Synology's Firewall Increases the Security of a Synology NAS...but should you use it?
Рет қаралды 6,137
Күн бұрынSynology's Firewall in DSM limits traffic from devices attempting to connect TO a Synology NAS, but should you use it?
🎯 Tutorials, comparisons, reviews: www.wundertech.net
✅ Written Instructions: www.wundertech.net/how-to-set...
✅ Reset Synology NAS (Mode 1): kb.synology.com/en-my/DSM/tut...
🚀 Hire Me: www.wundertech.net/wundertech...
⚡Best Synology NAS Devices: www.wundertech.net/which-syno...
⚡Product Recommendations: link.wundertech.net/rmYt
🔔 Subscribe for more tech-related tutorials and overviews: link.wundertech.net/ssYt
DISCLAIMER: The information in this video has been self-taught through years of technical tinkering. While we do our best to provide accurate, useful information, we make no guarantee that our viewers will achieve the same level of success. WunderTech does not assume liability nor responsibility to any person or entity with respect to damage caused directly or indirectly from its content or associated media. Use at your own risk.
WunderTech is a trade name of WunderTech, LLC.
0:00 Intro
0:18 What is a Firewall?
0:40 How Synology's Firewall Works
1:44 How to Configure the Firewall in DSM
4:38 Creating Firewall Rules & Limiting Traffic
12:51 When should you use Synology's Firewall?
14:12 Final Thoughts
@gearboxworks Ай бұрын
This is exactly the kind of content I come to KZfaq to see: Content that demystifies a complex topic and helps the viewer learn how to get started with a reasonable amount of detail to get started actually doing something useful with the knowledge. Kudos.
@WunderTechTutorials Ай бұрын
Thanks for the kind words!
@kevinhughes9801 Ай бұрын
Excellent breakdown thank you
@blcjck8121 Ай бұрын
Another great video, Frank 👍 I will say, that if you have gone to the trouble of setting up a NAS, that you want to access from WAN (and even if you don't), you most definitely should setup the firewall as well. Also I think it's a good idea to configure specific LAN interfaces, especially if you only use one as most people probably do. Reason being if you accidentally lock yourself out with a rule, you don't have to reset network config, just simply switch interfaces (provided you haven't enabled 'deny access' in each interface ofc.).
@QuikTechSolutions Ай бұрын
Fantastic video Frank. Your presentation is so clearly articulated as always. Love how the Synology firewalls are consistent across all Synology products.
@WunderTechTutorials Ай бұрын
Thanks, Tony! I really appreciate the kind words and appreciate you watching. Means a lot coming from you!
@TechMeOut5 Ай бұрын
Thank you for this important video Frank. I think you just made a very standoffish topic a lot more reachable and feasable. This is huge!
@WunderTechTutorials Ай бұрын
Thanks for watching, Avi!
@DavidM2002 Ай бұрын
I use Tailscale to access my DS920+ remotely but with no open ports on the router. I probably don't need the firewall but I set it up anyway. I used very basic rules : Allow all internal network IP addresses, and the 2 or 3 Tailscale IP addresses, and a couple of others. Deny / Allow certain geographic locations. It hasn't caused any problems after several months in use. There appears to be no downside in using the firewall so why not use it.
@TheCynysterMind Ай бұрын
As security conscious as I am. For many home setups the built in firewall might cause more issues than it is worth. My home setup is Fiber Modem (which has a firewall active) to my Netgear RAX (which also has a firewall and VLAN) The first 2 firewalls block everything to my internal network... setting up the firewall on my NAS I think is just overkill K.I.S.S. is a sensible take here. Obviously if your network setup is more open, (but why is it so open) then the firewall on the Synology might make sense...
@aliasname5518 Ай бұрын
For people exposing their nas: I host some docker services from my nas and I linked my domain to cloudflare where the first filtering happens (location, bots etc.).. On my nas I only allowed cloudflare IP ranges and only on port 443. The good thing with this is that if my home IP gets scanned all ports are closed. For internal services that require a certificate/renewal its a bit annoying lifting all these things to make port 80 accessible.
@WunderTechTutorials Ай бұрын
Great example of what you can do!
@CedroCron Ай бұрын
Frank would there be any benefit to "Deny" all traffic on each specific LAN port while you have a "DENY" (ALL) rule at the bottom of your list on the all interfaces tab as well? Just as a secondary safety?
@WunderTechTutorials Ай бұрын
No benefit, but at the same time, doesn't hurt to add either. Takes a few seconds so if you would feel more comfortable by doing it, go for it!
@CedroCron Ай бұрын
@@WunderTechTutorials That's what I was thinking. Thanks for the reply. Cheers!
@johnwatson4801 Ай бұрын
I'm using your Pihole macvlan setup on my NAS. Does that need any particular setup on the firewall? My firewall is normally off.
@WunderTechTutorials Ай бұрын
If the IP is on the same subnet as the NAS, you shouldn't need any additional configuration. However, if you're using a bridge IP, I believe you'll need to add that for communication from container to NAS.
@PatrickBijvoet 2 күн бұрын
If you configure the firewall so it can be accessed e.g. only from The Netherlands, can one not simply use an VPN like NordVPN or Surfshark to access it?
@WunderTechTutorials 2 күн бұрын
Correct, which is why port forwarding isn't the best option for remote access.
@PatrickBijvoet Күн бұрын
@@WunderTechTutorials I did not configure the Firewall, because it is very confusing. I only use Quickconnect and Tailgate. The Latter because I was just interested how it works. I monitor all connections and until now (more then a year on a DS1622 haven't see any strange traffic. Thanks for your reply.
@MagDag_ Ай бұрын
what about IP6 ?
@WunderTechTutorials Ай бұрын
Yes, it will accept an IPv6 address.
@MagDag_ Ай бұрын
@@WunderTechTutorials Do you need to create a separate rules for both?
@zorka4098 Ай бұрын
I've been watching your videos probably near the beginning of your channel. While they are very informative and helpful, I have one complaint. It might be in the way you edit your videos, or because you think you have to pass a lot of information in as short a time as possible, you need to slow it down and take a breath. One sub-topic will end and the other jumps right in, or the screens shift to quickly, etc. In my personal career (I am retired), I gave a lot of presentations, and you need to give people a few seconds to absorb what you are presenting. Granted, I can just play it over and over until I feel I got it, but I always feel you are rushing through things. I actually drop the youtube speed to .75 from normal so I can follow along better. Thanks for the content.
@WunderTechTutorials Ай бұрын
Thank you for the good feedback and it's something I'm actively working on. I'm aware of it, just having a hard time striking a good balance.
Fabiosa Animated
Рет қаралды 6 МЛН
Dave's Garage
Рет қаралды 567 М.
WunderTech
Рет қаралды 18 М.
Photographer Army
Рет қаралды 9 МЛН