Built-in Firewall for QNAP Appliances

QuFirewall is the built-in firewall app used by the QTS, QuTS hero, QNE Network, and QuTScloud operating systems used by QNAP appliances. You can allow/deny IP addresses and regions to prevent unauthorized access and brute force attacks for safeguarding data and service security.

Protect data and service security

With potential threats all around us, it is no longer safe to solely rely on network-based firewall appliances (perimeter) at the edge of your local network. With the Zero Trust Networks concept, you can install and enable QuFirewall to set up a host-based firewall (microperimeter) around your vital data and services on QNAP appliances. Combined with user authentication, permission settings and other security features provided by QNAP, your appliance will be strong and resilient against hackers, malware, and other threats.

Three preset profiles for quick protection

QuFirewall comes with three fully-customizable profiles for protecting your QNAP appliance. Select one as your starting point and make customizations to fit your specific needs.

Basic protection

Allows all ports on the NAS LAN subnet and the selected region

Include subnets only

Allows all ports on the NAS LAN subnet only

Restricted security

Allows some ports on the NAS LAN subnet and the selected region only

Defend against attacks

Blocks suspicious packets from the onion routing (Tor)

QuFirewall blocks packets that are suspected to be sent by Tor, an anonymous communication connection, to prevent your NAS from being attacked.

Updated every day

QuFirewall detects suspicious onion routing and malicious bots every day, and dynamically updates the block list of malicious packets, ensuring the security of your QNAP devices.

Set rules by regions

QuFirewall includes GeoLite2 data created by MaxMind. You can select which region to allow/deny access to your QNAP appliance, effectively enhancing security if your data and services should only be available to specific geographic locations.

View firewall event statistics

Quickly check the number of firewall events over time. If needed, you can also capture denied packets for a specified time period.

Active monitoring by packet capture and inspection

QuFirewall can record denied packets for a specific duration of time and perform deep packet inspection on attacking sources, protocols and service ports. It also provides PCAP (packet capture) files to enable further analysis to effectively mitigate malicious attacks.

Manual event capturing

Manually enable event capturing at any time.

Automatic event capturing

When occurring events exceed preset limits during a set period of time, the system will automatically start capturing packets.

Deep packets inspection

The captured packets results will be saved as PCAP (packet capture) files, allowing them to be easily downloaded and analyzed.