Business File Server

Business File Server

To collaborate and share files across teams or locations while also considering data governance and privacy, Synology combines the flexibility of the cloud with control of on-premises file services.

Next generation file service in hand

Less hassle for your IT team

A solution to mitigating maintenance efforts and costs.

  • Keep control of the storage capacity of shared folders by configuring user quota.
  • System operations are well logged with the visual display of historical logs and advanced search engine to quickly identify an event.
  • Save time by letting employees recover accidentally deleted files by themselves with built-in snapshot technology and file versioning.
  • Install Synology Directory Server and turn your NAS into a mixture of file and directory server.

Team up & share

Configure quota and privilege settings for Team Folder to better manage storage capacity for departments, and create sharing links in a few clicks with password and expiration date protection.

  • Sync and share files across individual sites, so employees can focus on delivering the best results. Learn more
  • Index all the files in NAS and search with ease.
  • Collaborate with colleagues and partners with Document, Spreadsheet, and Slides. Learn more

Mission-critical backup for business data

There’s no harm in having one more copy.

  • Create a High Availability cluster to avoid unexpected service disruptions. Learn more
  • Easily encrypt and back up data to a remote location, such as another Synology NAS, file server, or even the public cloud service of your choice. Learn more
  • In businesses where maintaining 24/7 service is paramount, advanced security measures are provided to safeguard your data. Learn more

Customer stories

See how these organizations achieved more with Synology.

Synology was the best option as it was not only stable but also cost-effective.

Synology enables simple data delivery via network system, which brings about convenient utilization and more flexibility of back-end system management.

In just one package, we were able to meet our performance and HIPAA compliance requirements.

Synology was the best option as it was not only stable but also cost-effective.

Krys Group Learn more

Synology enables simple data delivery via network system, which brings about convenient utilization and more flexibility of back-end system management.

New Taipei City Learn more

In just one package, we were able to meet our performance and HIPAA compliance requirements.

Heartland Dental Learn more

Get started

Storage Manager

Features

  • The Btrfs file system can perform file self-healing to automatically detect silent data corruption and recover corrupted data (See limitation 1)
  • Powerful snapshot feature for creating point-in-time snapshots
  • SSD cache support for enhancing system performance

Specifications

General
  • File system types:
    • ext4 and Btrfs (See limitation 2)
    • For external devices: ext4, ext3, FAT, FAT32, NTFS, Btrfs, exFAT, HFS, and HFS+ (See limitation 2)
  • RAID types:
    • Basic, SHR-1, SHR-2, JBOD, RAID 0, RAID 1, RAID 5, RAID 6, RAID 10, and RAID F1 (See limitation 2)
  • RAID conversion:
    • Basic to RAID 1, Basic to RAID 5, RAID 1 to RAID 5, RAID 5 to RAID 6, and SHR-1 to SHR-2
  • Up to 512 shared folders (See limitation 2)
  • Up to 256 volumes (See limitation 2)
  • Supports creating global and dedicated hot spare drives
  • Supports expanding storage pool and volume capacity without service disruption
  • Supports creating SSD read-only caches and SSD read-write caches
  • Supports setting volume usage quota
  • Supports setting usage and user quota for shared folders in the Btrfs file system
  • Supports scheduling data scrubbing to ensure data integrity (See limitation 4)
  • Supports adjusting the data scrubbing speed limit, repairing storage pools, expanding storage pools, and changing the RAID types of storage pools
  • Supports RAID Group to improve the level of protection (See limitation 2)
  • Supports Dynamic Bad Sector Mapping to enhance data integrity during storage pool repair
  • Supports complete Windows access control list (ACL)
  • Supports shared folder encryption
Drive Management
  • Supports HDD hibernation feature for power saving
  • Supports SSD TRIM feature for sustained performance
  • Supports scheduling S.M.A.R.T. tests
  • Supports Seagate IronWolf Health Management (IHM)
  • Supports deactivating HDDs while Synology NAS is powered on to prevent service disruption
  • Supports switching the LED indicator of a specific drive slot
ext4 File System
  • Maximum single file size: 16 TiB
  • Maximum file name length: 255 bytes (See limitation 5)
  • Maximum path name length: 4,096 bytes (See limitation 5)
  • Maximum symbolic link depth: 40
  • Maximum single volume size: 200 TiB (See limitation 2)
  • Recommended maximum number of files per folder in the same level: 100,000 (See limitation 3)
Btrfs File System
  • Maximum single file size: 16 TiB
  • Maximum file name length: 255 bytes (See limitation 5)
  • Maximum path name length: 4,096 bytes (See limitation 5)
  • Maximum symbolic link depth: 40
  • Maximum single volume size: 200 TiB (See limitation 2)
  • Recommended maximum number of files per folder in the same level: 100,000 (See limitation 3)
  • Supports inline compression
  • Supports performing file self-healing to automatically detect and recover silent data corruption on metadata and data (See limitation 1)
  • Supports copying data instantly via the SMB protocol when the source and destination of the data are located in the same Btrfs volume
  • Allows manual implementation of file system defragmentation to enhance system performance
  • Integrated with Synology Drive Server and Hyper Backup to enhance storage efficiency and data consistency
Snapshots on the Btrfs File System
  • Supports taking snapshots and creating replication tasks for shared folders and LUNs
  • Maximum number of snapshots per system:
    • Memory exceeding or equivalent to 2 GB: 65,536
    • Others: 4,096
  • Maximum number of snapshots per shared folder:
    • Memory exceeding or equivalent to 2 GB: 1,024
    • Others: 256
  • Maximum number of snapshots per LUN:
    • Memory exceeding or equivalent to 2 GB: 256
    • Others: 64
  • Supports taking application-consistent snapshots
  • Supports browsing read-only snapshots
  • Supports Windows Previous Versions feature

Limitations

  1. The data checksum option must be enabled on a shared folder before silent data corruption detection can take effect (Only RAID 1, RAID 5, RAID 6, and RAID F1 support corrupted data recovery)
  2. Varies according to models (Refer to here for more information)
  3. Approximately 1 GB memory is required for listing 100 million files in a folder of the same level
  4. File system scrubbing (only supported on the Btrfs file system) and RAID scrubbing (only supported on RAID 5, RAID 6, and RAID F1) will run sequentially when data scrubbing is performed
  5. Different character encodings may contain different data sizes (e.g., a character with UTF-8 encoding may contain 1 to 4 bytes)

Directory Clients

Features

  • Seamless integration with Windows AD, Azure AD Domain Service, and LDAP servers
  • Smooth access with Single-Sign-On (SSO) support
  • Intrinsic privilege settings to accommodate administration needs
  • Extensive integration to the Synology services

Specifications

  • Supports privilege settings of domain/LDAP users' and groups' access to shared folders and applications
  • Supports limiting transfer rates of DSM services used by domain/LDAP users and groups
  • Supports home folders for domain/LDAP users
  • Domain client
    • Supports trusted domains
    • Supports joining to a domain with a read-only domain controller (RODC)
    • Supports assigning up to 10 domain groups to become local administrator groups
    • Allows administrators to specify DC IP/FQDN, domain NetBIOS, and domain FQDN
  • LDAP client
    • Supports OpenLDAP, IBM Lotus Domino, and user-defined server profiles
    • Supports nested groups and UID/GID shifting
    • Based on LDAP version 3 (RFC2251)
  • SSO client
    • Supports Integrated Windows Authentication
    • Supports Synology SSO Server
    • Supports SSO servers using the OpenID Connect protocol, including Microsoft Azure AD Domain Service and IBM WebSphere
  • Apps supporting domain/LDAP users
    • SMB
    • FTP
    • WebDAV
    • File Station
    • Network Backup
    • Cloud Station
    • Cloud Sync
    • Audio Station
    • Video Station
    • Mail Service
    • Surveillance Station
    • Personal Web Station
    • Photo Station
    • VPN Server
    • Note Station
    • Synology Drive
    • Moments

Limitations

  • Domain/LDAP users and groups do not support special characters "[{}|^[]?=:+/*()$!"#%&',;<>@`~]"
  • LDAP users and groups can only use integers for their unique IDs
  • Synology LDAP client can only join an LDAP directory with the support of Samba schema. NT Password is required for accessing LDAP services via the SMB protocol
  • Synology LDAP client uses objectClass posixAccount for users and objectClass posixGroup for groups by default. If your LDAP server does not support posixAccount or posixGroup, please set up a profile to map the attributes correctly:
    • User name: posixAccount - uid
    • User ID: posixAccount - uidNumber
    • Group name: posixGroup - cn
    • Group ID: posixGroup - gidNumber

Synology Directory Server

Features

  • Centrally secures and manages identities of users, groups, and devices within an organization
  • Automates and integrates identity and access control into IT operations
  • Supports Active Directory group-based access controls

Specifications

  • Domain functional level: Equal to Windows Server 2008
  • Maximum objects support:
    • DSM UI operation: 2,000*
    • Windows RSAT operation: 20,000*
    • Note: The actual figure depends on the capability of your Synology NAS (learn more)
  • Maximum groups that a user can join: 50
  • Maximum concurrent connections: 2,000*
  • Supports domain clients running Microsoft Windows 7 and above, macOS, and Linux
  • Supports roaming user profiles and home folder creation (learn more)
  • Supports account single sign-on and Windows NTLM
  • Supports TLS domain controller certification
  • Supports custom NetBIOS domain names
  • Supports Hyper Backup and Synology High Availability for protection of configurations
  • Sets group membership and policies via RSAT (learn more)
  • Adopts Kerberos-based authentication
  • Integrated with DNS Server to register DNS settings upon domain creation
  • Increases account security via account lockout policies and password strength policies (e.g., expiration period, password length, and historical record comparison)

Limitations

  • Supports a single domain only
  • Supports a single domain controller only
  • After a domain is created, SMB signing will be enabled automatically, which may reduce read/write performance during SMB file transfer

Synology Drive

Synology Drive Server

Features

  • Synchronization server for clients on various platforms
  • Cross-office file collaboration among Synology NAS servers
  • File management on web portal
  • Integrated with Synology Office for online file editing
  • Generates safe and secure file sharing links

Application components

  • Synology Drive Admin Console
  • Synology Drive ShareSync
  • Synology Drive

Specifications

  • Compatible with DSM 6.2.2 or above
  • The following packages from Package Center must be installed first:
    • Synology Universal Search
    • Synology Application Service

Synology Drive Admin Console

Features
  • Service management center for administrators to monitor and control business data assets and resources on Synology Drive
  • File synchronization server for corresponding client applications on computers, mobile phones, and other Synology NAS servers
  • Option to select specific shared folders on Synology NAS for access in Synology Drive with history version policies
  • Flexible settings for users' access and sharing permissions to suit any deployment scenarios
  • Point-in-time history version restoration of files and folders
Specifications
  • Shared folder service management with versioning policies
    • Up to 32 historical file versions with cross-version deduplication
    • Historical version rotation with duration of 7, 30, 60, or 120 days
    • Retention policy of first-in-first-out method or Intelliversioning algorithm, preserving the most significant file versions
  • Recommended number of concurrent computer client connections per Synology NAS: Up to 2,000 (See Note 1)
  • Monitors and logs detailed system health status, user actions, and events, including service disruption, modification of shared folder configurations, and file manipulations
  • Non-admin users' sharing permission settings, including the ability to share files publicly as well as directly with assigned DSM users and group accounts
  • Blacklisting file types (e.g., documents, music, videos, images, etc.), file name, file extensions, and maximum file size for specific users' syncing files
  • Connection list of client applications with detailed information (e.g., device name, username, application type, online/offline status, IP address, location) as well as an option to unlink the connection
  • Customizable content indexing rules for each shared folders for robust search in Synology Drive
  • Calculation of application's storage usage and option to manually clean up deleted files in recycle bins to free up space
  • Version Explorer allows administrators to switch view roles, browse file/folder version history, and download/restore them with minute-level version granularity
Limitations
  • Mounted shared folders cannot be enabled as team folders
Note
  1. The number of concurrent computer client connections may vary for different Synology NAS models (Refer to each Synology NAS model's product spec for the recommended number)

Synology Drive ShareSync

Features
  • Real-time collaboration via two-way synchronization with multiple Synology NAS servers in multiple locations
  • One-way synchronization to distribute or collect data and files to remote Synology NAS servers
  • Flexible options to sync folders and selectively sync sub-folders to prevent redundant file syncing
Specifications
  • Sync files on shared folder basis or selectively sync sub-folders with multiple Synology NAS servers
  • Flexible sync mode settings with either syncing all privileges, only domain user privileges or files excluding permissions and metadata
  • Two-way sync or one-way upload/download to meet different remote offices and collaboration needs
  • Blacklisting file types (e.g., documents, music, videos, images, etc.), file name, file extensions, and maximum file size for syncing files and folders for each syncing task
  • Options to tackle file version conflict by either keeping the latest modified version, or keeping the version on the server and renaming to keep the discarded version
  • Monitors syncing status with information connected servers' information and connection status for error handling
  • Monitors and logs detailed file syncing events which can be filtered by shared folders, keywords, or date range
Limitations
  • Under the following circumstances, files will not be synced by Synology Drive ShareSync:
    • Certain file types or file paths containing certain characters (Learn more)
    • The file path is longer than 2,048 characters
    • The file name is longer than 255 characters
  • Each Synology NAS can connect with multiple host Synology NAS servers, but a Synology NAS can only be paired with the host Synology NAS once
  • A local shared folder cannot be set as the sync folder for multiple host Synology NAS servers simultaneously
  • User home folders (homes), mounted shared folders, and folders without write permission cannot be used as sync folders
  • Files and folders under the mounted folder on the client Synology NAS will not be synced

Synology Drive

Features
  • File access on web portal and collaboration through team folders with labels and stars to categorize or mark important files
  • Granular and flexible file/folder permission settings for secure sharing scenarios
  • Integration with the online editing tool Synology Office and instant messaging service Synology Chat for seamless team collaboration
Specifications
  • Supported browsers including Firefox, Chrome, Safari, and Internet Explorer 10 or later
  • File management with labels, stars, or hotkey, and sorting by title, modified time, type, owner, and size
  • Content searching via DSM built-in package Synology Universal Search with a variety of search criteria (e.g., keyword, location, type, owner, labels, size, and date) to quickly gather the most relevant data
  • Customizable permission settings to share folders and files only with other DSM users, or share publicly with the protection of password and validity period
  • Monitors and logs detailed user actions and events, including file manipulations, permission modifications, and version rotations
  • Provides the ability for team collaboration on documents, spreadsheets, and slides through the integration with Synology Office
  • Sends important update notifications via the Synology instant message application Synology Chat
  • Backs up Synology Drive to local or remote destinations and restores the settings and data of the package to a previous point in time with the Synology package Hyper Backup
Limitations
  • Deleted files from Team Folder will be placed in the Recycle Bin, which is only accessible by system administrators

Synology Drive Client

Features

  • Desktop application to synchronize files and folders between the computer and the Synology Drive server to access, browse, and share files via file browser
  • Real-time or scheduled computer backup from the local computer to Synology Drive Server with the capability to restore files and folders on the client side

Specifications

  • Create up to 64 sync tasks with Synology Drive Client for Windows environment
  • On-demand Sync option to reduce computer capacity consumption and overhead on the server (Available on Windows 10 version 1809 and above)
  • File access from file browser on local computer with synchronization with My Drive, Team Folder, and Shared with me folders on Synology Drive Server
  • Two-way sync or one-way upload/download to meet different collaboration needs
  • Blacklisting file name, file extensions, and maximum file size for each sync task
  • Flexible backup settings with continuous, manual, or schedule mode to meet different backup needs
  • Monitors and logs file manipulations, including downloads, delete, rename, etc.

Limitations

  • Certain file and drive types are not supported on Synology Drive sync task (Learn more)
  • .pst files are not supported because .pst files are not guaranteed to be portable
  • Only one backup task can be established for one account
  • Folders already synced or folders that are ancestor or child folders to a synced folder cannot be selected for sync task
  • If the local folder contains a folder mounted via other file protocols, files inside this mount point might not be synced because Synology Drive cannot detect file changes inside a mount point
  • On-demand Sync
    • Local folders which are already synced with Synology Drive's On-demand Sync, OneDrive's File On-Demand, or iCloud Drive and their child folders cannot be selected for a task with On-demand Sync
    • Root drive directories (e.g., C:\ and D:\) and home directories (e.g., C:\Users<username>) cannot be selected as On-demand Sync folder

Synology Drive Mobile

Features

  • Easy access and file management on the go with file searching, sharing, moving, and applying labels in iOS and Android environments
  • Granular and flexible file or folder permission settings for secure sharing scenarios 
  • Offline access to view the files downloaded to the local device

Specifications

  • Compatible with DSM 6.2.2 or above
  • File management with labels, stars, sorting by title, modified time, type, owner, and size
  • Content searching with a variety of criteria (e.g., keyword, location, type, owner, labels, size, and date) to quickly gather the most relevant data
  • Customizable permission settings to share folders and files only with other DSM users, or share publicly with the protection of password and validity period
  • Secure application lock with passcode and 2-step verification if the option has been enabled in DSM
  • Offline access and auto-update for multiple files on a local device
  • Option to view files in My Drive by file types (e.g., document, photo, video, music)
  • Integration with iOS Files and Android document provider as a universal entry to easily browse, open, edit, or move files among different storage apps
  • Seamlessly edit files online with Microsoft applications
  • Smooth previews and generation of thumbnails of raw images, and support for viewing general file formats (Supported formats may vary by OS and device)
    • Synology Office files: Synology Document, Synology Spreadsheet, Synology Slides
    • Documents: htm, html
    • Images: jpg, jpeg, png, gif, bmp
    • Audio files: mp3, m4a (except for alac), m4b, flac, ogg, wav
  • Accelerates file loading speed with cache management

Limitations

  • Synology Slides cannot be viewed if the files are opened with links that do not allow downloads or copies in iOS device

Snapshot Replication

Features

  • Schedulable and near-instantaneous data protection
  • Supports various replication topologies for different scenarios, including active-active, extended replication, one-to-many and hub-to-spoke
  • Fast data recovery on the disaster recovery site
  • Snapshot management, preview and recovery for all file services and File Station

Specifications

  • Customizable snapshot and replication schedules
    • Snapshot can be taken every 5 minutes
    • A replication task for a shared folder can be executed every 5 minutes
    • A replication task for a LUN can be executed every 15 minutes
  • Maximum number of snapshots per system:
    • Memory exceeding or equivalent to 2 GB: 65,536
    • Others: 4,096
  • Maximum number of snapshots per shared folder:
    • Memory exceeding or equivalent to 2 GB: 1,024
    • Others: 256
  • Maximum number of snapshots per LUN:
    • Memory exceeding or equivalent to 2 GB: 256
    • Others: 64
  • Maximum replication tasks (See limitation 2)
    • 64 per system (shared folder + LUN)
    • 64 per shared folder
    • 32 per LUN
  • Customizable retention rules for different snapshot management demands
  • Supports external storage devices to boost initial replication
  • Online preview of snapshot content and downloading single file in snapshots (See limitation 7)
  • Restoration of files and folders by using Windows Previous Versions
  • Snapshot size calculation for space management
  • Customizable IP address and port of a replication task
  • Replication transmission encryption
  • Supports verification tests on site recovery and snapshot integrity

Limitations

  1. Each one-to-many/extended replication supports three different sites as destination sites at most
  2. The maximum number of replication tasks varies according to models (Refer here for more information)
  3. Only shared folder snapshots support:
    • Online preview of snapshot content
    • File and folder restoration using Windows Previous Versions
    • Calculation of snapshot size for space management
  4. Snapshots cannot be taken if there is less than 100 MB of available space on the volume
  5. NFS permission cannot be recorded in snapshots
  6. Data in the recycle bin are recorded in snapshots
  7. Encrypted shared folders do not support online preview of snapshot content

Synology High Availability

Features

  • Real-time system protection to maximize service availability
  • Automatic failover to minimize system interruption resulted from service failure or hardware unavailability
  • Manual switchover to periodically test and maintain the functioning of high-availability
  • Unified and friendly user interface to easily manage and monitor the high-availability cluster
  • Intuitive and easy-to-follow troubleshooting process

Specifications

  • Automatic failover ensures system availability upon:
    • Service unavailability:
      • CIFS
      • iSCSI
      • AFP
      • FTP
      • NFS
      • Synology Directory Server
    • Crashed storage space
    • Cluster network disconnection (The network between the high-availability cluster and the clients)
    • System unavailability on the active server
  • Automatic failover and manual switchover complete within minutes to achieve minimal downtime (See limitation 8)
  • Identical memory size on both active and passive servers is not required but highly suggested for consistent performance (See limitation 9)
  • High-availability cluster can be created with two compatible Synology NAS (Learn More)
  • Easy-to-navigate dashboard to closely monitor the CPU, memory, and drive utilization of both host servers
  • Real-time data replication between the active and passive servers to maintain data consistency
  • Supports Quorum Server to effectively minimize the occurrence of split-brain error
  • Compatible with intensive workloads and various virtualization solutions, e.g., VMware®, vSphere™, Microsoft® Hyper-V®, Citrix® XenServer™, and OpenStack Cinder
  • Package not supported in a high-availability cluster: PetaSpace
  • Total number of created volumes and iSCSI LUNs in a high-availability cluster cannot exceed 64
  • Functions not available in a high-availability cluster:
    • Scheduled power-on
    • HDD hibernation
    • DHCP server
    • IPv6

Limitations

  1. USB external devices are only accessible when connected to the active server
  2. Link Aggregation cannot be modified after the high-availability cluster is created
  3. Heartbeat connection is strongly recommended to be a direct connection between the active and the passive servers (There is no guarantee the connection will be stable or reliable if the Heartbeat connection passes through a network switch)
  4. Drive position within the active and the passive servers cannot be changed after the high-availability cluster is created
  5. Direct system migration is not supported in a high-availability cluster (Cluster migration requires upgrading the passive and active servers in order)
  6. Passive server is not available for user login as all operations are processed on the active server
  7. System resources will be partially allocated to create and maintain a high-availability cluster, resulting in a potential 15% impact on overall system performance
  8. Duration of automatic failover and switchover may vary depending on product model, system utilization, volume size, number of packages running on the high-availability cluster, and other factors
  9. Failover will not be available if SSD cache is created on servers that do not have identical memory size and are in a high-availability cluster

Security

Overview

Features

  • Protects and encrypts data with multiple security standards
  • Manages multiple firewall rules for specific protocols and services
  • Automatically blocks remote connections to avoid malicious attacks and hacking
  • Capability to fully scan files and security settings of the system
  • Supports 3rd party or self-signed certificates

Specifications

  • General
    • Runs Rapid7 vulnerability scans regularly
    • Military-grade AES encryption for shared folders and data transmission
    • Integration with Let's Encrypt to apply for and manage SSL certificates with ease
    • Trust level to safeguard from installing unknown or tampered package files
  • Web Security
    • Automatic logout timer provides a layer of security, with a default timeout duration of 15 minutes of inactivity
    • Admins can restrict users from embedding DSM into other web pages with iFrame
    • Option to set system protection against cross-site scripting attacks
    • Option to enhance system security with HTTP content security policy (CSP) header by allowing only data from trusted sources and restricting inline script execution
    • Supports trusted proxy server
    • Supports management of different access profiles
  • Security Advisor
    • Checks for available DSM and package version updates to ensure security and protect against vulnerabilities
    • Scans system and related network settings, and detects and removes malware for enhanced system security
    • Account and password strength detection
    • Automatically alerts users upon detecting logins from suspicious IP
    • Automatically updates security definitions database to stay up-to-date
  • Firewall
    • Access to ports or services can be individually customized to allow/deny specific IP addresses
    • Supports GeoLite data created by MaxMind
    • Admins can create firewall rules based on geographic regions
    • Admins can organize firewall rules into different firewall profiles
    • DDoS protection on all LANs and PPPoE
    • VPN pass-through for PPTP, L2TP, IP Sec
    • Maximum locations in a rule: 15
    • Maximum rules: 100
  • AntiVirus Essential
    • Powered by ClamAV scanning engine
    • Conducts full system or specific folders scans, or schedules automatic scan tasks
    • Offers Smart Scan for new or modified files
    • Offers White List to exclude files from being scanned
    • Automatically updates virus definition database to stay up-to-date
  • AntiVirus by McAfee
    • Powered by McAfee scanning engine
    • Conducts full system or specific folders scans, or schedules automatic scan tasks
    • Offers Smart Scan for new or modified files
    • Offers White List to exclude files from being scanned
    • Automatically updates virus definition database to stay up-to-date
    • Available on specific models only (Learn more from this product comparison page)
  • Auto Block & Account Protection
    • Services which support Auto Block:
      • DSM, SSH, Telnet, rsync, network backup, shared folder sync, FTP, WebDAV, File Station, Photo Station, Audio Station, Video Station, Download Station, Mail Server, Mail Station, Time Backup, VPN Server, Cloud Station Backup, Cloud Station Drive, and Synology mobile apps
    • Services which support Account Protection:
      • DSM, File Station, Audio Station, Video Station, Download Station, Mail Station, Cloud Station Backup, Cloud Station Drive, and Synology mobile apps
    • IP block can be triggered based on a specified number of failed login attempts within a predefined duration. System supports black list and white list to increase management flexibility
    • Account Protection sets separate login attempt, frequency, and protection cancellation rules for trusted and untrusted clients
  • Certificate Management
    • Supports the import and management of multiple certificates
    • IEEE 802.1X compatibility
    • Supports multiple certificates for different services:
      • Web Apps (HTTPS) and WebDAV
      • FTP SSL/TLS
      • Mail Services
      • RADIUS Server
      • VPN Server
      • Replication Service
      • Synology Drive Server
      • Active Backup for Business
      • CardDAV Server
      • Synology Directory Server
      • Hyper Backup Vault
      • Presto File Server
      • File Station
      • Reverse Proxy
      • Web Station
      • Virtual Host
      • QuickConnect
      • Syslog
      • Surveillance
    • Supports the creation and auto-renewal of Let’s Encrypt wildcard certificate
  • TLS/SSL Profile Level Management
    • Supports TLS v1.0/1.1/1.2
    • Supports multiple TLS/SSL Profile Levels for different services:
      • Web Apps (HTTPS) and WebDAV
      • FTP SSL/TLS
      • Mail Services
      • RADIUS Server
      • VPN Server
  • 2-step verification
    • Time-based One-Time Password (TOTP) protocol
    • 2-step verification enforcement for specific user groups
    • Allows trusted devices to skip the 2-step verification step
    • Supports Google Authenticator and Microsoft Authenticator mobile apps
  • Misc
    • Offers HTTP Compression for speeding up web page load time
    • Built-in AES-NI hardware encryption engine

Limitations

  • Firewall
    • GeoIP database can only be upgraded along with DSM updates
  • AntiVirus Essential
    • Files larger than 2,048 MB will not be scanned
    • The probability of success for finding viruses hidden in archive files (e.g., ZIP, RAR, ARJ, Tar, Gzip, Bzip2) will be lower due to scanning engine limitations
    • Remote Folders (CIFS) mounted in File Station will not be included in full scan
  • AntiVirus by McAfee
    • Remote Folders (CIFS) mounted in File Station will not be included in full scan
  • Certificate Management
    • Certificate encryption algorithm is supported by RSA only
    • Certificates must be in X.509 PEM format
    • Private keys must be in RSA format and cannot be passphrase protected
    • Certificates issued by Let's Encrypt are valid for 90 days and can be automatically renewed by DSM before they expire. Please make sure your Synology NAS and router have port 80 open for certificate renewal
  • 2-step verification
    • Only users in the administrators group can disable the 2-step verification for regular users
    • Email reset for users in the administrators group is disabled. Users in the administrators group must soft reset the device to remove 2-step verification

Log Center

Features

  • Receiving up to 3,000 syslog events per second
  • A historical log activity chart
  • Log archiving by a specified time, number of logs, the data size, and different hosts
  • Archives downloaded as HTML or CSV files
  • Proactive email notification according to log severity or specified keywords
  • Customized log transferring protocol
  • Customized log formats
  • Advanced log search engine
  • SSL connection
  • Log rotation: one month, three months, six months, and one year

Presto File Server

Features

  • User account with admin privilege is required for accessing Presto File Server on DSM
  • Supports TLS and AES-128 encrypted file transfers
  • Forced encryption on all login credentials
  • Supports IPv6
  • Supports 2-step verification
  • Provides real-time monitoring of all transfer status on the Overview section
  • Supports kicking specific clients that are connected to the server
  • System logs and transfer logs can be exported
  • Daily, weekly, monthly, and annual usage reports can be generated in HTML format
  • Reports can be generated according to set schedules and sent to designated email addresses
  • Allows servers to configure the total inbound and outbound traffic generated from all the connected clients
  • Supports in-app purchase of licenses or activating a 30-day free trial on Presto File Server
  • Supports centralized management to compress and encrypt all file transfers
  • Supports centralized management to set the maximum inbound and outbound traffic shared among all the clients connected to the server
  • Supports anonymous login
  • Supports usage through command-line interface
  • Sends an email notification if a client is disconnected from the server for more than 14 days 
  • Supports multiple filename conflict policies, allowing transferred files to be overwritten, skipped, or renamed when filename conflicts occur
  • Supports automatically migrating license keys when a license is migrated to another clustered machine
  • Supports downloading files and client installers for all the supported platforms directly from Presto File Server
  • Launched Synology Presto Automator, which is a scheduling service feature powered by Synology Internet Transfer Accelerator (SITA)

File Services

Features

  • Comprehensive support of networking protocols — FTP, SMB, AFP, NFS, rsync, and WebDAV — on DSM to provide quick and secure sharing of critical digital assets and to offer seamless file sharing across Windows®, macOS®, and Linux® platforms
  • One compact, little box is enough to access files anytime and anywhere, via computer or mobile devices, and without any storage devices on hand
  • Integration with Universal Search and Finder on Mac to enable quick and in-depth search of indexed documents, photos, and other contents within mounted folders on Synology NAS

SMB protocol

Specifications

  • Up to 10,000 concurrent SMB connections (Capability varies depending on product model)
  • SMB1, SMB2, SMB3 end-to-end encryption, and Large MTU support
  • Flexible user option to restore Previous Versions of files and folders on Windows
  • Integrates Finder on Mac with Synology Universal Search
  • Supports full Windows ACL with up to 200 explicit permissions
  • Supports Recycle Bin
  • Supports server-side copy on Windows
  • Supports File Fast Clone on Btrfs file system
  • Supports sparse file
  • Supports Time Machine on macOS 10.12 and later versions
  • Supports transfer logs to monitor and record file access operations
  • Supports SMB signing
  • Advanced SMB options:
    • General
      • Access settings for selected SMB versions
      • Transport encryption mode on SMB3
      • Veto criteria
      • Opportunistic Locking
      • SMB2 lease
      • SMB durable handles
      • Wildcard search cache
    • macOS
      • VFS module to convert Mac special characters
    • Others
      • Wide links
      • MSDFS VFS module
      • DirSort VFS module
      • Symbolic links
      • Local Master Browser
      • Disabling multiple connections from the same IP address
      • Strict allocate
      • Debug logs
      • Apply default UNIX permissions

Limitations

  • The minimum SMB protocol cannot be set to the SMB3. As SMB3 on DSM refers to SMB3.1.1, setting SMB3 as the minimum SMB protocol will prevent client devices supporting earlier SMB3 versions from accessing Synology NAS via the SMB protocol
  • Concurrent connections (up to 10,000) are shared between SMB, AFP, and FTP protocols
  • Workgroup name can contain up to 15 characters but cannot include the following characters: [ ] ; : " < > * + = \ / | ? ,
  • Disallowing access to Previous Versions is only available on vDSM and product models with the following package architectures: Apollo Lake, Avoton, Braswell, Broadwell, Bromolow, Cedarview, and Grantley (See this article for information on Synology NAS system models and corresponding package architectures)
  • Anonymous logon for the SMB protocol is not supported when transport encryption mode is enabled
  • Opportunistic Locking should be applied to avoid application timeouts when transport encryption mode is enabled
  • Enabling Local Master Browser will disable HDD hibernation and activate the guest account without a password
  • Integration with Finder on Mac to search for indexed folders via the SMB protocol is not available on NVR216 and VS360HD
  • Enabling SMB signing may reduce read/write performance during SMB file transfer

NFS protocol

Specifications

  • Supports NFS version 2, 3, 4, and 4.1 protocols
  • Supports NFS 4.1 multipathing
  • Supports UNIX/Kerberos security styles
  • Customized service ports
  • Read/write packet size settings

Limitations

  • Kerberos is only supported by the NFS protocol on specific product models (See product spec for more information)

AFP protocol

Specifications

  • Up to 10,000 concurrent AFP connections (Capability varies depending on product model)
  • Integrates Finder on Mac with Synology Universal Search
  • Supports Time Machine on macOS
  • Supports Bonjour Time Machine broadcast
  • Supports File Fast Clone on Btrfs file system
  • Supports extended file attributes for color label/icon/extra information on macOS
  • Supports Recycle Bin
  • Supports transfer logs to monitor records of file manipulation
  • Advanced AFP options:
    • Apply default UNIX permissions
    • Release resources immediately after disconnection

Limitations

  • Integration with Finder on Mac to search for indexed folders is not available on NVR (Network Video Recorder) series
  • Integration with Finder on Mac to search mounted folders by tag name and category is only available on macOS 10.9 and later versions
  • Only a maximum of 255 shared folders can be displayed (in alphabetical order) when being accessed via the AFP protocol; however, the total number of created shared folders may exceed that number
  • Concurrent connections (up to 10,000) are shared between SMB, AFP, and FTP protocols

FTP protocol

Specifications

  • Up to 10,000 concurrent FTP connections (Capability varies depending on product model)
  • Supports FTP, FTP over SSL/TLS (explicit mode), and SFTP protocols
  • Timeout settings to disconnect idle users
  • Customized port ranges for passive FTP connections
  • Server-to-server file transfer via FXP (File eXchange Protocol)
  • Connection restriction settings for IP addresses
  • Speed limit settings for specific users or groups
  • Supports OpenSSL FIPS 140-2 validated cryptography module to enhance the security of FTPS sessions
  • Supports ASCII transfer mode
  • Supports UTF-8 encoding for files with multilingual filenames
  • Supports Recycle Bin
  • Advanced FTP options:
    • Root directory for each user
    • Anonymous FTP
    • Transfer logs
    • Apply default UNIX permissions

Limitations

  • Server cannot be accessed via the FTP protocol by the "guest" account

WebDAV

Specifications

  • Speed limit settings for specific users or groups
  • Supports WebDAV over HTTP/HTTPS
  • Supports Anonymous WebDAV
  • Supports DavDepthInfinity to access and delete files without file path length restrictions on client tools
  • Supports transfer logs to monitor and record file access operations
  • Supports CalDAV

Rsync

Specifications

  • Supports rsync version 3.0.9 protocol
  • Supports customized rsync configuration to assign user privileges
  • Supports SSH encryption protocol during file transfer
  • Supports SSH port customization
  • Speed limit settings (scheduled and non-scheduled) for specific users or groups
  • Packages and services running the rysnc protocol:
    • Shared Folder Sync
    • Time Backup
    • LUN backup
    • rsync backup

File Station

Features

  • Drag and drop files between browser windows
  • Directly connect to a remote server or public cloud service within File Station
  • Browse and manage files stored on the Synology NAS
  • WebDAV/WebDAV over HTTPS/FTP/SFTP client
  • Share files as email attachments with built-in email client
  • Share files with other users on the same Synology NAS
  • Search files according to various criteria
  • Index various types of files for a more effective and efficient search result
  • Thumbnail and list views
  • Compress/extract archived files
  • Windows ACL editor
  • Remote Folder supports mounting folders on other SMB1/SMB2/SMB3/NFS file servers
  • Photo Viewer and Video Player to view photos and videos
  • Audio Player to play music files
  • Set speed limits for specific users or groups
  • Transfer Logs
  • Virtual Drive to mount and access ISO images
  • Create sharing links to allow people without DSM user credentials to access folders and files
  • Create file request to easily collect files from others
  • Supports Recycle Bin
  • Support up to 16,000 local user accounts*
  • Support up to 512 local groups*
  • Support up to 512 shared folders*

Notes:

  1. Please note that the figures marked in asterisks are derived from the Synology lab by using high-performance client computers with optimized network settings, and could vary in different environments.