Security Features - NETGEAR UTM5 Reference Manual

ProSecure Unified Threat Management (UTM) Appliance
file scanning is up to five times faster than with traditional antivirus solutions—a performance
advantage that you will notice.
Stream Scanning also enables organizations to withstand massive spikes in traffic, as in the
event of a malware outbreak. The scan engine has the following capabilities:
• Real-time protection. The patent-pending Stream Scanning technology enables
scanning of previously undefended real-time protocols, such as HTTP. Network activities
susceptible to latency (for example, web browsing) are no longer brought to a standstill.
• Comprehensive protection. Provides both web and email security, covering six major
network protocols: HTTP, HTTPS, FTP, SMTP, POP3, and IMAP. The UTM uses
enterprise-class scan engines employing both signature-based and distributed spam
analysis to stop both known and unknown threats. The malware database contains
hundreds of thousands of signatures of spyware, viruses, and other malware.
• Objectionable traffic protection. The UTM prevents objectionable content from
reaching your computers. You can control access to the Internet content by screening for
web services, web addresses, and keywords within web addresses. You can log and
report attempts to access objectionable Internet sites.
• Application control. The UTM provides application control for entire categories of
applications, individual applications, or a combination of both. You can either globally
allow or block applications or configure custom application control profiles for groups of
users, individual users, or a combination of both. The UTM supports multiple applications.
• Automatic signature updates. Malware signatures are updated as frequently as every
hour, and the UTM can check automatically for new signatures as frequently as every 15
minutes.

Security Features

The UTM is equipped with several features designed to maintain security:
• PCs hidden by NAT. NAT opens a temporary path to the Internet for requests originating
from the local network. Requests originating from outside the LAN are discarded,
preventing users outside the LAN from finding and directly accessing the computers on
the LAN.
• Port forwarding with NAT. Although NAT prevents Internet locations from directly
accessing the PCs on the LAN, the UTM allows you to direct incoming traffic to specific
PCs based on the service port number of the incoming request. You can specify
forwarding of single ports or ranges of ports.
• DMZ port. Incoming traffic from the Internet is usually discarded by the UTM unless the
traffic is a response to one of your local computers or a service for which you have
configured an inbound rule. Instead of discarding this traffic, you can use the dedicated
demilitarized zone (DMZ) port to forward the traffic to one PC on your network.
Introduction
18