Build Defaults

When we build a new Synology NAS for a customer, we will request information such as IP Address(s), Storage and Package requirements as well as pre-configuration for certain packages such as SMB, AFP, NFS etc. 

However the following defaults are always applied - unless you request
otherwise. We have automated tools to configure this which is why it's
the same each time.

• Volumes are BTRFS unless requested otherwise. 
• RAID volumes are SHR unless requested otherwise. 
• Encrypted Volumes are not enabled unless requested otherwise. 

All hard drives will be expected to pass a SMART test, and smart data is extracted and recorded. Volumes are expected to complete an optimisation (or scrub depending on filesystem).

Default Configurations

The default ports are changed as is best practice for security purposes, to:

• HTTP 64500
• HTTPS 64501

Assigned IP is configured on Port 1 by default and this is what you should connect to your network. If other IPs/VLANs have been requested these are also configured on those specific ports, otherwise they are left as DHCP. DO NOT plug a LAN cable into a port that isn't configured. Where link aggregation is supported and required, this should be configured post install. 

Firewall is not enabled. The configuration of the firewall is environment specific and should be done post install by either in-house tech teams or our third line teams. If remote access is required then our tech teams will configure our managed routers to provide system protection as required. 

User: is created with admin rights to administer the NAS. A strong password is created without 2FA. This password will be provided securely. You may enable 2FA if you wish at a later date, and we would recommend this. 

User: Admin & guest are disabled, and we create a new account which will be on your ticket for Admin. 

User: GENADMIN is created with a random strong password - this is for future remote support and configuration, and can be used if the admin user is lost or disabled. We use this rather than your admin account so that your NAS records our actions under our login and separates them from other admin actions. You can disable this if you wish.

SSH is enabled by default, on port 64822 and NOT exposed to the internet. We do this so that in the event the web interface fails for some reason, we can still gain access to the box to investigate and resolve. You can disable this if you wish.