Release Notes for Threat Prevention

Threat Prevention guards your Synology Router from network threats, and identifies malicious packets to prevent your Synology Router from infection and data compromise.

Version: 1.3.0-0875


(2022-05-26)

Fixed Issues

  1. Fixed the issue where Threat Prevention failed to build the database.

Version: 1.2.5-0804


(2022-05-26)

Fixed Issues

  1. Fixed the issue where Threat Prevention failed to build the database.

Version: 1.3.0-0874


(2022-05-11)

What's New

  1. Updated to support VLAN-related functions.
  2. Updated the Suricata threat detection engine to version 6.0.3.
  3. Supports automatically archiving past event logs when updating packages to reduce the update time.
  4. Added network stability priority mode to avoid network disruptions when packets exceed the system's processing capacity.

Fixed Issues

  1. Fixed an issue where Google Voice traffic would be incorrectly blocked by its signature.
  2. Fixed a security vulnerability regarding Suricata (CVE-2021-45098).

Version: 1.2.5-0803


(2021-05-11)

Fixed Issues

  1. Optimized the efficiency of building the signature database.
  2. Updated the Suricata threat detection engine to version 4.1.10.
  3. Fixed an issue where the drop-down menus of source/destination IPs might incorrectly display the WAN interface during the setup of signature policies with Smart WAN load balancing enabled.
  4. Minor bug fixes.

Version: 1.2.4-0793


(2020-06-30)

Fixed Issues

  1. Fixed the issue where the device list might fail to be displayed at the Settings > Device tab after SRM is updated to 1.2.4.

Version: 1.2.4-0792


(2020-06-18)

Important Note

  1. The update will be available for all regions within the following days, while the release time in each region may vary slightly.
  2. Adjusted the default notification settings: only signatures labeled as "high severity" will trigger notifications by default (except for user-defined notification settings).

What's New

  1. Added support to auto-detect the condition of signature database and automatically rebuild the damaged database.
  2. Added the timestamp of an event to notification mails.
  3. Updated Suricata threat detection engine to 4.1.4.

Fixed Issues

  1. Fixed the issue where a single event might trigger multiple notifications.
  2. Fixed the issue where the configurations might not be restored properly when database update is running at the same time.
  3. Fixed the issue where database updates might fail owing to the inconsistency of signature classes between new and old databases.
  4. Fixed the issue where the status on the Overview page might wrongly become "Service stopped" for a while if Synology Router is restarted during a database update.
  5. Fixed multiple security vulnerabilities regarding Threat Prevention (CVE-2019-16410 and CVE-2019-15699).
  6. Minor bug fixes.

Version: 1.2.3-0779


(2019-12-10)

Fixed Issues

  1. Fixed the issue where a signature database update might cause incorrect update status.
  2. Fixed the issue where the system status might be incorrect if Synology Router is restarted during a signature database update.
  3. Fixed the issue where event notifications might be duplicated.
  4. Fixed the issue where restoration will fail when database update is also ongoing.
  5. Fixed the issue where restoration might fail if signatures in the database are modified or deleted.
  6. Minor bug fixes.

Version: 1.2.2-0776


(2019-09-10)

Fixed Issues

  1. Fixed the issue where some signatures detect packets from ".to" domain and Cloudflare DoH as risky events.

Version: 1.2.1-0774


(2019-07-25)

Compatibility & Installation

  1. Threat Prevention 1.2.1-0774 is compatible with SRM 1.2.3 and above.

Fixed Issues

  1. Fixed the issue where Threat Prevention might not work properly if the signatures contain specific characters.

Version: 1.2.0-0772


(2019-07-24)

Compatibility & Installation

  1. Threat Prevention 1.2.0-0772 is compatible with SRM 1.2.3 and above.

What's New

  1. Users can now copy the content on the event page.

Fixed Issues

  1. Fixed the issue where the map in statistics might not show properly during the update of geographic database.
  2. Fixed the issue where the event page might now show properly.
  3. Fixed the issue where the timestamp of event might not be correct in daylight saving time.
  4. Fixed the issue where the guest network might not be included by the Threat Prevention settings.
  5. Enhanced system performance by reducing the memory usage.
  6. Fixed the issue where the database might be corrupted after the interruption of signature database update.
  7. Fixed the issue where the notification settings might not be applied properly.
  8. Fixed the issue where a device which is not online might still display in the list.
  9. Fixed the issue where the log storage settings might not be applied properly after the restoration of configuration.
  10. Fixed the issue where the signature database might be corrupted after a self-defined policy is set up.
  11. Users are now unable to change settings for certain signatures.
  12. Minor bug fixes.

Version: 1.1.0-0760


(2019-01-29)

Compatibility & Installation

  1. Threat Prevention 1.1.0-0760 is compatible with SRM 1.2.1 and above.

What's New

  1. Added support for whitelist functions, limiting Threat Prevention protection to designated devices.
  2. Added support for running Threat Prevention in Wireless AP mode.

Fixed Issues

  1. Reduced the memory usage.
  2. Fixed an issue where Threat Prevention pages might not function properly when a large number of events occur.
  3. Fixed issues regarding signature schedules, names, and status displays.
  4. Fixed an issue where destination IPs are not included in the Source Country count in the Statistics page.
  5. Added a notification to the Overview page indicating the network is healthy.
  6. Fixed an issue where traffic form the corresponding interfaces might not be filtered when an LTE dongle is in use.
  7. Fixed an issue where the source and destination IPs of events are not shown simultaneously.

Limitation and Known Issues

  1. Threat Prevention is not supported on RT1900ac models running Wireless Client mode and RT2600ac models running Wireless repeater mode.
  2. In Wireless AP mode, please connect the uplink cable to the WAN port of the router to assure functionality.
  3. Events generated by Intrusion Prevention will not be migrated.

Version: 1.0.2-0744


(2018-12-04)

Fixed Issues

  1. Fixed an issue where the throughput of Threat Prevention may drop after self-defined policies are added or signatures are updated.

Version: 1.0.1-0741


(2018-10-16)

Fixed Issues

  1. Fixed an issue where the time of events might be wrongly displayed on Safari.

  2. Fixed an issue where the migration status might be wrongly displayed when Threat Prevention migrates from Intrusion Prevention.

Version: 1.0.0-0738


(2018-10-04)

Compatibility & Installation

  1. Threat Prevention 1.0.0-0738 is only compatible with SRM 1.2 and above.

What's New

  1. Fixed performance issues and reduced the CPU and memory usage.

  2. Supports trend charts of detected malicious packets.

  3. Supports batch setting for changing the action of multiple signatures.

  4. Supports setting dropping high-severity packets automatically as default.

  5. Supports the importing and exporting of Threat Prevention settings files.

  6. Supports policy changing of triggered events.

  7. Supports the listing of devices which need concern.

  8. Supports the self-defined policy page to manage all modified classes or signatures.