    • Restores entire Windows or specific volumes by creating a bootable ISO image or USB drive using the ActiveProtect Recovery Media Creator
    • Supports downloading individual files or folders

Specifications

  • Backup
    • Supported platforms:
      • Windows 11 (all editions)
      • Windows 10 Creators Update (all editions)
      • Windows 10 (all editions)
      • Windows 8.1 (all editions)
      • Windows 7 SP1 (all editions)
    • Supports NTFS file system
    • Backups are performed over ports 8443 or 433
    • Supports connecting to the management server via an IP address and a connect key after installing the ActiveProtect agent
    • Supports mass deployment of the ActiveProtect agent by entering parameters, such as management server connection details and the connect key, into the .msi installer
  • Restore
    • ActiveProtect Recovery Media Creator supported platforms:
      • Windows 11 (all editions)
      • Windows 10 (all editions)
    • A network connection is required during restoration
    • Necessary drivers must be installed before restoration
    • Supported media types:
      • USB hard drives:
        • Required capacity: 1 GB
        • Local system disk space required for temporary files: 2.5 GB
        • Supported restore models: 64-bit UEFI
      • ISO Images:
        • Required capacity: 1 GB
        • Local system storage space required for temporary files: 2.5 GB
        • Supported restore models: Legacy/64-bit UEFI

Limitations

  • Backup
    • Supports only NTFS-formatted external hard drives and SSDs. Floppy disks, USB flash drives, card readers, and other external devices are not supported
    • 4Kn hard drives are not supported
    • Windows Virtual Hard Disks (VHD) are not supported. To back up a VHD, back up the entire device or the volume containing the VHD file
  • Restore
    • Supports dynamic disks for backups, but only simple volumes can be restored

Personal Computers (Mac)

Features

  • Backup
    • Uses Apple File System (APFS) snapshots and replication technology for incremental backups
    • Optimizes backup and storage efficiency using Changed Block Tracking (CBT) and source-side global deduplication
    • Backs up device data and system settings via an agent, available for download from ActiveProtect Manager or the Download Center
    • Supports block-level backups, allowing flexible restoration of full devices (including data and system settings), system volumes, or specific volumes
    • Supports event-triggered backups based on the following events: lock screen, user sign-out, system startup
    • Supports defining allowed time slots for running backups
    • Provides detailed logs for backup monitoring and troubleshooting
  • Restore
    • Restores entire Macs or specific volumes using the ActiveProtect Recovery Tool
    • Supports downloading individual files or folders

Specifications

  • Backup
    • Supported versions:
      • macOS Sequoia 15
      • macOS Sonoma 14
      • macOS Ventura 13
      • macOS Monterey 12
      • macOS Big Sur 11
      • macOS Catalina 10.15.7
    • Supports APFS file system
    • Backups are performed over ports 8443 or 433
    • Supports connecting to the management server via an IP address and a connect key after installing the ActiveProtect agent
    • Supports mass deployment of the ActiveProtect agent using a configuration file containing the management server connection details and connect key. This file must be placed in the same directory as the .pkg installer
    • Full Disk Access must be enabled to allow the ActiveProtect agent to access device data
    • For Macs with Apple silicon, the system security level must be changed to allow users to manage kernel extensions from identified developers
  • Restore
    • ActiveProtect Recovery Tool supported versions:
      • macOS Sequoia 15
      • macOS Sonoma 14
      • macOS Ventura 13
      • macOS Monterey 12
      • macOS Big Sur 11
      • macOS Catalina 10.15.7
    • A network connection is required during restoration
    • Full Disk Access must be enabled to allow the ActiveProtect Recovery Tool to access device data
    • For Macs with Apple silicon, the system security level must be changed to allow users to manage kernel extensions from identified developers

Limitations

  • Backup
    • Full Disk Access must be enabled for proper functionality
    • Supports only APFS-formatted external hard drives and SSDs. Floppy disks, USB flash drives, card readers, and other external devices are not supported
    • ActiveProtect agent can only be installed on devices booted from local volumes
    • Encrypted volumes and APFS volumes with block sizes larger than 4K are not supported
    • Apple RAID and Fusion Drive are not supported
    • Performs a full backup every 20 incremental backups to optimize storage and maintain backup integrity

Physical Servers (Windows)

Features

  • Backup
    • Leverages Microsoft Volume Shadow Copy Service (VSS) and Changed Block Tracking (CBT) to perform incremental backups
    • Optimizes backup and storage efficiency using Changed Block Tracking (CBT) and source-side global deduplication
    • Backs up device data and system settings via an agent, available for download from ActiveProtect Manager or the Download Center
    • Supports block-level backups, allowing flexible restoration of full devices (including data and system settings), system volumes, or specific volumes
    • Supports defining allowed time slots for running backups
    • Supports application-aware backups to ensure data integrity
    • Supports configuring pre- and post-backup scripts
    • Supports backup verification by restoring and testing backup files on ActiveProtect's built-in hypervisor. The process is recorded as a video to ensure backup reliability
    • Provides detailed logs for backup monitoring and troubleshooting
    • Allows you to configure automatic shutdown after backup, prevent sleep during backup, and wake the device for scheduled backups
  • Restore
    • Supports full system or volume restores, file-level or folder-level recovery, and instant restores to VMware vSphere, Microsoft Hyper-V, or the built-in hypervisor
    • Restores entire Windows or specific volumes by creating a bootable ISO image or USB drive using the ActiveProtect Recovery Media Creator

Specifications

  • Backup
    • Supported platforms:
      • Windows Server 2022
      • Windows Server 2019
      • Windows Server 2016
      • Windows Server 2012
      • Windows Server 2008 R2
    • Supports NTFS file system
    • Backups are performed over ports 8443 or 433
    • Supports connecting to the management server via an IP address and a connect key after installing the ActiveProtect agent
    • Supports mass deployment of the ActiveProtect agent by entering parameters, such as management server connection details and the connect key, into the .msi installer
  • Restore
    • ActiveProtect Recovery Media Creator supported platforms:
      • Windows Server 2022
      • Windows Server 2019
      • Windows Server 2016
    • A network connection is required during restoration
    • Necessary drivers must be installed before restoration
    • Supported media types:
      • USB hard drives:
        • Required capacity: 1 GB
        • Local system disk space required for temporary files: 2.5 GB
        • Supported restore models: 64-bit UEFI
      • ISO Images:
        • Required capacity: 1 GB
        • Local system storage space required for temporary files: 2.5 GB
        • Supported restore models: Legacy/64-bit UEFI

Limitations

  • Backup
    • Supports only NTFS-formatted external hard drives and SSDs. Floppy disks, USB flash drives, card readers, and other external devices are not supported
    • 4Kn hard drives are not supported
    • Windows Virtual Hard Disks (VHD) are not supported. To back up a VHD, back up the entire device or the volume containing the VHD file
  • Restore
    • Supports dynamic disks for backups, but only simple volumes can be restored
    • Restoring Windows Storage Spaces is not supported
    • Instant restore does not support dynamic disks

Physical Servers (Linux)

Features

  • Backup
    • Leverages Linux snapshot driver-based Changed Block Tracking to perform incremental backups
    • Optimizes backup and storage efficiency using Changed Block Tracking (CBT) and source-side global deduplication
    • Backs up device data and system settings via an agent, available for download from ActiveProtect Manager or the Download Center
    • Supports image-based backups, allowing flexible restoration of full devices (including data and system settings), system volumes, or specific volumes
    • Supports defining allowed time slots for running backups
    • Supports configuring pre- and post-backup scripts
    • Supports backup verification by restoring and testing backup files on ActiveProtect's built-in hypervisor. The process is recorded as a video to ensure backup reliability
    • Provides detailed logs for backup monitoring and troubleshooting
  • Restore
    • Supports full system or volume restores, file-level or folder-level recovery, and instant restores to VMware vSphere, Microsoft Hyper-V, or the built-in hypervisor
    • Restores entire Linux machines or specific volumes by creating a bootable ISO image or USB drive using the ActiveProtect Recovery Media Creator

Specifications

  • Backup
    • Supported platforms
      • Supported kernel versions: Between 2.6 and 6.8
      • DEB:
        • Ubuntu: 16.04, 18.04, 20.04, 22.04, 24.04
        • Debian: 10, 11, 12
      • RPM:
        • CentOS: 7.8, 7.9, 8.1, 8.5
        • Red Hat Enterprise Linux (RHEL): 6.10, 7.8, 7.9, 8.1, 8.4, 8.5, 8.6, 8.7, 8.8, 8.9, 8.10, 9.0, 9.1, 9.2, 9.3, 9.4
        • Fedora: 38, 39, 40
      • Supported file systems:
        • ext2
        • ext3
        • ext4
        • XFS
      • Supported device types:
        • /dev/sdx
        • /dev/hdx
        • /dev/vdx
        • /dev/nvmex
        • /dev/mdx
        • /dev/xvdx
      • Required Components for target devices:
        • make 4.1 or above
        • dkms 2.2.0.3 or above
        • gcc 4.8.2 or above
        • bc (for RPM systems, e.g., Fedora, CentOS, RHEL)
    • Backups are performed over ports 8443 or 433
    • Supports connecting to the management server via an IP address and a connect key after installing the ActiveProtect agent
  • Restore
    • A network connection is required during restoration
    • Supported media types:
      • USB hard drives:
        • Required capacity: 1 GB
        • Local system disk space required for temporary files: 2.5 GB
        • Supported restore models: 64-bit UEFI
      • ISO Images:
        • Required capacity: 1 GB
        • Local system storage space required for temporary files: 2.5 GB
        • Supported restore models: Legacy/64-bit UEFI

Limitations

  • Backup
    • External device backups are not supported
    • ZFS and Btrfs are not supported
    • 4Kn hard drives are not supported
    • Application-aware backups are not supported
  • Restore
    • Instant restore supports only 1 LV disk

Virtual Machines

Features

  • Backup
    • Performs agentless image-based backup of entire devices and system configurations
    • Performs incremental backup using VMware's Changed Block Tracking (CBT) and Hyper-V's Resilient Change Tracking (RCT)
    • Supports application-aware backups to ensure application data integrity
    • Supports configuration backup for pre-freeze/post-thaw scripts
    • Supports automatic detection and backup of new virtual machines based on clusters, hosts, and folders
  • Restoration
    • Supports full restoration to VMware vSphere and Microsoft Hyper-V
    • Supports instant restoration to VMware vSphere, Microsoft Hyper-V, and the built-in hypervisor
    • Supports migration to original VMware vSphere and Microsoft Hyper-V environments after instant restoration
    • Supports file/folder-level restoration for guest OS

Specifications

  • VMware vSphere
    • Supported VMware vSphere platforms: 5.0, 5.1, 5.5, 6.0, 6.5, 6.7, 7.0, 8.0
    • Supported VMware editions:
      • VMware free ESXi
      • VMware vSphere Essentials, VMware vSphere Essentials Plus
      • VMware vSphere Standard, VMware vSphere Advanced
      • VMware vSphere Enterprise, VMware vSphere Enterprise Plus
    • Supports all types and versions of VMware virtual hardware, including 62 TB VMDK
  • Microsoft Hyper-V
    • Supported Hyper-V hypervisors:
      • Windows Server Hyper-V 2022
      • Windows Server Hyper-V 2019
      • Windows Server Hyper-V 2016
    • Supported System Center Virtual Machine Manager (SCVMM):
      • System Center Virtual Machine Manager 2019
      • System Center Virtual Machine Manager 2016
    • Supported Hyper-V failover clusters:
      • Windows Server Hyper-V 2022
      • Windows Server Hyper-V 2019
      • Windows Server Hyper-V 2016
    • Supports Hyper-V Generation 1 and 2 virtual machines, including 64 TB VHDX disks and virtual hardware versions 5.0 to 9.0
  • Built-in hypervisor
    • Supports the following operating systems (They have undergone complete compatibility testing. Additional testing may be required if you use other operating systems)
      • Windows: 10 21H2, 11 21H2
      • Windows Server: 2022
      • Ubuntu: 18.04 LTS, 20.04 LTS, 22.04 LTS
      • Red Hat Enterprise Linux: 7.8, 8.6, 9
      • CentOS: 6.10, 7.9, 8.5
      • Fedora: 35, 36
      • Debian: 9, 10, 11
    • Suggested built-in restored virtual machines: refer to this article
    • Specifications
      • CPU
        • Supports compatibility mode that allows performing live migration from one host to another when CPUs on the two hosts are different
        • Supports Hyper-V enlightenments, which optimizes I/O performance of virtual machines
      • Memory
        • Minimum: 128 MB
        • Maximum: vary among ActiveProtect appliance models
      • Storage
        • Supported controllers: IDE, SATA, virtio
        • Maximum number of disks per VM: 8
      • Network
        • Supported network adapters: virtio, e1000, rtl8139
        • Supports SR-IOV
        • Supports editing MAC addresses
        • Supported number of vNICs per VM: 1 - 8
      • Others
        • Supports USB 2.0/3.0 Passthrough
        • Supported video cards: cirrus, vga, vmvga
        • Supported boot modes: UEFI BIOS, legacy BIOS

Limitations

  • VMware vSphere
    • Some features of VMware free ESXi are not supported, such as pre/post scripts
    • Encrypted virtual machines (available in VMware vSphere 6.5) are not supported
    • Fault tolerant machines (available in VMware vSphere 6.0) are not supported
    • VMware does not support taking snapshots of the following types of disks, so they will be skipped automatically when processing:
      • Raw Device Mapping (RDM) disks in physical mode
      • Independent disks
      • Disks connected using an in-guest iSCSI initiator
      • Disks engaged in SCSI bus sharing
    • Backups of virtual machines with the UFS file system cannot be viewed or restored through the Recovery Portal.
  • Microsoft Hyper-V
    • Only the backup of failover clusters and Hyper-V hosts under SCVMM is supported. vSphere hypervisors under SCVMM should be added as hypervisors directly
    • The following disks and virtual machines are not supported and will be skipped automatically when processing:
      • Virtual machines in Hyper-V with VM configuration version 5.0 or earlier (Learn more)
      • Pass-through virtual disks and guest disks connected via in-guest Fibre Channel or iSCSI
      • Pass-through virtual disks for virtual machines in Hyper-V 2016 and 2019
    • For backing up Microsoft Hyper-V, a host's system volume with at least 512 MB of free storage space is required to install a data mover

Databases

Features

  • Backup
    • Protects Microsoft SQL Server and Oracle Database by backing up entire physical servers and virtual machines
    • Ensures data consistency with Microsoft Volume Shadow Copy Service (VSS) and ActiveProtect deployment components
    • Automates database backups, reducing the need for manual intervention
    • Simplifies credential management through batch configuration of guest OS and database credentials
  • Restore
    • Supports file-level and database/instance-level downloads
    • Easily recovers databases by restoring entire physical servers and virtual machines
    • Enables quick access to tables and data with instant restore to VMware, Hyper-V, and the built-in hypervisor

Specifications

  • Microsoft SQL Server
    • Supported versions:
      • Microsoft SQL Server 2022
      • Microsoft SQL Server 2019
      • Microsoft SQL Server 2017
    • Supported operating systems:
      • Windows Server 2022 Core
      • Windows Server 2019 Core
      • Windows Server 2016 Core
    • Before backing up, enable application-aware backup and set database processing preferences
    • Log processing provides the option to truncate or retain transaction logs
  • Oracle Database
    • Supported versions (incl. Oracle Database Express Edition):
      • Oracle Database 21c
      • Oracle Database 19c
      • Oracle Database 18c
    • Supported operating systems:
      • Windows Server 2022 Core
      • Windows Server 2019 Core
      • Windows Server 2016 Core
      • Red Hat Enterprise Linux 9.4
      • Red Hat Enterprise Linux 8.8
    • Before backing up, enable application-aware backup and set database processing preferences
    • Log processing provides the option to delete or retain archived logs
    • When performing backups in NOARCHIVELOG mode, ActiveProtect will shut down databases, temporarily suspending data writing
    • After restoration, it's required to manually exit backup mode and switch to open mode

Limitations

  • Microsoft SQL Server
  • Oracle Database
    • Automatic Storage Management (ASM) is not supported
    • Oracle Real Application Clusters (RAC) are not supported
    • Oracle servers using Data Guard are not supported

File Server

Features

  • Protection of SMB file servers, NetApp file servers, Nutanix file servers, and Synology NAS
  • Agent-free image backups
  • Saves bandwidth and reduces storage space with file change tracking for multi-version backups. Each time a backup task is executed, only files that have changed on the source server are backed up
  • Supports Windows ACL backups
  • Ensures backup data consistency with support for Windows VSS
  • Supports file and folder-level downloads

Specifications

  • Backs up servers using the SMB protocol (SMB1, SMB2, and SMB3)
  • The account used for backup connections requires read permissions
  • Supports NetApp ONTAP 9.11.1, 9.12.1, 9.13.1, 9.14.1, and 9.15.1
  • Supports Nutanix Files 3.6.5

Limitations

  • SMB backups using Volume Shadow Copy Service (VSS) requires a domain account with Administrator or Backup Operator privileges

Microsoft 365

Features

  • Backup
    • Supports backing up Exchange Online, OneDrive for Business, SharePoint Online, and Microsoft Teams
    • Implements incremental backup technology across all services to ensure data consistency. Applies single-instance storage to document library files and attachments, reducing bandwidth usage and optimizing backup and storage efficiency
    • Automatically detects and protects newly created resources in Exchange, OneDrive, Teams, and SharePoint, ensuring seamless and effortless backups
  • Restore
    • Supports granular restoration to the original tenant, allowing recovery of individual or multiple items (incl. emails, files, contacts, calendars, document libraries, lists, and team posts) as well as entire folders
    • Provides keyword and time-range search to quickly filter and preview backed-up data
  • Download
    • Supports downloading individual or multiple items (incl. emails, files, contacts, calendars, document libraries, lists, team posts, chats) as well as entire mail folders or mailboxes

Specifications

  • Backup
    • Supports Business, Enterprise, Education editions of Microsoft 365 and Exchange Online
    • Supports Microsoft 365 and Microsoft 365 operated by 21Vianet
    • Supports backing up multiple tenants
    • Supports backups when Azure Information Protection is activated
    • Supported backup data
      • Exchange:
        • Emails, attachments, and folder structures
        • Contacts, calendars, and their attachments
      • OneDrive: Files, sharing permissions, and metadata (e.g., last modified time)
      • SharePoint: Document libraries and lists stored in sites or personal sites
      • Microsoft Teams (Channels):
        • Posts in original format, along with emojis and stickers
        • Settings such as member and guest permissions
      • Microsoft Teams (1:1 chat & group chat):
        • Messages in original format, along with emojis and stickers
        • Member settings
    • Automatic detection and protection
      • Exchange, OneDrive, and Chat: New group members' individual service data is automatically protected
      • Microsoft 365 Group: New groups are automatically protected
      • SharePoint: New sites and personal sites are automatically protected
      • Microsoft Teams: New teams are automatically protected
  • Restore and download
    • Exchange (Mail)
      • Supports restoration of selected emails, individual email folders, and entire accounts/archive mailboxes
      • Supports downloading selected emails, individual email folders, and entire accounts/archive mailboxes as EML or PST files
      • Supports previewing email content before restoring or downloading
      • Supports searching by sender, recipient, subject, date, or email body and attachment content. Supported attachment file types include:
        • .page/.key/.numbers
        • .rtf
        • Microsoft Office formats (e.g., .docx/.doc/.pptx/.ppt), excluding Microsoft Excel formats (.xlsx/.xls)
        • Text files (e.g., .cpp, .c, .txt)
        • .epub
        • .lit
        • .mobi/.azw3/.pdb/.prc
        • .pdf
        • .rar
        • .chm
        • .slk/.gnumeric
        • .eml/.msg
        • .7z/.bz2/.gz/.zip/.tgz/.tbz/.tar
    • Exchange (Contacts)
      • Supports restoration of selected contacts
      • Supports downloading selected contacts as CSV files
      • Supports previewing contact information before restoring or downloading
      • Supports searching by full name, email address, or other fields
    • Exchange (Calendars)
      • Supports restoration of selected calendar events
      • Supports downloading selected calendar events as ICS files
      • Supports searching by organizer, title, or location
    • OneDrive
      • Supports restoration of selected files/folders in directories, including their file sharing permissions
      • Supports downloading individual files or folders
      • Supports searching by file name
      • Supports content search within text files
    • SharePoint
      • Supports restoration of selected document libraries, including their sharing permissions, and lists
      • Supports downloading selected document libraries
      • Supports searching document libraries, lists, and files by name
      • Supports content search within text files
    • Microsoft Teams (Channels)
      • Supports restoration of individual or all posts from a single team in HTML format, including channel members and their permissions
      • Supports restoring or downloading multiple channels in HTML format
      • Supports previewing post content before restoring or downloading
      • Supports searching by author or content
    • Microsoft Teams (1:1 chat & group chat)
      • Supports downloading individual or all chats in HTML format
      • Supports previewing chat content before downloading
      • Supports searching by author, content, or date

Limitations

  • Backup unsupported
    • Exchange (Mail)
      • Public folder mailboxes and on-premises mailboxes
      • Target files referenced by links
      • Mail in the Deleted folder when there are any contacts or calendars within the folder
      • Notes
    • Exchange (Contacts)
      • Contacts outside of Your contacts (e.g., Groups and Directory)
      • Contact lists in Outlook People
      • Contacts in the Deleted folder
    • Exchange (Calendars)
      • Calendar events earlier than 1970/01/01 or after 2070/01/01
      • Calendars in the Deleted folder
      • Calendar events shared from other calendars
    • OneDrive
      • Files and folders in Shared with me
      • File and folder shortcuts
    • SharePoint
      • Site permission settings (document library permissions can be backed up)
      • Unsearchable sites
      • Two types of columns: "Lookup" and "Person or Group"
      • Survey options
      • User interface elements in a non-default language, including titles and descriptions of sites, lists, and columns
      • List and document library settings:
        • Document Version History (document library)
        • Item Version History (list)
        • Document Template (document library)
        • Opening Documents in the Browser (document library)
        • Custom Send to Destination (document library)
        • Site Assets Library (document library)
        • Dialogs
        • Automatic Index Management
        • Validation Settings
        • Audience Targeting Settings
        • Rating Settings
        • RSS Settings
        • Content Type
    • Microsoft Teams (Channels):
      • Teams in Microsoft 365 operated by 21Vianet
      • Private channel settings
      • The following settings for public teams and channels:
        • Team pictures
        • Team codes
        • Tags
        • Apps not stored in SharePoint (e.g., Survey)
        • Analytics
    • Microsoft Teams (1:1 chat & group chat):
      • Chat with self
      • Content in chatroom:
        • Attachments
        • App messages, such as approvals, polls, and Praise
        • Audio messages
        • Loop messages
        • Pinned messages
        • Meeting content
        • Tabs
  • Restore and download
    • Data cannot be restored in the following cases:
      • OneDrive: When the filename is "permission"
      • SharePoint: When the restored folder or file path exceeds 400 characters
    • The following variables cannot be used for content searches:
      • Stop words (case-insensitive): "a", "an", "and", "are", "as", "at", "be", "but", "by", "for", "if", "in", "into", "is", "it", "no", "not", "of", "on", "or", "such", "that", "the", "their", "then", "there", "these", "they", "this", "to", "was", "will", and "with"
      • Symbols: Examples include "@", "#", "*", "/", and "\"
      • Punctuation marks: Examples include "!", "?", and ":"
      • Emojis
      • Dates such as Birthday and Anniversary in Contacts
      • Dates or numbers in SharePoint
      • Regular expressions

Backup Copy

Features

  • Replicates backup versions to another location, ensuring at least one copy is available for restoration in case of disaster
  • Allows configuring and managing remote storage across different servers as backup copy destinations for long-term retention
  • Supports source-side global deduplication when storing backup copies on an ActiveProtect appliance or ActiveProtect Vault
  • Provides immutable protection for backup copies through integration with S3 Object Lock API and Synology NAS WORM API

Specifications

  • Supported copy destinations:
    • ActiveProtect appliances
    • Remote storage: C2 Object Storage, AWS S3, AWS S3 China, ActiveProtect Vault (Refer to the ActiveProtect Vault section for details)
  • Supported scheduling:
    • Create a backup copy right after each backup version
    • Create a backup copy at scheduled time (daily)
  • Supported retention rules:
    • Set the retention period in days
    • Set the number of versions to retain
    • Apply advanced rules (GFS)
    • Don't keep any versions (Available only when the backup copy is deactivated, allowing deletion of all existing copies)
  • Supported restoration methods:
    • Entire machine restore
    • Instant restore
    • Granular file restore or download
  • Immutable backup copies:
    • Prevent deletion of backup copies during a specified retention period
    • Lock periods are determined by the retention periods set at version creation. Subsequent changes to retention settings do not affect the lock periods of existing versions
  • Auto-retry for backup copies:
    • Automatically retries failed backup copies until they are completed successfully
    • Prioritizes previously failed versions during scheduled copy jobs to enhance completion rates

Limitations

  • Backups stored on remote storage cannot be instantly restored
  • Extending the retention policy does not recopy backup copies that were previously deleted under the old policy
  • If a backup server storing backup copies is removed from the site, its copies will be lost and will not be recopied

Centralized Management

Features

  • Centrally manages multiple ActiveProtect appliances and Synology NAS running Active Backup for Business via the management server, streamlining operations and simplifying management
    • Monitors the real-time status of ActiveProtect appliances and Synology NAS
    • Manages workload backups on ActiveProtect appliances and Synology NAS
    • Enables restoring or downloading workload data stored on ActiveProtect appliances and Synology NAS
    • Centrally configure notifications and system update reminders for all servers within the site to streamline status monitoring and issue detection
  • Supports assigning another ActiveProtect appliance as a failover management server. When the primary server encounters issues, manual failover can be initiated to ensure uninterrupted services

Specifications

  • Supports setting up an ActiveProtect site consisting of ActiveProtect appliances and Synology NAS running Active Backup for Business, where one ActiveProtect appliance serves as the management server
  • Supports adding servers to the ActiveProtect site via IP address or FQDN
  • Supports adding servers to the ActiveProtect site via a connect key generated on the management server
    • The connect key is valid for 15 minutes
  • Supports adding PCs, Macs, physical servers, and virtual machines protected by Active Backup for Business 3.0.0 or above to the ActiveProtect site for centralized management
    • After adding a backup server to the site, its workload information, version, and policy settings are synchronized to the management server
    • After adding an ActiveProtect appliance to the site, its domain or LDAP settings are removed, local users are disabled, while the super administrator remains unchanged
  • Supports displaying and editing ActiveProtect appliance information, including system version, status, network settings, storage usage, and hard drive health
  • Supports shutting down the ActiveProtect appliance
  • Supports setting incoming and outgoing traffic limits for the ActiveProtect appliance
  • Supports updating ActiveProtect appliances and sending update reminders
    • Supports automatic system updates
    • Supports updating all backup servers in the site simultaneously or individually
  • Supports displaying Synology NAS information, including hardware status, network settings, storage usage, and templates
  • Supports creating, editing, and deleting Active Backup for Business templates
  • Supports setting up a failover server
    • Supports designating an ActiveProtect appliance as a failover server (the failover and management servers must have the same system version)
    • Supports synchronizing the following settings from the management server to the failover server:
      • FQDN
      • Certificates
      • Backup servers
      • Remote storage and authentication information
      • Protection plans
      • Workloads and backup versions
      • Domain/LDAP information and permissions

Limitations

Account and Privileges

Local Users and Groups

Features

  • Supports creation and management of local users
  • Supports adding local users to more than one group for easy management
  • Provides password strength and expiration settings
  • Allows non-admin users to reset their own password
  • Supports assigning self-service restore permissions to local users

Specifications

  • Maximum number of local users: 16,000 (varies by model)
  • Maximum number of local groups: 512 (varies by model)
  • Username lengths:
    • General users: up to 64 Unicode characters
    • Super administrator: up to 29 Unicode characters
  • Group name length: Up to 32 Unicode characters
  • Password length: Up to 127 Unicode characters
  • User/group description length: Up to 64 Unicode characters
  • Customize password valid duration:
    • Range of days before the password becomes invalid: 1 - 999 days
    • Range of days before the system prompts users to change their password: 1 - 99 days
  • System reserved usernames and group names shown below cannot be deleted:
    • Super administrator: this account is created upon APM's first-time installation and has full access to APM
    • Default group: "users"
  • All users belong to the "users" group and cannot be removed from this group

Limitations

  • Naming limitations for usernames and group names:
    • Cannot contain special characters: {}|^[]?=:+/*()$!"#%&',;<>@`~
    • The first character cannot be a hyphen or a space, and the last character cannot be a space

Domain and LDAP

Features

  • Works with Microsoft Active Directory (AD), Microsoft Entra Domain Services, and LDAP servers
  • Supports assigning self-service restore permissions to domain/LDAP users

Specifications

  • Domain client
    • Supports trusted domains
    • Supports joining a domain with a read-only domain controller (RODC)
    • Supports assigning up to 10 domain groups as local administrator groups
    • Allows specifying DC IPs, NetBIOS names, and FQDNs
    • Supports Integrated Windows Authentication (IWA)
  • LDAP client
    • Supports OpenLDAP, IBM Lotus Domino, and user-defined server profiles
    • Supports nested groups and UID/GID shifting
    • Based on LDAP version 3 (RFC2251)

Limitations

  • Domain/LDAP usernames and group names do not support special characters: {}|^[]?=:+/*()$!"#%&',;<>@`~
  • Domain/LDAP users and groups can only use integers for their unique IDs
  • APM cannot be joined to an LDAP directory that doesn’t support Samba schema and NTLM hashes
  • APM uses objectClass posixAccount and objectClass posixGroup as default LDAP attributes. If your LDAP server doesn’t support any of these two attributes, configure the LDAP profile according to the following information:
    • Username: posixAccount - uid
    • User ID: posixAccount - uidNumber
    • Group name: posixGroup - cn
    • Group ID: posixGroup - gidNumber
  • Binding LDAP client accounts to Active Directory (AD) domain services is not supported

Permission Management

Features

  • Supports assigning self-restore permissions to users
  • Supports assigning permissions to users and groups, with the following types available:
Permission Type Allowed Actions
Full access - Have full access to Management Center and Recovery Portal (not including Appliance Console and OOB)
Backup - Can implement and cancel manual backups
- Can view details about protected workloads
- Can view backup activities and logs
Restore - Can perform bare-metal restoration
- Can perform instant/full restore to hypervisors added in the site and built-in hypervisor
- Can restore files and folders
- Can restore Microsoft 365 data
- Can download backup versions
- Can view details about protected, archived, and unmanaged workloads
- Can view restoration activities and logs
Monitoring - Can view all details in the Management Center (not including Recovery Portal, Appliance Console, and OOB)
  • The "Backup" and "Restore" permissions can be limited to specific backup servers
  • If there are permission conflicts, "Allow" overrides "No access"

Specifications

  • Self-service restore permissions can be configured through the following options:
    • Assign restorable machines to users
    • Assign users with restore permissions to machines
    • Match usernames with prefixes of cloud app accounts
  • Each workload can have up to 1,000 users with self-restore permissions

System monitoring & Management

Storage

Features

  • Monitors hard drive status to stay informed about server health
  • Supports scheduled data scrubbing to ensure data integrity
  • Supports automatic repair. After replacing a failed drive, degraded storage pools and SSD caches can be repaired automatically. On models with hot spare support, the spare drive will automatically replace the failed drive and restore the storage pool to a healthy state, reducing downtime
  • Supports data deduplication to optimize space efficiency
  • Utilizes the RAID storage system for fault tolerance and improved performance
  • Utilizes the Btrfs file system for file self-healing, automatic detection of silent data corruption, and damaged data recovery

Specifications

  • Supports switching the LED indicator on specific drive slots to locate the hard drive
  • Supports hot-swapping

Network

Features

  • Provides separate management and data interfaces for distinct use cases
  • Supports static routing for multiple gateways
  • Supports multi-LAN and Link Aggregation technology to increase bandwidth and provide traffic failover during connection disruptions
  • Supports bandwidth control for inbound and outbound traffic to reduce the impact on production network bandwidth

Specifications

  • Supports network protocols: DHCP (only on data interfaces), Static IP
  • Supports VPN connection types: PPTP, L2TP/IPsec, OpenVPN (via .ovpn files)
  • Supports the configuration of multiple gateways
  • Allows the manual specification of preferred and alternate DNS servers
  • Supports responding to ARP requests when the target IP matches the local address on the incoming interface
  • Supports establishing connections with proxy servers
  • Supports 802.11Q VLAN with a VID assigned to each LAN interface
  • Supported 802.11X authentication protocols: PAEP, TTLS, TLS
  • Supports Link Aggregation modes:
    • Load Balancing (SLB)
    • Load Balancing (TCP)
    • Active/Standby modes
  • Static routing
    • Supports LAN, VPN, and bond configurations
    • Creates routing rules for specific interfaces and bonds
  • Supports bandwidth control for incoming and outgoing traffic with control modes based on:
    • IP address
    • IP range
    • Subnet
    • Public IP address
    • Minimum bandwidth limit (10 MB/s)

Limitations

  • IPv6 connections are not supported
  • Maximum number of concurrent VPN connections: 1
  • Maximum number of static routes: 100

Security

Features

  • Automatically updates ActiveProtect Manager to patch security vulnerabilities in real time and ensure system security.
  • Separates management network interface from data interface, with default restrictions on data interface access to management services
  • Uses TLS/SSL (TLS 1.2 and 1.3) for all connections
  • Supports importing third-party certificates or using self-signed certificates
  • Supports automatic blocking of client IP addresses after failed login attempts
  • Supports DoS protection
  • Supports setting password security and strength rules for all local user accounts
  • Supports custom user and group access permissions (refer to Permissions for more details)
  • Supports integration with SAML, OpenID Connect, CAS SSO, and Synology SSO to meet multi-factor authentication requirements
  • Supports configuration of an air gap schedule, with the option to set up custom policies to allow or deny access

Specifications

  • Regularly performs Rapid7 security scans
  • Restricts access to only necessary system network ports (Details)
  • Web security
    • Automatic logout timer provides a layer of security, with a default timeout of 15 minutes of inactivity
    • Option to enable system protection against cross-site scripting attacks
  • Air gap isolation
    • Supports three block period policies:
      • Denial of data input
      • Deactivating server network interfaces
      • Shutting down the server
    • Supports two allow period policies:
      • No limit
      • Restricting unauthorized IP access via the built-in firewall, with options to define allowed IP addresses, ranges, and subnet masks
    • All network restrictions apply only to the data interface
  • Certificate management
    • Supports RSA and ECC certificate encryption algorithms
    • Compatible with IEEE 802.1X
    • Requires certificates in X.509 PEM format
    • Requires private keys in RSA format without passphrase protection

Limitations

  • Encrypted connections for Instant Restore to VMWare and Hyper-V are not supported

Resource Monitor

Features

  • Displays the following metrics:
    • CPU, memory, disks, and network usage status
    • NFS usage status
    • iSCSI LUN usage status
  • Monitors resource usage logs

Dashboard

Features

  • Provides a comprehensive overview of the ActiveProtect site, including data protection statuses and key metrics for identifying and resolving issues in real-time
    • Displays the number of protected workloads and their total data size
    • Displays the deduplication rate
    • Displays the latest backup statuses for all protected workloads
    • Displays the backup statuses over the past five weeks in a calendar format
    • Displays workloads that were not successfully backed up within 12 hours of the scheduled time
    • Displays the number of backup copies in progress and protection plans with backup failures
    • Displays the health status of managed backup servers
    • Displays the number of remote storage and related errors
    • Displays backup duration statistics for full and incremental backups over the past 24 hours or 7 days
    • Displays data transfer and deduplication statistics over the past 24 hours, 7 days, or 30 days
    • Displays storage usage statistics for managed backup servers over the past 30 days

Activities

Features

  • Monitors ongoing backup and restore activities across the ActiveProtect site
  • Supports canceling multiple ongoing activities at once
  • Tracks historical backup and restore activities across the ActiveProtect site
  • Allows removing past restore records from a specified time period
  • Tracks detailed information and logs for all activities
  • Supports exporting historical activity data to CSV format
  • Supports exporting detailed logs for a single activity

Specifications

  • Backup activities
    • Retains historical backup activities for up to 35 days
  • Exports
    • Supports narrowing down export results using search and filters
    • Exports detailed information, including backup scopes, protection plans, backup servers, backup types, durations, start times, statuses, and other related data

Limitations

  • Exports
    • Maximum of 200,000 records per export

Notification

Features

  • Manages critical notifications about system status, data protection, and storage management
  • Configures custom SMTP server settings for notifications
  • Sends notifications to multiple recipients
  • Enables custom prefix text in email notification subject lines

Limitations

  • Active Backup for Business within the site requires notification settings to be configured through the corresponding Synology NAS

Log

Features

  • Displays logs from all ActiveProtect backup servers in the site, including backup, restore, user connection, and hard drive status information
  • Provides centralized log management interface with flexible search functionality for efficient data retrieval
  • Sends logs to external log servers
  • Exports logs
  • Clears past activity logs based on a specified time range

Specifications

  • Displays logs from different ActiveProtect backup servers separately
  • Sends logs to external log servers:
    • Supports TCP/UDP protocols
    • Supports BSD (RFC 3164) and IETF (RFC 5424) formats
    • Supports secure SSL connections through certificate import
  • Exports logs
    • Narrows the export scope using search functions or filters
    • Exports logs as CSV files

Limitations

  • Logs from Active Backup for Business within the site are displayed on the corresponding Synology NAS

Affiliated Utility

Synology ActiveProtect Agent

Features

  • Required to be installed on a target device for Windows PCs, Macs, and Windows/Linux physical servers to perform backups

Specifications

  • Windows
    • Supported platforms:
      • Windows (all editions): 7 SP1, 8.1, 10, 10 Creators Update, 11
      • Windows Server: 2008 R2, 2012, 2016, 2019, 2022
    • Supports Windows models with x86-64 processors
  • Mac
    • Supported platforms: macOS 10.15.7, 11, 12, 13, 14, 15
    • Supports Intel and Apple processors
  • Linux
    • Supported platforms:
      • CentOS: 7.8, 7.9, 8.1, 8.5
      • Red Hat Enterprise Linux: 6.10, 7.8, 7.9, 8.1, 8.4, 8.5, 8.6, 8.7, 8.8, 8.9, 8.10, 9.0, 9.1, 9.2, 9.3, 9.4
      • Ubuntu: 16.04, 18.04, 20.04, 22.04, 24.04
      • Fedora: 38, 39, 40
      • Debian: 10, 11, 12
    • Supports Linux models with x86-64 processors
    • The kernel version must be above 2.6 and below 6.8

Synology ActiveProtect Recovery Media Creator

Features

  • Automates recovery media creation for volume-based and bare-metal restoration of Windows PCs and Windows/Linux physical servers

Specifications

  • Windows
    • Supported platforms:
      • Windows (all editions): 10, 11
      • Windows Server: 2016, 2019, 2022
    • Supports Windows models with x86-64 processors

Synology ActiveProtect Recovery Tool

Features

  • Allows performing volume-based or bare-metal restoration of Windows PCs, Macs, and Windows/Linux physical servers using recovery media

Specifications

  • Mac
    • Supported platforms: macOS 10.15.7, 11, 12, 13, 14, 15
    • Supports Intel and Apple processors

Affiliated Package

ActiveProtect Vault

Features

  • Uses as a remote storage destination for ActiveProtect appliances, providing long-term backup data storage
  • Creates Write Once, Read Many (WORM) vaults to prevent data modification and ensure file security
  • Optimizes storage space usage with source-side global deduplication

Specifications

  • Displays basic information for each vault, including actual data usage, data reduction ratio, available space, and the number of access keys
    • Maximum number of access keys per vault: 100
    • Maximum number of concurrent connections per vault for each site: 256
  • Views the activity for vaults, including data transfers and data rotation activities

Limitations

  • Shared folders configured as vaults cannot be backed up or restored using the following services:
    • Hyper Backup shared folder backups
    • Shared Folder Sync
    • Cloud Sync