Synology DP320

ActiveProtect Appliance

The Synology ActiveProtect appliance DP320 is a data protection solution that comes preconfigured with hardware that runs ActiveProtect Manager, an operating system designed specifically for backup purposes. With its ability to perform backups, restore, deduplicate, replicate, and manage while ensuring security, the DP320 is an ideal backup server for your small and medium endpoints. It seamlessly integrates all current and future workloads across multiple sites into clusters, enabling centralized management through a single platform. With immutability, air-gapped backups, and access control, the DP320 protects against ransomware attacks, and secures all your data.

Highlights

• Deploy quickly : Set up your server in minutes

• Safeguard all workloads : Protect VMs, SaaS, databases, physical servers, and more

• Visibility : Monitor servers, and backup status on a centralized platform

• Reliable backup : Verify backups and test your disaster recovery plan in a sandboxed environment

• Flexible recovery : Perform bare-metal, file-level recovery, or P2V/V2V instant restoration to meet your RTO needs

• Ransomware defense : Integrate immutability and air-gapped backups with WORM storage against ransomware

• Optimized backup efficiency : Leverage source-side global deduplication and a specialized backup engine

• Data security : Implement least privilege with access controls, firewall, and isolation for a robust architecture

Quick and seamless deployment

Essential configuration such as disk partitioning and raid array setup will be automatically completed, making deployment fast and effortless so that you can start protecting your data immediately.

Protect workloads with specified policies

Safeguard all your workloads, including VMware vSphere, Microsoft Hyper-V, Windows, macOS, Linux, NetApp ONTAP, Nutanix Files, Microsoft 365 services, Oracle Database, and Microsoft SQL server. Establish policies for companies to meet SLA requirements, and automate data protection by detecting existing and future workloads, ensuring that the workloads are secured under the appropriate policies. View, modify, and manage policies with ease.

Reliable backup and flexible recovery

The DP320 supports self-healing functionality with continuous detection of silent data corruption through Btrfs checksum. It ensures zero errors by repairing corrupt data via RAID technology. To verify the recoverability of backup data, disaster recovery drills can be regularly performed in a sandboxed environment without affecting your primary production site. Backup verification is also available, automatically generating recovery drill videos for auditing purposes. In the event of a disaster, data can be flexibly restored based on your Recovery Time Objectives (RTO) via entire machine restoration, file-level recovery, physical-to-virtual (P2V), or virtual-to-virtual (V2V) methods to restore data to the designated location.

Uncompromised ransomware protection

To prevent ransomware attacks, the DP320 protects data backups and backup copies with immutability and write-once-read-many (WORM) storage to ensure that no one can modify data that has been backed up during the specified retention period. Additionally, it integrates encryption capabilities, enabling data to be encrypted locally before being backed up to remote destinations. To further enhance security, you can also isolate the remote environment using the air-gap feature.

Optimized backup efficiency

The DP320 optimizes storage space allocation via hardware and software integration. By optimizing data organization, and consolidating multiple files into a single image, it accelerates data processing. Both backups and backup copies utilize global source-side deduplication, as it compares data at the source and only transmits non-duplicate data to save bandwidth and storage space. 

Data security at its core

The DP320's security mechanism is based on the principle of least-privilege authentication and network protection architecture. This mechanism only allows authorized personnel to access data, restricts access to specific devices, and limits access to the backup infrastructure during designated times to ensure data security. 

• For authorized personnel : Active Directory, LDAP, and SAML 2.0 integration enables enterprises to use existing SSO with MFA and granular permissions to enhance access control.

• For devices : Firewall settings can be configured to only allow access from devices within specified IP ranges and subnets. The built-in management port is an isolated interface dedicated for management purposes. It is separate from data flow to reduce security risks. 

• Enhanced isolation : Secure your remote backup infrastructure via air-gapped solutions to achieve network or physical isolation. Limit network access to specified times or turn your devices on or off.

Specifications :