DSM

DSM Version

General

Features

  • DiskStation Manager (DSM) is a Linux-based operating system used on Synology NAS
  • Its intuitive web interface allows you to easily and effortlessly manage your digital assets

Specifications

  • Supported browsers (for PC):
    • Google Chrome
    • Firefox
    • Microsoft Edge
    • Safari 14 or later
  • Supported browsers (for tablet):
    • Google Chrome
    • Safari (iOS 14.0+)
  • Supported languages:
    • Czech, Danish, Dutch, English, French, German, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese Brazil, Portuguese European, Russian, Simplified Chinese, Spanish, Swedish, Traditional Chinese, Turkish, Thai

Account & Privileges

User & Group

Features

  • Account
    • Supports bulk user creation by importing user lists in UTF-8 encoded files
    • Supports adding users to more than one user groups for easy management
    • Supports configuring password strength and expiration rules
    • Allows self password reset for non-admin users
  • Privilege
    • Allows customizing the permission settings of individual folders and files for users and groups
    • Allows customizing the permission settings of applications for users, groups, and IP addresses
    • Supports setting quota for volumes/shared folders to control the maximum amount of storage space available to each user
    • Supports setting speed limits for users and groups for FTP, rsync, File Station, and Cloud Sync

Specifications

  • Number of maximum local users: 16,000
  • Number of maximum local groups: 512
  • Username length: Up to 64 Unicode characters
  • Group name length: Up to 32 Unicode characters
  • Password length: Up to 127 Unicode characters
  • User/group description length: Up to 64 Unicode characters
  • Maximum quota for ext4 volume: 4 TB
  • Customize password valid duration:
    • Range of days before the password becomes invalid: 1 - 999 days
    • Range of days before the system prompts users to change the password: 1 - 99 days
  • System reserved usernames and group names shown below cannot be deleted:
    • System users: "SynologyCMS", "MAILER-DAEMON", and "POSTMASTER"
    • Default users: "admin" and "guest"
    • Default groups: "administrators", "http", and "users"
  • All users belong to the "users" group by default and cannot be removed from this group
  • The "admin" account has full permission to access all services and applications on Synology NAS
  • Users in the "administrators" group have unlimited quota for volumes/shared folders
  • Prioritization for privileges:
    • Shared folder permission: No access > Read/Write > Read only
    • Application permission: Deny > Allow
  • When enabling Local Master Browser in SMB settings, the default "guest" account will be automatically enabled

Limitations

  • Naming limitations for usernames and group names:
    • Cannot contain special characters: {}|^[]?=:+/*()$!"#%&',;<>@`~
    • The first character cannot be a minus sign or a space, and the last character cannot be a space

Domain/LDAP

Features

  • Works with Windows AD, Microsoft Entra Domain Services, LDAP servers, and Synology Directory Server
  • Supports Single-Sign-On (SSO)
  • Allows setting and managing domain/LDAP user and group privileges
  • Allows domain/LDAP users to access Synology packages and services

Specifications

  • Supports setting privileges for domain/LDAP users and groups to access shared folders and applications
  • Supports quota settings for domain/LDAP users and groups
  • Supports limiting transfer rates of DSM services used by domain/LDAP users and groups
  • Supports home folders for domain/LDAP users
  • Supports Kerberos v5 and NTLMv2 authentication when integrated with Synology Directory Server
  • Supports file access through the following protocols: SMB, FTP, AFP, NFS, and rsync
  • If a domain/LDAP client is joined to Synology Directory Server or LDAP Server, domain/LDAP users' passwords can be changed by clicking the head icon in the upper right corner of DSM
  • Domain client
    • Supports nested groups
    • Supports two-way trusted domains
    • Supports joining a domain with a read-only domain controller (RODC)
    • Supports assigning up to 10 domain groups as local administrator groups
    • Supports up to 2 million users and 2 million groups per domain
    • Allows administrators to specify and prioritize the DC IP/FQDN
    • A security group is required for domain users to access Synology services requiring file access permissions, such as Synology Drive, Synology Office, and SMB Service. For services without file access permissions, such as Synology Contacts or Synology MailPlus, either a distribution group or security group can be used
  • LDAP client
    • Supports nested groups
    • Supports OpenLDAP and user-defined server profiles
    • Supports UID/GID shifting
    • Based on LDAP version 3 (RFC2251) and RFC2307
  • SSO client
    • Supports OpenID Connect (OIDC), SAML 2.0, and CAS
    • Supports Integrated Windows Authentication
    • Supports SSO Server
    • Supports OpenID Connect SSO in Microsoft Entra Domain Services and IBM WebSphere

Limitations

  • Domain/LDAP users and groups do not support special characters "[{}|^[]?=:+/*()$!"#%&',;<>@`~]"
  • DC IP/FQDN do not support IPv6
  • Does not support SSH for domain/LDAP client
  • Domain client
    • Does not support security identifier (SID) history
    • When using SSL/TLS for LDAP encryption, channel binding on Windows AD needs to be set to When supported
  • LDAP client
    • LDAP users and groups can only use integers for their unique IDs
    • Does not support binding LDAP client accounts to a Synology Directory Server directory or other Active Directory (AD) domain services
    • For LDAP users to access SMB Service, the LDAP directory must support Samba schema, and users should use an NT Password for access

Storage & File Access

File Services

Features

  • Comprehensive support of networking protocols — SMB, AFP, FTP, NFS, and rsync — on DSM to provide quick and secure sharing of critical digital assets and to offer seamless file sharing across Windows®, macOS®, and Linux® platforms
  • One compact, little box is enough to access files anytime and anywhere, via computer or mobile devices, and without any storage devices on hand
  • Integration with Universal Search and Finder on Mac to enable quick and in-depth search of indexed documents, photos, and other contents within mounted folders on Synology NAS

SMB protocol

Specifications

  • Up to 10,000 concurrent SMB connections (Capability varies depending on product model)
  • Supports end-to-end SMB1, SMB2, SMB3 encryption and Large MTU
  • Flexible option to restore Previous Versions of files and folders on Windows
  • Integrated with Synology Universal Search
    • Finder on Mac
    • File Explorer on Windows
  • Supports full Windows ACL with up to 200 explicit permissions
  • Supports Recycle Bin
  • Supports server-side copy on Windows
  • Supports File Fast Clone on Btrfs file system
  • Supports sparse file
  • Supports Time Machine on macOS 10.12 and later versions
  • Supports hiding shared folders from users without permission
  • Supports transfer logs to monitor and record file operations. When transfer logging is enabled:
    • Logging file deletion and renaming by default
    • Other file operations can be selected for monitoring in Log Settings
  • Supports Aggregation Portal, using technology based on Microsoft's Distributed File System (DFS)
  • Advanced SMB options:
    • General
      • WINS server
      • Access settings for selected SMB versions
      • Transport encryption mode on SMB3
      • Server signing
      • Opportunistic Locking (SMB2 file leasing and SMB3 directory leasing)
      • SMB durable handles
      • Clear SMB cache
    • macOS
      • VFS module to convert Mac special characters
      • Cross-protocol locking with AFP
    • Others
      • Local Master Browser
      • DirSort VFS module
      • Veto files
      • Symbolic links
      • Disabling multiple connections from the same IP address
      • Debugging logs
      • Applying default UNIX permissions
      • Strict allocate
      • Authenticatiing NTLMv1
      • Asynchronous read
      • Monitoring changes on all subfolders within the directory
      • Synchronizing data to drive immediately upon SMB client request
      • Wildcard search cache
      • SMB3 Multichannel

Limitations

  • The minimum SMB protocol cannot be set to the SMB3. As SMB3 on DSM refers to SMB3.1.1, setting SMB3 as the minimum SMB protocol will prevent client devices supporting earlier SMB3 versions from accessing Synology NAS via the SMB protocol
  • Concurrent connections (up to 10,000) are shared between SMB, AFP, and FTP protocols
  • Workgroup name can contain up to 15 characters but cannot include the following characters: [ ] ; : " < > * + = \ / | ? ,
  • Disallowing access to Previous Versions is only available on vDSM and product models with the following package architectures: Apollo Lake, Avoton, Braswell, Broadwell, Bromolow, Cedarview, and Grantley (See this article for information on Synology NAS system models and corresponding package architectures)
  • Anonymous logon for the SMB protocol is not supported when transport encryption mode is enabled
  • Opportunistic Locking should be disabled to avoid application timeouts when transport encryption mode is enabled
  • Opportunistic Locking currently detects only metadata and access changes made through SMB
  • Enabling Local Master Browser will disable HDD hibernation and activate the guest account without a password
  • Integration with File Explorer on Windows and Finder on Mac to search for indexed folders via the SMB protocol is not available on NVR devices
  • Enabling transport encryption mode or server signing may reduce read/write performance during SMB file transfer
  • The more file operation events you select in Log Settings, the more impact it will have on the system performance
  • SMB3 Multichannel
    • Available only on Synology NAS models running DSM 7.1.1 or above and using SMB Service 4.15
    • Only supports models using x86 platforms, which are as listed in Applied Models of this article
    • Supports the following client operating systems:
      • Windows Server 2012 and above
      • Windows 8 and above
      • macOS 11.3 and above
    • Either of the following must be installed on both server and client:
      • Multiple network adapters
      • One or more network adapters that support RSS (Receive Side Scaling)
    • Has the following limitations:
      • Enabling SMB3 Multichannel enables asynchronous read
      • SMB3 Multichannel and Link Aggregation cannot be enabled concurrently
      • Does not support RDMA (Remote Direct Memory Access)

AFP protocol

Specifications

  • Up to 10,000 concurrent AFP connections (Capability varies depending on product model)
  • Integrates Finder on Mac with Synology Universal Search
  • Supports Time Machine on macOS
  • Supports Bonjour Time Machine broadcast
  • Supports File Fast Clone on Btrfs file system
  • Supports extended file attributes for color label/icon/extra information on macOS
  • Supports Recycle Bin
  • Supports transfer logs to monitor records of file manipulation
  • Advanced AFP options:
    • Apply default UNIX permissions
    • Release resources immediately after disconnection

Limitations

  • Integration with Finder on Mac to search for indexed folders is not available on NVR (Network Video Recorder) series
  • Integration with Finder on Mac to search mounted folders by tag name and category is only available on macOS 10.9 and later versions
  • Only a maximum of 255 shared folders can be displayed (in alphabetical order) when being accessed via the AFP protocol; however, the total number of created shared folders may exceed that number
  • Concurrent connections (up to 10,000) are shared between SMB, AFP, and FTP protocols

FTP protocol

Specifications

  • Up to 10,000 concurrent FTP connections (Capability varies depending on product model)
  • Supports FTP, FTP over SSL/TLS (explicit mode), and SFTP protocols
  • Timeout settings to disconnect idle users
  • Customized port ranges for passive FTP connections
  • Server-to-server file transfer via FXP (File eXchange Protocol)
  • Connection restriction settings for IP addresses
  • Speed limit settings for specific users or groups
  • Supports ASCII transfer mode
  • Supports UTF-8 encoding for files with multilingual filenames
  • Supports Recycle Bin
  • Advanced FTP options:
    • Root directory for each user
    • Anonymous FTP
    • Transfer logs
    • Apply default UNIX permissions

Limitations

  • Server cannot be accessed via the FTP protocol by the "guest" account

NFS protocol

Specifications

  • Supports NFS version 2, 3, 4, and 4.1 protocols
  • Supports NFS 4.1 multipathing
  • Supports UNIX/Kerberos security styles
  • Customized service ports
  • Read/write UDP packet size settings

Limitations

  • NFS version 4.1 protocol is only supported on specific product models (See product spec for more information)

Rsync

Specifications

  • Supports rsync version 3.1.2 protocol
  • Supports customized rsync configuration to assign user privileges
  • Supports SSH encryption protocol during file transfer
  • Supports SSH port customization
  • Speed limit settings (scheduled and non-scheduled) for specific users or groups
  • Packages and services running the rsync protocol:
    • Shared Folder Sync
    • LUN backup
    • rsync backup

Limitations

  • To perform rsync backup from a Synology NAS running a version of DSM before 3.0 or a client that is not a Synology NAS, and to retain the source data's owner and group information, you must add the rsync accounts to the administrators group, and back up data to the NetBackup shared folder in the daemon mode

Storage Manager

Features

  • Intuitive storage management application to monitor the overall storage usage of your Synology NAS
  • RAID-based storage systems to provide fault tolerance and increase performance
  • Supports both Btrfs and ext4 file systems
    • The Btrfs file system can perform file self-healing to automatically detect silent data corruption and recover corrupted data (See limitation 1)
  • Supports data deduplication to optimize space efficiency (See limitation 2)
  • Supports SSD cache to enhance system performance

Specifications

General
  • File system types: (See limitation 3)
    • ext4 and Btrfs
  • RAID types: (See limitation 4, limitation 12)
    • Basic, SHR-1, SHR-2, JBOD, RAID 0, RAID 1, RAID 5, RAID 6, RAID 10, and RAID F1
  • RAID conversion:
    • Basic to RAID 1, Basic to RAID 5, RAID 1 to RAID 5, RAID 5 to RAID 6, and SHR-1 to SHR-2
  • Up to 512 shared folders, including 128 encrypted ones
  • Up to 256 volumes
  • Supports creating global and dedicated hot spare drives
  • Supports expanding storage pool and volume capacity (See limitation 5)
  • Supports using the Btrfs file system to create volumes of up to 1 PiB (Learn more)
  • Supports storage pool management options:
    • Changing the RAID type of a storage pool (Learn more)
    • Adding and replacing a drive in a storage pool (See limitation 5)
    • Safely ejecting a storage pool from an expansion unit
    • Assembling a storage pool online when the system detects a sufficient number of drives
    • Enabling SSD TRIM for an SSD-only storage pool for sustained performance
  • Supports displaying usage details for volumes in the Btrfs file system
  • Supports setting low capacity thresholds and notifications for individual volumes
  • Supports encrypting volumes with AES-XTS-Plain64 mode (See limitation 6)
  • Supports setting usage and user quota for shared folders in the Btrfs file system
  • Supports setting user quota for volumes in the ext4 file system
  • Supports scheduling data scrubbing to ensure data integrity (See limitation 7)
  • Supports adjusting the speed limits for running data scrubbing, repairing storage pools, expanding storage pools, and changing the RAID type of storage pools
  • Supports RAID Group to improve the level of protection (See limitation 8)
  • Supports Dynamic Bad Sector Mapping to enhance data integrity during storage pool repair
  • Supports complete Windows access control list (ACL)
  • Supports encrypting shared folders with AES-256 CBC mode
Drive Management
  • Supports HDD hibernation feature for power saving
  • Supports scheduling S.M.A.R.T. tests
  • Supports deactivating drives while Synology NAS is powered on to prevent service disruption
  • Supports switching the LED indicator of a specific drive slot
SSD Cache
  • Supports the SSD cache group feature to aggregate and allocate the capacity of SSDs for caching
  • Supports creating read-only caches and read-write caches: (See limitation 9)
    • Up to 16 volumes can be mounted with SSD caches at a time
    • Metadata of Btrfs volumes can be pinned to read-write caches (Learn more)
  • Supports SSD cache group management options, including drive addition and replacement, and changing the RAID type
  • Requires approximately 400 KB of system memory per 1 GB of SSD cache (including expandable memory) and no more than 25% of the pre-installed system memory
ext4 File System
  • Maximum single file size: 16 TiB
  • Maximum file name length: 255 bytes (See limitation 10)
  • Maximum path name length: 4,096 bytes (See limitation 10)
  • Maximum symbolic link depth: 40
  • Maximum single volume size: 200 TiB (See limitation 11)
  • Recommended maximum number of files per folder in the same level: 100,000
Btrfs File System
  • Maximum single file size: 16 TiB
  • Maximum file name length: 255 bytes (See limitation 10)
  • Maximum path name length: 4,096 bytes (See limitation 10)
  • Maximum symbolic link depth: 40
  • Maximum single volume size:
  • Recommended maximum number of files: 1,000,000,000
  • Recommended maximum number of files per folder in the same level: 100,000
  • Supports inline compression
  • Supports data deduplication for individual Btrfs volumes (See limitation 2)
  • Supports performing file self-healing to automatically detect and recover silent data corruption on metadata and data (See limitation 1)
  • Supports copying data instantly via the SMB protocol when the source and destination of the data are located in the same Btrfs volume
  • Allows manual implementation of file system defragmentation to enhance system performance
  • Integrated with Synology Drive Server and Hyper Backup to enhance storage efficiency and data consistency
Snapshots on the Btrfs File System
  • Supports taking snapshots and creating replication tasks for shared folders and LUNs
  • Supports taking application-consistent snapshots
  • Supports browsing read-only snapshots
  • Supports Windows Previous Versions feature
  • Maximum number of snapshots (Refer to Snapshot Replication's specifications for details)

Limitations

  1. The data checksum option must be enabled on a shared folder before silent data corruption detection can take effect (Only SHR, RAID 1, RAID 5, RAID 6, RAID 10, and RAID F1 support corrupted data recovery)
  2. Data deduplication is only supported on Synology SSDs and specific Synology NAS models (Learn more)
  3. To find out which file systems are supported by your Synology NAS model, refer to its product datasheet (Learn more)
  4. A storage pool must consist of drives of the same type. The following drives cannot be mixed: SATA and SAS drives, SSDs and HDDs, or 4K native and non-4K native drives
  5. Only certain RAID types support expanding storage pool and volume capacity by adding or replacing drives (Learn more)
  6. Volume encryption is only supported on specific Synology NAS models (Learn more)
  7. File system scrubbing (only supported on the Btrfs file system) and RAID scrubbing (only supported on RAID 5, RAID 6, and RAID F1) will run sequentially when data scrubbing is performed
  8. RAID Group is only available on specific Synology NAS models (Learn more)
  9. SSD cache creation requires volumes belonging to the same storage pool to allocate capacity from the same SSD cache group
  10. Different character encodings may contain different data sizes (e.g., a character with UTF-8 encoding may contain 1 to 4 bytes)
  11. Varies according to Synology NAS models (Learn more)
  12. Only certain Synology NAS models support using M.2 SSDs to create storage pools (Learn more)

File Station

Features

  • The default file manager for browsing, previewing, and managing folders and files stored on Synology NAS
  • Sharing files is made easy and safe
    • Users can customize links to share with specific parties
    • Users can configure password and validity period for extra protection
  • Easy access and management from the following devices: personal computer, tablets, and mobile phones
  • Mounting virtual drives, remote folders and public cloud storage on File Station to access all remote data as if stored locally

Specifications

  • Supports up to:
    • 100 concurrent remote folders
    • 100 cloud services and file servers
    • 1,000 files in upload queue
    • 512 local groups
    • 512 shared folders
    • 16,000 local user accounts
    • The number of supported local groups, shared folders, and local user accounts may vary for different Synology NAS models (Please refer to each NAS model's product spec for the recommended number)
  • Supports recovering or retrieving deleted files from Recycle Bin
  • Supports viewing and adjusting ACL permissions of files and folders
  • Supports Windows ACL editor
  • Supports customizing shared folder attributes to be displayed
  • Provides an interface to edit music information of audio files
  • Supports management of files and folders stored on Synology NAS, including:
    • Creating, renaming, or deleting file and folders
    • Copying or moving files and folders
    • Uploading or downloading files and folders
    • Compressing or extracting archived files and folders
    • Viewing documents from Synology Office, Microsoft Office Online, or Google Docs
      • Synology Office supports the following formats for import: docx, xlsx, xlsm, xltx, xltm, xls, xlt, ods, ots, csv
    • Using Photo Viewer to view photos, Video Player to view videos, and Audio Player play audio files
    • Browsing files and folders in list view, tile view, and thumbnail view
  • Supports the following file formats
    • Imported files:
      • With Document Viewer (available on certain models only) installed, the following file formats can also be imported: doc
    • Photo:
      • With Photo Viewer: jpg, jpeg, jpe, bmp, gif, png, tiff, tif, arw, srf, sr2, dcr, k25, kdc, cr2, crw, nef, mrw, ptx, pef, raf, 3fr, erf, mos, orf, rw2, raw
    • Music (with Audio Player): mp3, m4a, m4b, ogg, wav, flac, ape, aiff, aif, wma
    • Video:
      • If VLC is not installed on your local computer, Video Player will play videos supported by HTML5. Please refer to here for details
  • Supports moving files by dragging and dropping them between browser windows
  • Supports keyboard shortcuts
  • Supports mounting virtual drives to access the contents of disc (.iso) image files
  • Supports mounting remote folders from remote servers that support the SMB1/SMB2/SMB3/NFS protocols
  • Supports connecting to remote public cloud services and file servers via a variety of protocols
    • Supported public cloud services include:
      • Box
      • Dropbox (excluding Team Folder)
      • Google Drive (excluding Shared Drive)
      • Microsoft OneDrive
    • Supported protocols include:
      • FTP
      • SFTP
      • WebDAV
      • WebDAV HTTPS
  • Supports sharing files:
    • With other users on the same Synology NAS
    • As email attachments with built-in email client
    • Via easily generated shared file links or QR codes
    • By creating and managing file requests (i.e., file-uploading invitations) to be sent to non-DSM users
  • Supports configuring shared file links:
    • Configured with validity periods, valid access times, and password protection to enhance security
    • Centrally managed via Shared Links Managers where users can edit, share, or remove existing shared links
  • Supports performing search (both regular and advanced) to find and display the desired files according to various criteria
  • Supports indexing folders to allow for more efficient search results
  • Supports applying and modifying WriteOnce settings to files, such as locking files, extending the retention period, or converting the lock state
  • Provides logs regarding file transfer and user activities for review and export
  • Allows setting speed limits on transferring files for specific users and groups

Limitations

  • A folder containing more than 10,000 subfolders cannot be opened at the lower folder level to ensure optimal browser performance
  • For non-encrypted shared folders, file/folder name should be within 255 characters (up to about 80 characters for non-Latin languages), and the file path should be within 4,096 characters
  • For encrypted shared folders, file/folder name should be within 143 characters (up to about 47 characters for non-Latin languages), and the file path should be within 2,048 characters
  • File and folder names cannot contain colons (:) and slashes (/), start with ._ (e.g., ._name), or use any combination of characters that are reserved for system use (e.g., . or ..)
  • Drag and drop between browsers or between tabs is not supported on Internet Explorer
  • Regular searches cannot be performed on folders connected remotely and mounted remote folders
  • Virtual drives and .iso files can only be mounted to subfolders contained within shared folders
  • NFSv4 only supports the TCP protocol
  • Certain features (e.g., Compress to, Extract, Preview, etc.) cannot be applied to files stored on public cloud services or file servers
  • Individual transfer speeds for each connected cloud service or file server are subject to user speed limit settings
  • File request links do not allow for folders to be uploaded
  • Certain cloud-specific limitations may apply when connecting to a cloud service. Please refer to this link for more information
  • Upload feature may vary with the type of web browser used. Please refer to this link for more information

Network Management

External Access

QuickConnect

Features

  • Allows secure and smooth connections from mobile and PC clients to Synology NAS via the Internet without the hassle of setting up port forwarding rules and router configurations
  • Creates a readable URL that allows easy file sharing both internally and externally for certain Synology packages

Specifications

  • Ensures server connection efficiency by a LAN/WAN detection mechanism to choose the optimal connection method (Learn more)
  • Ensures server reachability by choosing the optimal connection route and the optional QuickConnect relay service
  • Secures network connections with end-to-end encryption if SSL is enabled
  • Applies required port forwarding rules on compatible UPnP routers automatically
  • Customizable permissions for applications to allow access via QuickConnect
  • Supports detailed incident records for QuickConnect on the Synology Service Status website (Learn more)
  • Supports the following applications and services:
    • DSM
    • SRM
    • Central Management System (CMS)
    • Application Portal
    • Photo Station
    • Moments
    • Audio Station
    • Surveillance Station (including Synology Surveillance Station Client)
    • Download Station
    • Cloud Station (Cloud Station Backup and Cloud Station Drive)
    • Synology Drive Server (including Synology Drive Client)
    • Video Station
    • File Station
    • File Sharing
    • Chat (including Synology Chat Client)
    • Note Station (including Synology Note Station Client)
    • All Synology mobile apps (LiveCam & VPN Plus is excluded)

Limitations

  • Connections to third-party applications are not supported
  • Not supported on certain services and packages that require mapping directly to an IP address or a DDNS
  • Relayed QuickConnect connections may be slower than connections via port forwarding because of longer network latency
  • Relay service might not work because of certain limitations of ISPs in some regions

DDNS

Features

  • Translate the domain name of your Synology NAS to an IP address
  • Multiple DDNS providers
  • Synology Heartbeat service DDNS server
  • Supports custom DDNS provider profiles

Network

Features

  • Multiple Internet connection types
  • Static routes on multiple gateways
  • IPv6 Tunneling
  • Controls traffic flow and bandwidth for specific protocols

Specifications

  • General
    • Supported network protocols: PPPoE, DHCP, static IP
    • Supported VPN connection types: PPTP, L2TP/IPsec, OpenVPN (via .ovpn file)
    • Supported IPv6 transition mechanisms: 6in4, 6to4, DHCPv6-PD
    • Supports multiple gateways
    • Manually appoints preferred and alternate DNS servers
    • Supports replying to ARP requests when the target IP address is the local address configured on the incoming interface
    • Establishes the connection to a proxy server
    • Supports 802.11Q VLAN to assign VID for each LAN interface
    • Supported 802.11X authentication protocols: PAEP, TTLS, TLS
  • Supported modes for Link Aggregation:
    • Adaptive Load Balancing
    • IEEE 802.3ad Dynamic Link Aggregation
    • Balance XOR
    • Active/Standby
  • Traffic control
    • Sets outbound bandwidth for services with specific TCP/UDP ports
    • Supports Bond and PPPoE interface
    • Maximum number of rules: 100
  • Static routing
    • Supports LAN, VPN, and Bond
    • Sets up routing rules to a specific interface or Bond
    • Maximum number of static routes: 100

Limitations

  • Internet connection
    • Maximum number of concurrent VPN connections: 1
  • VLAN
    • Each network interface allows only one VID
  • Traffic control
    • Only the outbound traffic is supported
    • Maximum number of ports in a rule: 15

System Management

Terminal & SNMP

Specifications

  • Terminal
    • Telnet/SSH
    • Customized SSH cipher list
    • Supports SSH hardware accelerated ciphers
  • SNMP 
    • Supports SNMPv1, SNMPv2c, and SNMPv3 protocols

Notification

Features

  • Sends notification messages via email, push service, or webhooks when system status changes or errors occur
    • Email notifications are delivered to Synology Account or a personal email address
    • Push service supports sending notifications to macOS Safari, Google Chrome, and Microsoft Edge
    • Push service supports sending notifications through DS finder
    • Supported webhook providers include Synology Chat, Microsoft Teams, LINE, SMS, and other webhook providers
  • Supports creating custom rules to trigger the system to send notification messages and applying the rules to specific delivery methods
  • Supports customizing the message content and some variables of notification events

External Devices

Features

  • Supports managing external devices, such as external disks, printers, or USB storage devices, connected to your Synology NAS
  • Supports setting your NAS as a print server to enable printer access for client computers or mobile devices that are connected to your NAS

Specifications

  • Supported file system types on external storage devices include ext4, ext3, FAT32, NTFS, Btrfs, exFAT, and HFS+
    • Installing exFAT Access from Package Center is required to enable exFAT
  • Supports formatting the following file system types on external drives: ext4, FAT32, and exFAT
  • Supported printing protocols include LPR, IPP, Socket, and BJNP
  • Allows setting access permissions for all connected external storage devices, such as assigning permissions to specific users or groups
  • Supports restricting the use of USB port to block all types of external USB storage devices from connecting to your NAS

Limitations

  • Synology HD, FS, SA, XS+, and XS series devices released as of 2022 will no longer support network/USB printers
  • Synology Plus, Value, and J series devices of the 23-series and above will no longer support connection to printers via USB
  • RC18015xs+ does not support USB printers

Task Scheduler

Features

  • Supports scheduling tasks to automatically perform the following actions:
    • Run user-defined scripts
    • Empty Recycle Bins
    • Emit beep sounds
    • Start/stop services

Resource Monitor

Features

  • Supports displaying the following metrics:
    • CPU, RAM, disks, and network usage status
    • Volume/iSCSI LUN usage status
    • NFS usage status
  • Resource usage history
  • Current user connections and accessed files
    • Status of file transferring managed by Speed Limit

Security

Features

  • Protects and encrypts data with multiple security standards
  • Manages multiple firewall rules for specific protocols and services
  • Automatically blocks remote connections to avoid malicious attacks and hacking
  • Supports 3rd party or self-signed certificates

Specifications

  • General
    • Runs Rapid7 vulnerability scans regularly
    • Military-grade AES encryption for shared folders and data transmission
    • Integration with Let's Encrypt to apply for and manage SSL certificates with ease
    • Trust level to safeguard from installing unknown or tampered package files
    • OpenChain 2.0
  • Web Security
    • Automatic logout timer provides a layer of security, with a default timeout duration of 15 minutes of inactivity
    • Admins can restrict users from embedding DSM into other web pages with iFrame
    • Option to set system protection against cross-site scripting attacks
    • Option to enhance system security with HTTP content security policy (CSP) header by allowing only data from trusted sources and restricting inline script execution
    • Supports trusted proxy server
    • Supports management of different access profiles
  • Security Advisor
    • Checks for available DSM and package version updates to ensure security and protect against vulnerabilities
    • Scans system and related network settings, and detects and removes malware for enhanced system security
    • Account and password strength detection
    • Automatically alerts users upon detecting logins from suspicious IP
    • Automatically updates security definitions database to stay up-to-date
  • Firewall
    • Access to ports or services can be individually customized to allow/deny specific IP addresses
    • Supports GeoLite data created by MaxMind
    • Admins can create firewall rules based on geographic regions
    • Admins can organize firewall rules into different firewall profiles
    • DDoS protection on all LANs and PPPoE
    • VPN pass-through for PPTP, L2TP, IP Sec
    • Maximum locations in a rule: 15
    • Maximum rules: 100
  • Auto Block & Account Protection
    • Services which support Auto Block:
      • DSM, SSH, Telnet, rsync, network backup, shared folder sync, FTP, WebDAV, File Station, Photo Station, Audio Station, Video Station, Download Station, Mail Server, Mail Station, Time Backup, VPN Server, Cloud Station Backup, Cloud Station Drive, and Synology mobile apps
    • Services which support Account Protection:
      • DSM, File Station, Audio Station, Video Station, Download Station, Mail Station, Cloud Station Backup, Cloud Station Drive, and Synology mobile apps
    • IP block can be triggered based on a specified number of failed login attempts within a predefined duration. System supports black list and white list to increase management flexibility
    • Account Protection sets separate login attempt, frequency, and protection cancellation rules for trusted and untrusted clients
  • Certificate Management
    • Supports the import and management of multiple certificates
    • Certificate encryption algorithm is supported by RSA and ECC
    • IEEE 802.1X compatibility
    • Supports multiple certificates for different services:
      • Web Apps (HTTPS) and WebDAV
      • FTP SSL/TLS
      • Mail Services
      • RADIUS Server
      • VPN Server
      • Replication Service
      • Synology Drive Server
      • Active Backup for Business
      • CardDAV Server
      • Synology Directory Server
      • Hyper Backup Vault
      • Presto File Server
      • File Station
      • Reverse Proxy
      • Web Station
      • Virtual Host
      • QuickConnect
      • Syslog
      • Surveillance
    • Supports the creation and auto-renewal of Let’s Encrypt wildcard certificate
  • TLS/SSL Profile Level Management
    • Supports TLS v1.1/1.2/1.3
    • Supports multiple TLS/SSL Profile Levels for different services:
      • Web Apps (HTTPS) and WebDAV
      • FTP SSL/TLS
      • Mail Services
      • RADIUS Server
      • VPN Server
  • Misc
    • Offers HTTP Compression for speeding up web page load time
    • Built-in AES-NI hardware encryption engine

Limitations

  • Firewall
    • GeoIP database can only be upgraded along with DSM updates
  • Certificate Management
    • Certificates must be in X.509 PEM format
    • Private keys must be in RSA format and cannot be passphrase protected
    • Certificates issued by Let's Encrypt are valid for 90 days and can be automatically renewed by DSM before they expire. Please make sure your Synology NAS and router have port 80 open for certificate renewal
  • 2-step verification
    • Only users in the administrators group can disable the 2-step verification for regular users
    • Email reset for users in the administrators group is disabled. Users in the administrators group must soft reset the device to remove 2-step verification

Log Center

Features

  • Offers an easy solution for gathering and displaying log messages on Synology NAS
  • Centralized log management interface and the flexible search function to help you find useful information efficiently

Specifications

  • The following functions are only provided by the Log Center package, but not the built-in Log Center application:
    • Archives logs by specified time, number of logs, the data size, and hosts
    • Sends logs to another log server
      • Supports TCP and UDP transfer protocol
      • Supports BSD (RFC 3164) and IETF (RFC 5424) format
      • Supports secured SSL connection by importing certificates
      • Supports sending logs filtered by service categories or log levels
    • Receives logs from the other log servers
      • Supports TCP and UDP transfer protocol
      • Supports BSD (RFC 3164), IETF (RFC 5424), and other customized formats
      • Supports secured SSL connection by importing certificates
    • Keeps the configuration history of the Log Center package
  • Proactive email notification according to log level or specified keywords
  • Advanced log search engine filtering logs by keywords, date range, and log level
  • Supports exporting logs to HTML or CSV files

Affiliated Utility

Synology Assistant

Features

  • An easy-to-use tool for managing your Synology NAS and other devices in the local area network (LAN)
    • For locating and connecting to Synology devices and checking status
    • For centrally managing printers attached to Synology NAS

Specifications

  • System requirements
    • Windows 10 or above
    • macOS 12.4 or above
    • Ubuntu 20.04 or above
  • Supports displaying the following information for Synology devices:
    • Server name
    • IP address
    • IP status
    • Server status
    • MAC address
    • Firmware version
    • Model
    • Serial number
    • WOL (Wake-on-LAN) status
  • Supports mapping a shared folder as a network drive
  • Supports using WOL to remotely wake up Synology NAS
  • Offers memory diagnostic tests for Synology NAS and routers

Limitations

  • Please check Synology Products Compatibility List for compatible printers before setting one up
  • USB printers must be directly connected to Synology NAS via USB ports, not USB hubs
  • The memory card function of connected printers is not supported
  • Servers are unable to provides services during memory diagnostic tests
  • Synology HD, FS, SA, XS+, and XS series devices released as of 2022 will no longer support network/USB printers
  • Synology Plus, Value, and J series devices of the 23-series and above will no longer support connection to printers via USB
  • RC18015xs+ does not support USB printers

DS finder

Features

  • An app that lets you set up and install DSM on Synology NAS directly from your mobile device
  • Supports searching and locating Synology NAS within the same LAN
  • Supports various useful functions to configure your Synology NAS
  • Sends push notifications to your mobile device when system events take place

Specifications

  • System requirements
    • iOS: 13.0 or above
    • Android: 8.0 or above
  • Supports searching and connecting to NAS within the same LAN
  • Supports installing DSM for your NAS with the installation wizard
    • Automatically installs certain Synology packages for your Synology NAS directly from your mobile device
    • Creates Synology Hybrid RAID (SHR) as the default RAID type for quick and easy allocation of your drives' storage space
  • Recommends certain Synology mobile apps for your mobile device
  • Supports managing multiple NAS in one mobile app
  • Supports customizing a port for the Wake-on-LAN (WOL) function to wake up your NAS over the Internet
  • Supports shutting down and restarting NAS directly from your mobile device
  • Triggers beep sounds from your NAS to easily find its location
  • Monitors storage usage and hard drives' health conditions
  • Supports user management, such as adding and deleting users, managing credentials and status, and assigning user groups
  • Supports enabling push notifications to trigger notifications when specific system events take place
  • Supports configuring DSM update settings to automatically update DSM, automatically check for updates, or schedule a time to check for updates
  • Provides system and network information to view all the details about your devices
  • Supports configuring auto IP blocking with the options of blocking rules and block/allow list
  • Supports binding a Synology Account to each NAS for the following services:
    • Supports enabling and setting up QuickConnect to access your NAS in WAN
    • Supports enabling Synology Active Insight to monitor your device
  • Allows for accessing DSM via a mobile web version without having to use a web browser
  • Supports passcode lock to secure the accessibility of your Synology NAS

Limitations

  • Only desktop models whose names start with "DS" are supported

DS file (Mobile)

Features

  • Mobile application for managing files stored on your Synology NAS through secure HTTPS connection
  • Browse pictures, watch videos, or check work documents on the go

Specifications

  • System requirements
    • iOS: 14.0 or above
    • Android: 8.0 or above
  • Supports logging in securely via SSL/TLS connections and verifying the server certificate installed on your Synology server
  • Supports sharing credentials with other Synology mobile apps and recording login history, allowing you to skip entering user credentials multiple times
  • Supports file management and file navigation
    • Basic operations: Uploading, downloading, moving, copying, renaming files
    • General supported file types:
      • Documents: doc, docx, pdf, ppt, pptx, txt, xls, xlsx, htm, html
      • Images: jpg, jpeg, png, gif, bmp, tiff
      • Video: mp4, m4v, mov
      • Audio: mp3, m4a, wav, 3gp, wav
      • The supported file formats vary depending on the capabilities of your mobile device
    • My Favorites: Supports adding frequently accessed files as shortcuts
    • Offline Files: Supports pinning files for access without Internet connection
    • Tasks: Supports displaying ongoing upload and download tasks and their respective statuses
  • Supports sharing files and folders with customized link settings to protect your data
    • Validity Period
    • Password
  • Supports backing up photos from your mobile device to your Synology NAS with granular settings
    • Backup modes:
      • Back up new photos: Back up only newly added photos/videos
      • Back up all photos: Back up newly added photos/videos as well as existing ones
    • Backup rules:
      • Upload on Wi-Fi only: Back up photos/videos only when your mobile device runs on Wi-Fi
      • Upload photos only: Back up only photos but not videos
      • Keep Original File Name: Keep original file names of backed up photos/videos. If not enabled, their file names are replaced with the date they were created
      • Live Photo: Upload live photos only, or upload both photo and video
    • Free up mobile space: Remove the photos and videos that have been backed up to your Synology NAS to release storage space on your mobile device
  • Supports archiving and extracting items to save storage space and provides password protection to safeguard sensitive data
    • File formats supported for extraction: zip, .tar, .gz, .tgz, .rar, .7z, .iso (ISO 9660 and Joliet)