Page 1 ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600 Reference Manual 350 East Plumeria Drive San Jose, CA 95134 January 2011 202-10519-06...
Page 2: Technical Support
NETGEAR, Inc. Technical Support Thank you for choosing NETGEAR. To register your product, get the latest product updates, or get support online, visit us at http://support.netgear.com.
Page 3 ProSecure Web/Email Security Threat Management (STM) Appliance 202-10519-06 February 2011 (continued) (continued) (continued) • Revised the Setup Wizard update settings information (see Setup Wizard Step 7 of 11: Update Settings), software update information (see Updating the Software), and system status information (see Viewing System Status).
Page 4: Table Of Contents
Contents Chapter 1 Introduction What Is the ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600?........8 What Can You Do with an STM? .
Page 5 Testing HTTP Scanning ........49 Registering the STM with NETGEAR ......50 What to Do Next .
Page 6 ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Web Content Filtering ......109 Configuring Web URL Filtering.
Page 7 Installing Hot Fixes ........229 Sending Suspicious Files to NETGEAR for Analysis ....230 Accessing the Knowledge Base and Documentation .
Page 8: Chapter 1 Introduction
Introduction This chapter provides an overview of the features and capabilities of the ProSecure Web/Email Security Threat Management Appliance STM150, STM300, and STM600. It also identifies the physical features of the appliances and the contents of the product packages. This chapter contains the following sections: •...
Page 9: What Can You Do With An Stm
ProSecure Web/Email Security Threat Management (STM) Appliance What Can You Do with an STM? The STM combines robust protection against malware threats with ease of use and advanced reporting and notification features to help you deploy and manage the device with minimal effort.
Page 10: Stream Scanning For Content Filtering
ProSecure Web/Email Security Threat Management (STM) Appliance Up to 239 MB/s HTTP throughput Up to 960,000 emails per hour SMTP throughput • Stream Scanning technology that enables scanning of real-time protocols such as HTTP. • Comprehensive Web and email inbound and outbound security, covering six major network protocols: HTTP, HTTPS, FTP, SMTP, POP3, and IMAP.
Page 11: Autosensing Ethernet Connections With Auto Uplink
ProSecure Web/Email Security Threat Management (STM) Appliance • Comprehensive protection. Provides both Web and email security, covering six major network protocols: HTTP, HTTPS, FTP, SMTP, POP3, and IMAP. The STM uses enterprise-class scan engines employing both signature-based and distributed spam analysis to stop both known and unknown threats.
Page 12: Maintenance And Support
ProSecure Web/Email Security Threat Management (STM) Appliance Maintenance and Support NETGEAR offers technical support seven days a week, 24 hours a day. Information about support is available on the NETGEAR ProSecure website at http://prosecure.netgear.com/support/index.php. STM Model Comparison The following table compares the three STM models to show the differences: Table 1.
Page 13: Package Contents
STM are no longer displayed on the Registration screen. However, after you have reconfigured the STM to connect to the Internet and to the NETGEAR registration server, the STM retrieves and restores all registration information based on its MAC address and hardware serial number.
Page 14: Hardware Features
Depending on the model purchased, service registration card with one or more license keys If any of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in case you need to return the product for repair.
Page 15 ProSecure Web/Email Security Threat Management (STM) Appliance Note: All Gigabit Ethernet ports provide switched N-way, automatic speed-negotiating, auto MDI/MDIX technology. The function of each STM150 LED is described in the following table: Table 2. LED Descriptions for the STM150 Object Activity Description Power...
Page 16 ProSecure Web/Email Security Threat Management (STM) Appliance Table 2. LED Descriptions for the STM150 (Continued) Object Activity Description Right LED The LAN port is operating at 10 Mbps. On (amber) The LAN port is operating at 100 Mbps. On (green) The LAN port is operating at 1000 Mbps.
Page 17 ProSecure Web/Email Security Threat Management (STM) Appliance The function of each STM300 LED is described in the following table: Table 3. LED Descriptions for the STM300 Object Activity Description Power On (green) Power is supplied to the STM. Power is not supplied to the STM. Status On (amber) during The STM is initializing.
Page 18 ProSecure Web/Email Security Threat Management (STM) Appliance Front Panel STM600 The following figure shows the front panel ports and LEDs of the STM600: 2) Power LED 7) Pair 1 LEDs 8) Pair 2 LEDs 3) Status LED 6) Mgmt port 8) Pair 2 ports 5) USB port 1) Console port...
Page 19 ProSecure Web/Email Security Threat Management (STM) Appliance The function of each STM600 LED is described in the following table: Table 4. LED Descriptions for the STM600 Object Activity Description Power On (green) Power is supplied to the STM. Power is not supplied to the STM. Status On (amber) during The STM is initializing.
Page 20: Rear Panel Features
ProSecure Web/Email Security Threat Management (STM) Appliance Rear Panel Features The rear panel of the STM150 differs from the rear panels of the STM300 and STM600. Rear Panel STM150 The following figure shows the rear panel components of the STM150: 4) Reset button 2) Lock 1) Console port...
Page 21 ProSecure Web/Email Security Threat Management (STM) Appliance Rear Panel STM300 and STM600 The rear panels of the STM300 and STM600 are identical. The following figure shows the rear panel components of the STM300 and STM600: 1) Power switch 2) AC power socket Figure 6.
Page 22: Bottom Panel With Product Label
ProSecure Web/Email Security Threat Management (STM) Appliance Bottom Panel with Product Label The product label on the bottom of the STM’s enclosure displays the STM’s default IP address, default user name, and default password, as well as regulatory compliance, input power, and other information.
Page 23: Choosing A Location For The Stm
ProSecure Web/Email Security Threat Management (STM) Appliance STM600 Product Label Figure 9. Choosing a Location for the STM The STM is suitable for use in an office environment where it can be freestanding (on its runner feet) or mounted into a standard 19-inch equipment rack. Alternatively, you can rack-mount the STM in a wiring closet or equipment room.
Page 24: Using The Rack-Mounting Kit
ProSecure Web/Email Security Threat Management (STM) Appliance Using the Rack-Mounting Kit Use the mounting kit for the STM to install the appliance in a rack. (A mounting kit is provided in the product package for the STM.) The mounting brackets that are supplied with the STM are usually installed before the unit is shipped out.
Page 25: Choosing A Deployment Scenario
Using the Setup Wizard to Perform the Initial Configuration on page 32 • Verifying Correct Installation on page 49 • Registering the STM with NETGEAR on page 50 • What to Do Next on page 51 Choosing a Deployment Scenario The STM is an inline transparent bridge appliance that can easily be deployed to any point on the network without the need for network reconfiguration or additional hardware.
Page 26: Server Group
ProSecure Web/Email Security Threat Management (STM) Appliance The following figure shows a typical gateway deployment scenario: Figure 11. Server Group In a server group deployment, one STM appliance is installed at the gateway and another in front of the server group to help protect the email server from threats from internal as well as external clients.
Page 27: Segmented Lan Deployment
Web/Email Security Threat Management Appliance STM150, STM300, or STM600 Installation Guide for complete steps. A PDF of the Installation Guide is on the NETGEAR ProSecure™ website at http://prosecure.netgear.com/resources/document-library.php. Log in to the STM. After logging in, you are ready to set up and configure your STM. See Logging In to the STM on page 28.
Page 28: Qualified Web Browsers
IP address, you need to use the IP address that you assigned to the STM to log in to the STM. The NETGEAR Configuration Manager Login screen displays in the browser (see the following figure, which shows the STM300).
Page 29 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 15. In the User Name field, type admin. Use lowercase letters. In the Password field, type password. Here, too, use lowercase letters. Note: The STM user name and password are not the same as any user name or password you might use to log in to your Internet connection.
Page 30: Understanding The Web Management Interface Menu Layout
ProSecure Web/Email Security Threat Management (STM) Appliance Click Login. The Web Management Interface displays, showing the Dashboard screen (see the following figure, which shows only the top part of the screen). For information about this screen, see Understanding the Information on the Dashboard Screen on page 184.
Page 31 ProSecure Web/Email Security Threat Management (STM) Appliance 3rd level: Submenu tab (blue) 2nd level: Configuration menu link (gray) 1st level: Main navigation menu link (orange) Figure 17. The Web Management Interface menu consists of the following components: • 1st Level: Main navigation menu links. The main navigation menu in the orange bar across the top of the Web Management Interface provides access to all the configuration functions of the STM, and remains constant.
Page 32: Using The Setup Wizard To Perform The Initial Configuration
ProSecure Web/Email Security Threat Management (STM) Appliance • Cancel. Cancel the operation. • Send Now. Send a file or report. When a screen includes a table, table buttons are displayed to let you configure the table entries. The nature of the screen determines which table buttons are shown. The following figure shows an example: Figure 19.
Page 33: Setup Wizard Step 1 Of 10: Introduction
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 1 of 10: Introduction Figure 20. The first Setup Wizard screen is just an introductory screen. Click Next to go to the following screen. Setup Wizard Step 2 of 11: Networking Settings Figure 21.
Page 34 For most Ethernet networks the MTU value is 1500 bytes, which is the default setting. Note: NETGEAR recommends synchronizing the STM’s MTU setting with that of your network to prevent delays in transmission. 34 | Chapter 2. Using the Setup Wizard to Provision the STM in Your Network...
Page 35: Setup Wizard Step 3 Of 11: Time Zone
Use Default NTP Servers The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by contacting a default NETGEAR NTP server on the Internet. This is the default setting. Chapter 2. Using the Setup Wizard to Provision the STM in Your Network...
Page 36 Note: If you select this option but leave either the Server 1 or Server 2 field blank, both fields are automatically set to the default NETGEAR NTP servers. Note: A list of public NTP servers is available at http://support.ntp.org/bin/view/Servers/WebHome.
Page 37: Setup Wizard Step 4 Of 11: Email Security
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 4 of 11: Email Security Figure 23. Enter the settings as explained in the following table, and then click Next to go the following screen. Note: After you have completed the steps in the Setup Wizard, you can make changes to the email security settings by selecting Email Security >...
Page 38 ProSecure Web/Email Security Threat Management (STM) Appliance Table 7. Setup Wizard Step 4: Email Security Settings Setting Description (or Subfield and Description) Services to Scan SMTP SMTP scanning is enabled by default on standard service port 25. To disable any of these services, clear the corresponding check box.
Page 39: Setup Wizard Step 5 Of 11: Web Security
25600 KB. Note: Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats. Setup Wizard Step 5 of 11: Web Security Figure 24.
Page 40 ProSecure Web/Email Security Threat Management (STM) Appliance Note: After you have completed the steps in the Setup Wizard, you can make changes to the Web security settings by selecting Web Security > Policy or Web Security > HTTP/HTTPS > Malware Scan.
Page 41 25600 KB. Note: Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats. Chapter 2. Using the Setup Wizard to Provision the STM in Your Network...
Page 42: Setup Wizard Step 6 Of 11: Email Notification Server Settings
Email Notification Server Settings Show as Mail Sender A descriptive name of the sender for email identification purposes. For example, enter stm600notification@netgear.com. Send Notifications to The email address to which the notifications should be sent. Typically, this is the email address of a user with administrative privileges.
Page 43: Setup Wizard Step 7 Of 11: Update Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 7 of 11: Update Settings Figure 26. Enter the settings as explained in the following table, and then click Next to go the following screen. Note: After you have completed the steps in the Setup Wizard, you can make changes to the security subscription update settings by selecting Administration >...
Page 44 Select one of the following radio buttons: • Default Update Server. The scan engine and signatures are updated from the NETGEAR default update server. • Another Update Server. The scan engine and signatures are updated from a server that you specify by entering the server IP address or host name in the Server Address field.
Page 45: Setup Wizard Step 8 Of 11: Http Proxy Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 8 of 11: HTTP Proxy Settings Figure 27. Enter the settings as explained in the following table, and then click Next to go the following screen. Note: After you have completed the steps in the Setup Wizard, you can make changes to the security subscription update settings by selecting Global Settings>...
Page 46: Setup Wizard Step 9 Of 11: Web Categories
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 9 of 11: Web Categories Figure 28. Enter the settings as explained in the following table, and then click Next to go the following screen. 46 | Chapter 2. Using the Setup Wizard to Provision the STM in Your Network...
Page 47 ProSecure Web/Email Security Threat Management (STM) Appliance Note: After you have completed the steps in the Setup Wizard, you can make changes to the content filtering settings by selecting Web Security > HTTP/HTTPS > Content Filtering. The Content Filtering screen lets you specify additional filtering tasks and notification settings.
Page 48: Setup Wizard Step 10 Of 11: Configuration Summary
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 10 of 11: Configuration Summary Figure 29. Click Apply to save your settings and automatically restart the system, or click Back to make changes to the configuration. 48 | Chapter 2. Using the Setup Wizard to Provision the STM in Your Network...
Page 49: Setup Wizard Step 11 Of 11: Restarting The System
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 11 of 11: Restarting the System Figure 30. Wizard screen 11 is just an informational screen to let you know that the system restarts automatically with the new configuration. Verifying Correct Installation Test the STM before deploying it in a live production environment.
Page 50: Registering The Stm With Netgear
ProSecure Web/Email Security Threat Management (STM) Appliance Registering the STM with NETGEAR To receive threat management component updates and technical support, you need to register your STM with NETGEAR. The support registration keys are provided with the product package (see Service Registration Card with License Keys on page 12).
Page 51: What To Do Next
3 step 5 for additional license keys. The STM activates the licenses and registers the unit with the NETGEAR registration server. Note: If you reset the STM to the original factory default settings after you have entered the license keys to activate the STM (see...
Page 52: Chapter 3 Performing Network And System Management
Performing Network and System Management This chapter describes the network settings, the system management features, and ways to improve the performance of the STM. If you have used the Setup Wizard, you have already configured some of these settings, but there are situations in which you might want to modify them.
Page 53 ProSecure Web/Email Security Threat Management (STM) Appliance STM600 or STM300 uplink and downlink interfaces, or for the STM150’s WAN and LAN interfaces. To configure the STM’s network settings: Select Global Settings > Network Settings from the menu. The Network Settings submenu tabs display with the Network Settings screen in view.
Page 54 ProSecure Web/Email Security Threat Management (STM) Appliance The following figure shows the Interface Speed & Duplex Settings section of the Network Settings screen of the STM150: Figure 34. STM150 Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 13.
Page 55 For most Ethernet networks the MTU value is 1500 bytes, which is the default setting. Note: NETGEAR recommends synchronizing the STM’s MTU setting with that of your network to prevent delays in transmission. Click Apply to save your settings. (If you click Reset, the STM restarts to restore the default network settings.) Changing the network settings has the following consequences:...
Page 56: Configuring Session Limits And Timeouts
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Session Limits and Timeouts The Session Limits screen allows you to specify the total number of sessions per user (that is, per IP address or single source machine) that are allowed on the STM. Session limiting is disabled by default.
Page 57: Configuring The Network Refresh And Permanent Mac Address Bindings
ProSecure Web/Email Security Threat Management (STM) Appliance Select the radio buttons, make your selections from the drop-down list, and complete the fields as explained in the following table: Table 14. Session Limits Settings Setting Description (or Subfield and Description) Session Limits Do You Want to Select the Yes radio button to enable session limits, and then fill in the Limit Type and Enable per-user...
Page 58 ProSecure Web/Email Security Threat Management (STM) Appliance To refresh the network and view the MAC Address Bindings table: Select Global Settings > Network Settings from the menu. The Network Settings submenu tabs display with the Network Settings screen in view. Click the Network Refresh submenu tab.
Page 59: Managing Permanent Mac Address Bindings
ProSecure Web/Email Security Threat Management (STM) Appliance Select the check boxes and radio buttons and make your selections from the drop-down list as explained in the following table: Table 15. Network Refresh Settings Setting Description (or Subfield and Description) Automatically Refresh the Network Periodically Select this check box to enable the periodic refresh of the dynamic MAC address refresh the MAC...
Page 60: Configuring The Http Proxy Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 16. MAC Address Binding Settings Setting Description MAC Address Enter the MAC address that you want to bind permanently. Port (STM150) or Interface From the drop-down list, select the interface to which the MAC address needs (STM300 and STM600)
Page 61: About Users With Administrative And Guest Privileges
ProSecure Web/Email Security Threat Management (STM) Appliance Internet. The settings on the HTTP Proxy screen affect Web category filtering, distributed spam analysis, and software updates. To configure the HTTP proxy: Select Global Settings > HTTP Proxy from the menu. The HTTP Proxy screen displays: Figure 37.
Page 62: Changing Administrative Passwords And Timeouts
The default user name for a guest is guest, and the default password for a guest is guest. NETGEAR recommends that you change these passwords to more secure passwords. The login window that is presented to the administrator and guest user is the NETGEAR Configuration Manager Login screen (see Figure 87 on page 155).
Page 63 ProSecure Web/Email Security Threat Management (STM) Appliance To modify the administrator or guest settings, select the check box and complete the fields as explained in the following table: Table 18. Set Password Settings Screen: Administrator and Guest Settings Setting Description (or Subfield and Description) User Selection Select one of the following radio buttons: •...
Page 64: Configuring Remote Management Access
The STM is accessible to anyone who knows its IP address and default password. Because a malicious WAN user can reconfigure the STM and misuse it in many ways, NETGEAR highly recommends that you change the admin and guest default...
Page 65: Using An Snmp Manager
ProSecure Web/Email Security Threat Management (STM) Appliance In the Secure HTTPS Management section of the screen, enter number of the port that you want to use to access Web Management Interface of the STM. The default setting is port 443, but you can enter a port ranging from 1024 to 65535. You cannot use some ports such as 2080 and 8088 that might be used by the STM.
Page 66 ProSecure Web/Email Security Threat Management (STM) Appliance To enable SNMP and to configure the SNMP settings: Select Administration > SNMP from the menu. The SNMP screen displays: Figure 40. Select the radio buttons and complete the fields as explained in the following table: Table 20.
Page 67: Supported Mib Browsers
After you have configured the SNMP settings, you need to enter the IP address of the STM in the Management Information Base (MIB) browsers through which you want to query or configure the STM. See the documentation of your MIB browser for instructions. NETGEAR recommends the following MIB browsers for receiving the STM SNMP notifications: •...
Page 68: Backing Up Settings
ProSecure Web/Email Security Threat Management (STM) Appliance The Backup and Restore Settings screen lets you: • Back up and save a copy of the current settings • Restore saved settings from the backed-up file • Revert to the factory default settings. To display the Backup and Restore Settings screen, select Administration >...
Page 69: Restoring Settings
ProSecure Web/Email Security Threat Management (STM) Appliance To back up settings: On the Backup and Restore Settings screen (see the previous figure), next to Save a copy of current settings, click the Backup button to save a copy of your current settings. A dialog box displays, showing the file name of the backup file.
Page 70: Reverting To Factory Default Settings
ProSecure Web/Email Security Threat Management (STM) Appliance To restore settings from a backup file: On the Backup and Restore Settings screen (see Figure 41 on page 68), next to Restore save settings from file, click Browse. Locate and select the previously saved backup file. When you have located the file, click the Restore button.
Page 71: Updating The Software
15 minutes, to ensure that your network protection is current. Scheduling Updates Enabling scheduled updates ensures that the STM automatically downloads the latest components from the NETGEAR update server. Chapter 3. Performing Network and System Management | 71...
Page 72 ProSecure Web/Email Security Threat Management (STM) Appliance To configure scheduled updates: Select Administration > Software Update from the menu. The Software Update screen displays: Figure 42. Select the radio buttons, complete the field, and make your selections from the drop-down lists as explained in the following table: Table 21.
Page 73: Performing A Manual Update
Select one of the following radio buttons: • Default Update Server. The scan engine and signatures are updated from the NETGEAR default update server. • Another Update Server. The scan engine and signatures are updated from a server that you specify by entering the server IP address or host name in the Server Address field.
Page 74: Critical Updates That Require A Restart
ProSecure Web/Email Security Threat Management (STM) Appliance After the update has finished, click Apply to activate the newly updated software. Critical Updates That Require a Restart If a downloaded update requires a restart, you are prompted to perform the update when you log in to the STM.
Page 75 Use Default NTP The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by Servers contacting a default NETGEAR NTP server on the Internet. This is the default setting. Chapter 3. Performing Network and System Management | 75...
Page 76: Managing Digital Certificates
Note: If you select this option but leave either the Server 1 or Server 2 field blank, both fields are automatically set to the default NETGEAR NTP servers. Note: A list of public NTP servers is available at http://support.ntp.org/bin/view/Servers/WebHome.
Page 77 CA provides a strong assurance of the server’s identity. The STM contains a self-signed digital certificate from NETGEAR. This certificate can be downloaded from the STM login screen or from the Certificate Management screen for browser import.
Page 78: Managing The Certificate For Https Scans
Click Download for browser import. Follow the instructions of your browser to save the RootCA.crt file on your computer. To reload the default NETGEAR certificate: Select the Use NETGEAR default certificate radio button. Click Apply to save your settings. 78 |...
Page 79: Managing Trusted Certificates
ProSecure Web/Email Security Threat Management (STM) Appliance To import a new certificate: Select the Use imported certificate (PKCS12 format) radio button. Click Browse next to the Import from File field. Navigate to a trusted certificate file on your computer. Follow the instructions of your browser to place the certificate file in the Import from File field.
Page 80: Managing Untrusted Certificates
ProSecure Web/Email Security Threat Management (STM) Appliance To view details of a trusted certificate: From the Trusted Certificate Authorities table, select the certificate. Click View Details. A new screen opens that displays the details of the certificate. To delete a trusted certificate: From the Trusted Certificate Authorities table, select the certificate.
Page 81: Managing The Quarantine Settings
ProSecure Web/Email Security Threat Management (STM) Appliance To delete an untrusted certificate: From the Untrusted Certificates table, select the certificate. Click Delete Selected. To move an untrusted certificate to the Trusted Certificate Authorities table: From the Untrusted Certificates table, select the certificate. Click Add to Trusted List.
Page 82: Managing The Stm's Performance
ProSecure Web/Email Security Threat Management (STM) Appliance Select the radio buttons, complete the field, and make your selections from the drop-down lists as explained in the following table: Table 23. Quarantine Settings Setting Description (or Subfield and Description) Malware Quarantine Area Size Specify the maximum amount of memory in MB that is allocated to malware quarantine.
Page 83 ProSecure Web/Email Security Threat Management (STM) Appliance You can adjust the following features of the STM in such a way that the traffic load on the WAN side decreases. • Email content filtering. To reduce incoming email traffic, you can block emails with large attachments, reject emails based on keywords, file extensions, or file names, and set spam protection rules.
Page 84: Chapter 4 Content Filtering And Optimizing Scans
Content Filtering and Optimizing Scans This chapter describes how to apply the content filtering features of the STM and how to optimize scans to protect your network. This chapter contains the following sections: • About Content Filtering and Scans on this page •...
Page 85: Default Email And Web Scan Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Default Email and Web Scan Settings For most network environments, the default scan settings and actions that are shown in the following table work well, but you can adjust these to meet the needs of your specific environment.
Page 86 ProSecure Web/Email Security Threat Management (STM) Appliance Table 24. Default Email and Web Scan Settings (Continued) Scan Type Default Scan Setting Default Action (if applicable) Tools Alexa Toolbar Allowed GoToMyPC Allowed Weatherbug Allowed Yahoo Toolbar Allowed Web Objects Embedded Objects (ActiveX/Java/Flash) Allowed Javascript Allowed Proxy...
Page 87: Configuring Email Protection
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Email Protection The STM lets you configure the following settings to protect the network’s email communication: • The email protocols that are scanned for malware threats • Actions that are taken when infected emails are detected •...
Page 88: Customizing Email Anti-Virus Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Select the check boxes and complete the fields and as explained in the following table: Table 25. Email Policy Settings Setting Description Services to Scan SMTP Select the SMTP check box to enable Simple Mail Transfer Protocol (SMTP) scanning. This service is enabled by default and uses default port 25.
Page 89 ProSecure Web/Email Security Threat Management (STM) Appliance Action Settings To configure the email antivirus action settings: Select Email Security > Anti-Virus from the menu. The Anti-Virus submenu tabs display with the Action screen in view: Figure 52. Make your selections from the drop-down lists as explained in the following table: Table 26.
Page 90 ProSecure Web/Email Security Threat Management (STM) Appliance Table 26. Email Anti-Virus Action Settings (Continued) Setting Description POP3 From the POP3 drop-down list, specify one of the following actions to be taken when an infected email is detected: • Quarantine attachment. The email is not blocked, but the attachment is removed and placed in the malware quarantine for further research.
Page 91 25600 KB. Note: Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats. Click Apply to save your settings.
Page 92: Notification Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Notification Settings To configure the email antivirus notification settings: Select Email Security > Anti-Virus from the menu. The Anti-Virus submenu tabs display with the Action screen in view. Click the Notifications submenu tab. The Notifications screen displays: Figure 54.
Page 93 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields, select the check boxes, and make your selections from the drop-down lists as explained in the following table: Table 28. Email Anti-Virus Notification Settings Setting Description Notification Settings Insert Warning into For SMTP email messages, select this check box to insert a warning into the email Email Subject (SMTP) subject line:...
Page 94: Email Content Filtering
ProSecure Web/Email Security Threat Management (STM) Appliance Table 28. Email Anti-Virus Notification Settings (Continued) Setting Description Subject The default subject line for the notification email is “Malware detected!” You can change this subject line. Message The warning message informs the sender, the recipient, or both about the name of the malware threat.
Page 95 ProSecure Web/Email Security Threat Management (STM) Appliance To configure email content filtering: Select Email Security > Filters from the menu. The Filters screen displays: Figure 55. Chapter 4. Content Filtering and Optimizing Scans | 95...
Page 96 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 29. Email Filter Settings Setting Description (or Subfield and Description) Filter by Subject Keywords Keywords Enter keywords that are detected in the email subject line.
Page 97: Protecting Against Email Spam
Real-time blacklist. Emails from known spam sources that are collected by blacklist providers are blocked. Distributed spam analysis. Emails that are detected as spam by the NETGEAR Spam Classification Center are either tagged, blocked, or quarantined. Chapter 4. Content Filtering and Optimizing Scans...
Page 98 ProSecure Web/Email Security Threat Management (STM) Appliance This order of implementation ensures the optimum balance between spam prevention and system performance. For example, if an email originates from a whitelisted source, the STM delivers the email immediately to its destination inbox without implementing the other spam prevention technologies, thereby speeding up mail delivery and conserving the STM system resources.
Page 99 ProSecure Web/Email Security Threat Management (STM) Appliance To configure the whitelist and blacklist: Select Email Security > Anti-Spam from the menu. The Anti-Spam submenu tabs display, with the Whitelist/Blacklist screen in view: Figure 56. Chapter 4. Content Filtering and Optimizing Scans | 99...
Page 100 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields as explained in the following table: Table 30. Whitelist/Blacklist Settings Setting Description Sender IP Address (SMTP) Whitelist Enter the source IP addresses from which emails can be trusted. Blacklist Enter the source IP addresses from which emails are blocked. Click Apply to save your settings, or click Reset to clear all entries from these fields.
Page 101 ProSecure Web/Email Security Threat Management (STM) Appliance Note: By default, the STM comes with two pre-defined blacklist providers: Spamhaus, and Spamcop. You can add a maximum of 16 blacklist providers to the RBL sources. To enable the real-time blacklist: Select Email Security > Anti-Spam from the menu. The Anti-Spam submenu tabs display, with the Whitelist/Blacklist screen in view.
Page 102 Note: Unlike other scans, you do not need to configure the spam score because the NETGEAR Spam Classification Center performs the scoring automatically as long as the STM is connected to the Internet. However, this does mean that the STM needs to be connected to the Internet for the spam analysis to be performed correctly.
Page 103 ProSecure Web/Email Security Threat Management (STM) Appliance To configure distributed spam analysis and the antispam engine settings: Select Email Security > Anti-Spam from the menu. The Anti-Spam submenu tabs display, with the Whitelist/Blacklist screen in view. Click the Distributed Spam Analysis submenu tab. The Distributed Spam Analysis screen displays: Figure 58.
Page 104 X-NETGEAR-SPAM to drop-down list (see earlier in this table), select this check box to mail header add the X-NETGEAR-SPAM tag to the email header. The default setting is to add the default tag to the email header. Send Quarantine Spam Report...
Page 105: Configuring Web And Services Protection
ProSecure Web/Email Security Threat Management (STM) Appliance Table 31. Distributed Spam Analysis Settings (Continued) Setting Description (or Subfield and Description) Set Public The management port of the STM usually has a LAN IP address assigned, preventing Host/IP Address users from outside the LAN from accessing the STM to look at their quarantined spam and Port email.
Page 106 ProSecure Web/Email Security Threat Management (STM) Appliance To specify the Web protocols and ports that are scanned for malware threats. Select Web Security > Polices from the menu. The (Web) Policy screen displays: Figure 59. Select the check boxes and complete the fields and as explained in the following table: Table 32.
Page 107: Configuring Web Malware Scans
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Web Malware Scans If you have used the Setup Wizard, you might have already configured the Web malware action and exception scan settings; the Malware Scan screen allows you to modify these settings.
Page 108 25600 KB. Note: Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats. HTML Scan...
Page 109: Configuring Web Content Filtering
85, all requested traffic from any website is allowed. You can specify a message such as “Blocked by NETGEAR” that is displayed onscreen if a user attempts to access a blocked site (see the Notification Settings section that is described at the bottom of Table 34 on page 112).
Page 110 ProSecure Web/Email Security Threat Management (STM) Appliance Note: For information about creating custom categories that allow you to set access exceptions for combinations of Web categories, see Creating Custom Categories for Web Access Exceptions page 142. If you have used the Setup Wizard, you might have already configured the Web category blocking settings;...
Page 111 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 62. Content Filtering, screen 2 of 3 Chapter 4. Content Filtering and Optimizing Scans | 111...
Page 112 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 63. Content Filtering, screen 3 of 3 Complete the fields, select the check boxes, and make your selections from the drop-down lists as explained in the following table: Table 34. Content Filtering Settings Setting Description Content Filtering...
Page 113 ProSecure Web/Email Security Threat Management (STM) Appliance Table 34. Content Filtering Settings (Continued) Setting Description Block Files with Select the check box to enable file extension blocking. By default, the File Extension the Following field lists the most common file extensions that are detected. You can manually add or Extensions delete extensions.
Page 114 ProSecure Web/Email Security Threat Management (STM) Appliance Table 34. Content Filtering Settings (Continued) Setting Description Select the Web Categories You Wish to Block Select the Enable Blocking check box to enable blocking of Web categories, which is the default setting. Select the check boxes of any Web categories that you want to block.
Page 115 STM needs to acquire the Web categorizations remotely instead of from its local cache. Click here to To submit a misclassified or uncategorized URL to NETGEAR for analysis, click the Report a URL Click here to Report a URL Misclassification link. A screen opens that allows you to...
Page 116: Configuring Web Url Filtering
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Web URL Filtering If you want to allow or block internal LAN users from access to certain sites on the Internet, use the STM’s Web URL filtering. You can create or import a whitelist that contains domain names and URLs that are accepted, and a blacklist with domain names and URLs that are blocked.
Page 117 ProSecure Web/Email Security Threat Management (STM) Appliance To configure Web URL filtering: Select Web Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs display, with the Malware Scan screen in view. Click the URL Filtering submenu tab. The URL Filtering screen displays: Figure 64.
Page 118 ProSecure Web/Email Security Threat Management (STM) Appliance Select the check boxes and complete the fields and as explained in the following table: Table 35. URL Filtering Settings Setting Description Whitelist (takes precedence over Blacklist) Enable Select this check box to bypass scanning of the URLs that are listed in the URL field. Users are allowed to access the URLs that are listed in the URL field.
Page 119: Https Scan Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Table 35. URL Filtering Settings (Continued) Setting Description Add URL Type or copy a URL in the Add URL field. Then click the Add table button to add the URL to the URL field. Import from File To import a list with URLs into the URL field, click the Browse button and navigate to a file in .txt format that contains line-delimited URLs (that is, one URL per line).
Page 120 ProSecure Web/Email Security Threat Management (STM) Appliance The following figure shows the HTTPS scanning traffic flow: Figure 65. The HTTPS scanning process functions with the following principles: • The STM breaks up an SSL connection between an HTTPS server and an HTTP client into two parts: A connection between the HTTPS client and the STM A connection between the STM and the HTTPS server...
Page 121 ProSecure Web/Email Security Threat Management (STM) Appliance If one of these is not satisfied, a security alert message displays in the browser window: Figure 66. However, even when a certificate is trusted or still valid, or when the name of a certificate does match the name of the website, a security alert message still displays when a user who is connected to the STM visits an HTTPS site.
Page 122 ProSecure Web/Email Security Threat Management (STM) Appliance To configure the HTTPS scan settings: Select Web Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs display, with the Malware Scan screen in view. Click the HTTPS Settings submenu tab. The HTTPS Settings screen displays: Figure 67.
Page 123 ProSecure Web/Email Security Threat Management (STM) Appliance Select the check boxes and complete the field and as explained in the following table: Table 36. HTTPS Settings Setting Description HTTP Tunneling Select this check box to allow scanning of HTTPS connections through an HTTP proxy, which is disabled by default.
Page 124: Specifying Trusted Hosts
ProSecure Web/Email Security Threat Management (STM) Appliance Specifying Trusted Hosts You can specify trusted hosts for which the STM bypasses HTTPS traffic scanning and security certificate authentication. The security certificate is sent directly to the client for authentication, which means that the user does not receive a security alert for trusted hosts. For more information about security alerts, see Managing Digital Certificates on page 76.
Page 125: Configuring Ftp Scans
ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and select the check box as explained in the following table: Table 37. Trusted Hosts Settings Setting Description Do Not Intercept HTTPS Connections for the following Hosts Enable Select this check box to bypass scanning of trusted hosts that are listed in the Hosts field. Users do not receive a security alert for trusted hosts that are listed in the Hosts field.
Page 126 ProSecure Web/Email Security Threat Management (STM) Appliance To configure the FTP scan settings: Select Web Security > FTP from the menu. The FTP screen displays: Figure 69. Complete the fields, select the check boxes, and make your selections from the drop-down lists as explained in the following table: Table 38.
Page 127: Configuring Application Control
25600 KB. Note: Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats. Block Files with the Following Extensions Select the check box to enable file extension blocking.
Page 128 ProSecure Web/Email Security Threat Management (STM) Appliance To enable and configure application control: Select Application from the menu. The Application Control screen displays. Because of the size of this screen, and because of the way the information is presented, the Application Control screen is divided and presented in this manual in three figures: the following figure shows only the very top part of the screen, Figure 71 on page 129...
Page 129 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 71. Application Control, screen 2 of 3 Figure 72. Application Control, screen 3 of 3 After you have configured each section, first click Apply to save the settings before you continue with the next section. You need to save the configuration changes for each section individually.
Page 130: Setting Scanning Exclusions And Web Access Exceptions
ProSecure Web/Email Security Threat Management (STM) Appliance For reference, you can specify access control for the following applications: • Instant Messaging: Google Talk mIRC MSN Messenger Yahoo Messenger • Media Applications: iTunes (Music Store, update) Quicktime (Update) Real Player (Guide) Rhapsody (Guide, Music Store) Winamp (Internet Radio/TV) •...
Page 131 ProSecure Web/Email Security Threat Management (STM) Appliance To configure scanning exclusion rules: Select Global Settings > Scanning Exclusions from the menu. The Scanning Exclusions screen displays. This screen shows the Scanning Exclusions table, which is empty if you have not specified any exclusions. (The following figure shows one exclusion rule in the table as an example.) Figure 73.
Page 132: Setting Access Exception Rules For Web Access
ProSecure Web/Email Security Threat Management (STM) Appliance Setting Access Exception Rules for Web Access You can set up to 200 exception rules for users and members of a group to allow access to applications, file extensions and protocols, Web categories, and URLs that you have blocked for all other users, or the other way around, to block access to applications, file extensions and protocols, Web categories, and URLs that you have allowed access to for all other users.
Page 133 ProSecure Web/Email Security Threat Management (STM) Appliance To set Web access exception rules: Select Global Settings > Exceptions from the menu. The Exceptions submenu tabs display, with the Exceptions screen in view. This screen shows the Exceptions table, which is empty if you have not specified any exception rules. (The following figure shows several exception rules in the table as an example.) Figure 74.
Page 134 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 40. Add Exception Settings Setting Description Action From the drop-down list, select the action that the STM applies: •...
Page 135 ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. Add Exception Settings (Continued) Setting Description Domain All Users Click the Apply button to apply the exception to all users, both User/Group authenticated and unauthenticated. (continued) Authenticated Click the Apply button to apply the exception to all authenticated users.
Page 136 ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. Add Exception Settings (Continued) Setting Description Domain LDAP Do the following: User/Group User/Group Search 1. From the Domain drop-down list, select an LDAP domain. (continued) 2. From the Type drop-down list, select User, Group, or User&Group.
Page 137 ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. Add Exception Settings (Continued) Setting Description Category From the Category drop-down list, select the category to which the action applies. Your (and related selection determines which drop-down lists, fields, radio buttons, and check boxes display information) onscreen.
Page 138 ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. Add Exception Settings (Continued) Setting Description Category Web Categories The action applies to a Web category. Select a Web category from (and related the Sub Category drop-down list. For information about custom Web information) categories, see Creating Custom Categories for Web Access...
Page 139: Creating Custom Groups For Web Access Exceptions
ProSecure Web/Email Security Threat Management (STM) Appliance Creating Custom Groups for Web Access Exceptions After you have specified groups and users (see Managing Users, Groups, and Authentication in Chapter 5), you can create up to 200 custom groups, each of which can include a combination of local groups and local users, groups and users that are defined by their IP address, LDAP groups and users, and RADIUS groups and users.
Page 140 ProSecure Web/Email Security Threat Management (STM) Appliance Under the Custom Groups table, click the Add table button to specify a custom group. The Add Custom Group screen displays: Figure 77. Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 41.
Page 141 ProSecure Web/Email Security Threat Management (STM) Appliance Table 41. Add Custom Group Settings (Continued) Setting Description Local Groups Do the following: Users/Groups 1. From the Name drop-down list, select a local group. to this group 2. Click the Add button to add the selected local group to the custom group.
Page 142: Creating Custom Categories For Web Access Exceptions
ProSecure Web/Email Security Threat Management (STM) Appliance Table 41. Add Custom Group Settings (Continued) Setting Description RADIUS User Do the following: Users/Groups 1. From the Domain drop-down list, select a RADIUS domain. to this group 2. From the VLAN ID/Name drop-down list, select a VLAN ID or (continued) VLAN name.
Page 143 ProSecure Web/Email Security Threat Management (STM) Appliance To create and manage custom categories: Select Global Settings > Exceptions from the menu. The Exceptions submenu tabs display, with the Exceptions screen in view. Click the Custom Categories submenu tab. The Custom Categories screen displays. This screen shows the Custom Categories table, which is empty if you have not specified any custom categories.
Page 144 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 80. Category Type: URL Filtering Figure 81. Category Type: Web Categories 144 | Chapter 4. Content Filtering and Optimizing Scans...
Page 145 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down lists as explained in the following table: Table 42. Add Custom Category Settings Setting Description Name A name of the custom category for identification and management purposes. Brief A description of the category group for identification and management purposes.
Page 146 ProSecure Web/Email Security Threat Management (STM) Appliance Table 42. Add Custom Category Settings (Continued) Setting Description Category Web Categories Use the move buttons to move entire Web categories (for example, Type Commerce), individual applications (for example, Commerce - Shopping), or combinations of both from the Web Categories outside this Category (continued) field to the Web Categories in this Category field (or the other way around).
Page 147: Chapter 5 Managing Users, Groups, And Authentication
Managing Users, Groups, and Authentication This chapter describes how to manage users, groups, and authentication on the STM. This chapter contains the following sections: • About Users, Groups, and Domains on this page • Configuring Groups on page 148 • Configuring User Accounts on page 152 •...
Page 148: Configuring Groups
ProSecure Web/Email Security Threat Management (STM) Appliance The STM supports both unauthenticated and authenticated users: • Unauthenticated users. Anonymous users who do not log in to the STM and to which the STM’s default email and Web access policies apply. •...
Page 149: Creating And Deleting Groups By Name
ProSecure Web/Email Security Threat Management (STM) Appliance You can define groups either by name or by IP address and subnet: • Groups defined by name. These are local groups on the STM to which you can add users from the STM’s local user database. Local groups are automatically assigned to the STM’s prosecuredomain default domain.
Page 150: Editing Groups By Name
ProSecure Web/Email Security Threat Management (STM) Appliance In the Add New Group section of the screen, complete the fields as explained in the following table: Table 43. Group Settings Setting Description Name A descriptive (alphanumeric) name of the group for identification and management purposes. Description A brief description of the group for identification and management purposes.
Page 151: Creating And Deleting Groups By Ip Address And Subnet
ProSecure Web/Email Security Threat Management (STM) Appliance Change the field and move the users as explained in the following table: Table 44. Edit Group Settings Setting Description Edit Description You can edit the brief description of the group for identification and management purposes.
Page 152: Configuring User Accounts
ProSecure Web/Email Security Threat Management (STM) Appliance In the Add New IP Subnets/Groups section of the screen, complete the fields as explained in the following table: Table 45. IP Subnet/Group Settings Setting Description IP Address An IP address on your local network or on a remote device to which the users are assigned. Netmask The subnet mask to which the users are assigned.
Page 153: Creating And Deleting User Accounts
ProSecure Web/Email Security Threat Management (STM) Appliance Creating and Deleting User Accounts To create an individual user account: Select Users > Users from the menu. The Users screen displays: Figure 85. The List of Users table displays the users with the following fields: •...
Page 154: Editing User Accounts
ProSecure Web/Email Security Threat Management (STM) Appliance Click the Add table button. The new user is added to the List of Users table. To delete a user from the List of Users table, click the Delete table button in the Action column for the user that you want to delete.
Page 155: Understanding The Stm's Authentication Options
Users with administrative and guest privileges on the STM need to log in through the NETGEAR Configuration Manager Login screen (see the following figure), where they are authenticated through the STM’s local user database. These users need to provide their user name and password.
Page 156 ProSecure Web/Email Security Threat Management (STM) Appliance The lower part of the NETGEAR Configuration Manager Login screen (see the previous figure) provides a User Portal Login Link that lets you open the User Portal Login screen: Figure 88. After a user has logged in through the User Portal Login screen, the Authentication screen displays: Figure 89.
Page 157: Understanding Active Directories And Ldap Configurations
ProSecure Web/Email Security Threat Management (STM) Appliance Log in again. On the Authentication screen (see the previous figure), click the Logout link. WARNING! Ensure that users understand that they need to log out after completing a session in order to prevent subsequent users from inheriting access privileges that were not assigned to them.
Page 158 ProSecure Web/Email Security Threat Management (STM) Appliance How an Active Directory Works Understanding how a typical Active Directory (AD) works might be of help when you are specifying the settings for the LDAP and Active Directory domains on the STM. The following applies to a typical AD: •...
Page 159 ProSecure Web/Email Security Threat Management (STM) Appliance Click the General tab. The general properties for Jamie Hanson display: Figure 90. To verify Jamie Hanson’s user login name, click the Account tab. The account properties for Jamie Hanson display: Figure 91. Log in to the STM.
Page 160 ProSecure Web/Email Security Threat Management (STM) Appliance In the List of LDAP table, click the Edit button in the Action column of domain ABC.com. The Edit LDAP screen displays. To bind the user Jamie Hanson to the LDAP server for authentication on the STM, use one of the following two formats in the Bind DN field of the Edit LDAP screen: •...
Page 161: Creating And Deleting Ldap And Active Directory Domains
ProSecure Web/Email Security Threat Management (STM) Appliance Creating and Deleting LDAP and Active Directory Domains To configure LDAP and Active Directory authentication: Select User Management > Authentication from the menu. The authentication submenu tabs display with the LDAP screen in view: Figure 94.
Page 162 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down list as explained in the following table: Table 47. LDAP Settings Setting Description Domain A descriptive (alphanumeric) name of the LDAP or Active Directory authentication server for identification and management purposes.
Page 163 ProSecure Web/Email Security Threat Management (STM) Appliance Table 47. LDAP Settings (Continued) Setting Description Group Members This field is optional. The attribute that is used to identify the members of a group. Attribute For an Active Directory, enter member. For OpenLDAP, you can enter a customized attribute to identify the members of a group. Additional Filter This field is optional.
Page 164: Editing Ldap And Active Directory Domains
ProSecure Web/Email Security Threat Management (STM) Appliance Editing LDAP and Active Directory Domains To edit an LDAP or Active Directory domain: Select User Management > Authentication from the menu. The authentication submenu tabs display with the LDAP screen in view (see Figure 94 on page 161).
Page 165: Requirements For The Prosecure Dc Agent Software And Dc Agent Server
ProSecure Web/Email Security Threat Management (STM) Appliance Requirements for the ProSecure DC Agent Software and DC Agent Server Note the following requirements for the ProSecure DC agent software and domain controller (DC) servers: • If the DC server is located behind a firewall or there is a firewall on the DC server, ensure that the firewall does not block the server’s listening port.
Page 166 ProSecure Web/Email Security Threat Management (STM) Appliance To download ProSecure DC Agent software and add a DC agent: Select User Management > Authentication from the menu. The authentication submenu tabs display with the LDAP screen in view. Locate the List of DC Agents table at the bottom of the screen.
Page 167: Creating And Deleting Radius Domains
ProSecure Web/Email Security Threat Management (STM) Appliance To edit a DC agent: In the Domain column, locate the DC agent that you want to edit, and make changes in the columns to the right of the Domain column. Click Apply to save your changes. Creating and Deleting RADIUS Domains To configure RADIUS authentication: Select User Management >...
Page 168 ProSecure Web/Email Security Threat Management (STM) Appliance Complete the fields and make your selections from the drop-down list as explained in the following table: Table 49. RADIUS Settings Setting Description Domain A descriptive (alphanumeric) name of the RADIUS authentication server for identification and management purposes.
Page 169: Editing Radius Domains And Configuring Vlans
ProSecure Web/Email Security Threat Management (STM) Appliance Editing RADIUS Domains and Configuring VLANs To edit a RADIUS domain: Select User Management > Authentication from the menu. The authentication submenu tabs display with the LDAP screen in view. Click the RADIUS submenu tab. The RADIUS screen displays (see Figure 96 on page 167).
Page 170: Global User Settings
ProSecure Web/Email Security Threat Management (STM) Appliance Creating and Deleting VLANs for Use with RADIUS Domains After you have created a RADIUS domain by specifying a RADIUS server, you can add a virtual LAN (VLAN), and then set access exceptions for the logged-in RADIUS users (see Setting Access Exception Rules for Web Access on page 132).
Page 171 ProSecure Web/Email Security Threat Management (STM) Appliance To specify the global user configuration settings: Select User Management > Configuration from the menu. The Configuration screen displays: Figure 98. Locate the Sessions Parameters section on screen. Specify the session settings: • Session Expiration Length.
Page 172: Viewing And Logging Out Active Users
ProSecure Web/Email Security Threat Management (STM) Appliance Locate the Users Portal Login Settings section on screen. Specify the default domain settings: • From the Default Domain drop-down list, select a domain that is presented as the default domain on the User Portal Login screen. The default domain that is presented is prosecuredomain.
Page 173 ProSecure Web/Email Security Threat Management (STM) Appliance To view all or selected users: On the Active Users screen (see the previous figure), select one of the following radio buttons: • View All. This selection returns all active users after you click the Search button. •...
Page 174 ProSecure Web/Email Security Threat Management (STM) Appliance To log out selected active users: On the search results screen select the check boxes to the left of the users that you want to log out. Click Logout. 174 | Chapter 5. Managing Users, Groups, and Authentication...
Page 175: Chapter 6 Monitoring System Access And Performance
Monitoring System Access and Performance This chapter describes the system monitoring features of the STM. You can be alerted to important events such as attacks and login failures. You can also view the system status and real-time traffic and security information. In addition, the diagnostics utilities are described. Note: All email notification functions that are part of the Logs, Reports, and Alerts menus, and some of the functions that are part of the...
Page 176: Configuring The Email Notification Server
Description (or Subfield and Description) Show as Mail Sender A descriptive name of the sender for email identification purposes. For example, enter stm600notification@netgear.com. Send Notifications to The email address to which the notifications should be sent. Typically, this is the email address of a user with administrative privileges.
Page 177: Configuring And Activating System, Email, And Syslog Logs
ProSecure Web/Email Security Threat Management (STM) Appliance Table 50. Email Notification Settings (Continued) Setting Description (or Subfield and Description) Mail Server Requires If the SMTP server requires authentication, select the Mail Server Requires Authentication Authentication check box and enter the following settings: User Name The user name for SMTP server authentication.
Page 178 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 102. Log Management, screen 1 of 3 Complete the fields, select the radio button and check boxes, and make your selections from the drop-down lists as explained in the following table: Table 51. Email Logs Settings Setting Description (or Subfield and Description) Send to...
Page 179 ProSecure Web/Email Security Threat Management (STM) Appliance Table 51. Email Logs Settings (Continued) Setting Description (or Subfield and Description) Select Logs to Select the check boxes to specify which logs are sent via email: Send • System logs. The system event logs that include all system errors, informational messages, configuration changes, and system software updates.
Page 180 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 103. Log Management, screen 2 of 3 Complete the fields, select the check boxes, and make your selections from the drop-down lists as explained in the following table: Table 52. Syslog Settings Setting Description (or Subfield and Description) IP Address...
Page 181 ProSecure Web/Email Security Threat Management (STM) Appliance Table 52. Syslog Settings (Continued) Setting Description (or Subfield and Description) Facility The facility indicates from which internal part of the STM the log message originates. For each log that you have selected to be sent to the syslog server (see earlier in this table), select one of the following facilities from the drop-down list: •...
Page 182: Configuring Alerts
ProSecure Web/Email Security Threat Management (STM) Appliance Clearing Logs To clear logs: Select Monitoring > Logs from the menu. The Logs submenu tabs display, with the Log Management screen in view (see Figure 102 on page 178). Locate the Clear the Following Log Information section at the bottom of the screen: Figure 104.
Page 183 ProSecure Web/Email Security Threat Management (STM) Appliance To configure and activate the email alerts: Select Monitoring > Alerts from the menu. The Alerts screen displays: Figure 105. Select the check boxes and complete the fields as explained in the following table: Table 53.
Page 184: Monitoring Real-Time Traffic, Security, Statistics, And Web Usage
ProSecure Web/Email Security Threat Management (STM) Appliance Table 53. Alerts Settings (Continued) Setting Description (or Subfield and Description) Enable Malware Select this check box to enable malware outbreak alerts, and configure the Outbreak Outbreak Alerts Criteria, Protocol, and Subject fields. Outbreak To define a malware outbreak, specify the following fields: Criteria...
Page 185 ProSecure Web/Email Security Threat Management (STM) Appliance To display the Dashboard screen, select Monitoring > Dashboard from the menu. The Dashboard submenu tabs display with the Dashboard screen in view. Because of the size of this screen, it is divided and presented in this manual in three figures (the following figure, Figure 107 on page 187, and Figure 108...
Page 186 ProSecure Web/Email Security Threat Management (STM) Appliance To set the poll interval: Click the Stop button. From the Poll Interval drop-down list, select a new interval (the minimum is 5 seconds, the maximum is 5 minutes). Click the Set Interval button. To clear the statistics, click Clear Statistics.
Page 187 ProSecure Web/Email Security Threat Management (STM) Appliance Table 54. Dashboard: Status, Total Threats, and Threats (Last 7 Days) Information (Continued) Item Description Application Displays the total number of: • IM blocked. • Tools blocked. • Media blocked. • P2P blocked. Note: For information about how to configure these applications, see Configuring Application...
Page 188 ProSecure Web/Email Security Threat Management (STM) Appliance The following table explains the fields of the Total Scanned Services Traffic, Most Recent 5, and Top 5 sections of the Dashboard screen: Table 55. Dashboard: Total Scanned Services Traffic and Most Recent 5 and Top 5 Information Item Description Total Scanned Services Traffic (Last 7 Days)
Page 189 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 108. Dashboard, screen 3 of 3 Note: The previous figure shows the Interface Statistics section of the STM600. The STM300 and STM150 have different interfaces (see the following table). The following table explains the fields of the Service Statistics and Interface Statistics sections of the Dashboard screen: Table 56.
Page 190: Monitoring Web Usage
ProSecure Web/Email Security Threat Management (STM) Appliance Table 56. Dashboard: Service Statistics and Interface Statistics Information (Continued) Item Description Total Malwares Found The total number of detected malware threats. Virus The total number of detected viruses. Spyware The total number of detected spyware threats. Total Emails/Files Blocked The total number of blocked emails and files.
Page 191 ProSecure Web/Email Security Threat Management (STM) Appliance To view the STM’s Web usage: Select Monitoring > Dashboard from the menu. The Dashboard submenu tabs display with the Dashboard screen in view. Click the Web Usage submenu tab. The Web Usage screen displays: Figure 109.
Page 192: Viewing System Status
ProSecure Web/Email Security Threat Management (STM) Appliance Viewing System Status The System Status screen provides real-time information about the following components of the STM: • Firmware versions and update information of the STM, software versions and update information of the components, license expiration dates for each type of license, and hardware serial number •...
Page 193 ProSecure Web/Email Security Threat Management (STM) Appliance The following table explains the fields of the System Information, Management Interface Information, and Interfaces sections of the System Status screen: Table 57. System Status Information Setting Description System Information Firmware Information The current version and most recent update (that is, the most recently downloaded version) for the software, scan engine, pattern file, and operating system (OS).
Page 194: Querying Logs
ProSecure Web/Email Security Threat Management (STM) Appliance Querying Logs The extensive log querying functions of the STM can help you to monitor the protection of the network and fine-tune the performance of the STM. For information about emailing logs and sending logs to a syslog server, see Configuring and Activating System, Email, and Syslog Logs on page 177.
Page 195 ProSecure Web/Email Security Threat Management (STM) Appliance • Recipient email address • URL or subject To query and download logs: Select Monitoring > Logs from the menu. The Logs submenu tabs display, with the Log Management screen in view. Click the Logs Query submenu tab. The Logs Query screen displays (see the following figure).
Page 196 ProSecure Web/Email Security Threat Management (STM) Appliance Select the check boxes and radio buttons, make your selections from the drop-down lists, and complete the fields as explained in the following table: Table 58. Log Query Settings Setting Description (or Subfield and Description) Log Type Select one of the following log types from the drop-down list: •...
Page 197 ProSecure Web/Email Security Threat Management (STM) Appliance Table 58. Log Query Settings (Continued) Setting Description (or Subfield and Description) Search Criteria Domain The domain name that is queried. (continued) This field is available for the following logs: Email traffic, Web traffic, Virus, Spyware, Spam, Email filters, Content filters, and Application.
Page 198 ProSecure Web/Email Security Threat Management (STM) Appliance Table 58. Log Query Settings (Continued) Setting Description (or Subfield and Description) Search Criteria Recipient Email The email address of the recipient that is queried. (continued) This field is available for the following logs: Email traffic, Virus, Spyware, Spam, and Email filters.
Page 199: Example: Using Logs To Identify Infected Clients
The STM saves its logs every 5 minutes. If a power failure affects the STM, logs that were created within the 5-minute period before the power failure occurred are lost. Therefore, NETGEAR recommends that you connect the STM to a syslog server to save the logs externally.
Page 200: Viewing, Scheduling, And Generating Reports
ProSecure Web/Email Security Threat Management (STM) Appliance Viewing, Scheduling, and Generating Reports The extensive reporting functions of the STM let you perform the following tasks that help you to monitor the protection of the network and the performance of the STM: •...
Page 201 ProSecure Web/Email Security Threat Management (STM) Appliance To display the report templates and view reports onscreen: Select Monitoring > Reports from the menu. The Reports screen displays. The following figure shows only the Report Templates section of the screen with the preconfigured report templates.
Page 202: Generating Reports For Downloading
ProSecure Web/Email Security Threat Management (STM) Appliance Generating Reports for Downloading To generate a report: Select Monitoring > Reports from the menu. The Reports screen displays. By default, the Generate Report radio button is selected. The following figure shows the Reports screen without the Template Reports section, and shows some samples in the Generated Report List.
Page 203: Scheduling Automatic Generation And Emailing Of Reports
ProSecure Web/Email Security Threat Management (STM) Appliance in the advanced filtering options section of the screen (see Advanced Report Filtering Options on page 204). Scheduling Automatic Generation and Emailing of Reports To schedule a report and enable the STM to email the report: Select Monitoring >...
Page 204: Advanced Report Filtering Options
ProSecure Web/Email Security Threat Management (STM) Appliance • Weekly. By default, the report is generated weekly on Sunday at 3:00 a.m. You can use the drop-down lists to change the day of the week and the time. • Monthly. If you do not use the drop-down lists to change the time, the report is generated on the first of the month at 3:00 a.m.
Page 205 ProSecure Web/Email Security Threat Management (STM) Appliance are identical for both types of reports but need to be specified separately for each generated report and each scheduled report. To configure advanced filtering options: Select Monitoring > Reports from the menu. The Reports screen displays. In the Report Selection section, select one of the following radio buttons: •...
Page 206 ProSecure Web/Email Security Threat Management (STM) Appliance Configure the advanced filtering options as explained in the following table: Table 60. Advanced Filtering Options Settings Setting Description Top Count Enter a number between 1 and 100 to specify how many entries are included in reports that provide a top count, such as the Top Users by Requests report or the Top Spam Senders by Requests report.
Page 207 ProSecure Web/Email Security Threat Management (STM) Appliance Table 60. Advanced Filtering Options Settings (Continued) Setting Description Users Local User Enter the name of a local user, or use wildcards to specify a group (continued) of users. To specify all local users, enter *. Then click the Add table button.
Page 208: Viewing And Managing The Quarantine Files
ProSecure Web/Email Security Threat Management (STM) Appliance Table 60. Advanced Filtering Options Settings (Continued) Setting Description Destination Category From the drop-down list to the right of the Limit to drop-down list, (continued) select one of the following options: • Web Categories. The screen displays a table with all Web categories, each one with an individual Add table button that lets you add the category to the Destination table.
Page 209 ProSecure Web/Email Security Threat Management (STM) Appliance You can query and view the spam quarantine file and the malware quarantine file separately and filter the information based on a number of criteria. You can filter the spam quarantine file using the following criteria: •...
Page 210 ProSecure Web/Email Security Threat Management (STM) Appliance To query the quarantine files: Select Monitoring > Quarantine from the menu. The Quarantine screen displays (see the following figure). Depending on the selection that you make from the Quarantine File Type drop-down list, the screen adjusts to display the settings for the selected type of quarantine file.
Page 211 ProSecure Web/Email Security Threat Management (STM) Appliance Table 61. Quarantine File Settings (Continued) Setting Description (or Subfield and Description) Search Criteria Start Date/Time From the drop-down lists, select the year, month, day, hours, and minutes for the start date and time. (continued) End Date/Time From the drop-down lists, select the year, month, day, hours, and...
Page 212 ProSecure Web/Email Security Threat Management (STM) Appliance Viewing and Managing the Quarantined Spam Table When you query the spam quarantine file, the Quarantine screen with the Quarantined Spam table displays: Figure 117. The Quarantined Spam table shows the following columns: •...
Page 213 ProSecure Web/Email Security Threat Management (STM) Appliance • Delete. The selected spam email files are removed from quarantine and deleted. Viewing and Managing the Quarantined Infected Files Table When you query the malware quarantine file, the Quarantine screen with the Quarantined Infected Files table displays: Figure 119.
Page 214 ProSecure Web/Email Security Threat Management (STM) Appliance Figure 120. After you have selected one or more table entries, take one of the following actions (or click the Return link to return to the previous screen): • Resend to Admin. The selected malware files are removed from quarantine, zipped together as an email attachment, and then send to the recipient that you have specified on the Email Notification Server screen (see Configuring the Email Notification Server...
Page 215: Using Diagnostics Utilities
ProSecure Web/Email Security Threat Management (STM) Appliance Note: The report includes only quarantined spam emails that contain the email address that is specified in the Send to field. Click Send Report. The report provides summary information such as time, sender, recipient, subject, and size, and a retrieve link.
Page 216: Using The Network Diagnostic Tools
ProSecure Web/Email Security Threat Management (STM) Appliance Using the Network Diagnostic Tools This section discusses the Ping or Trace an IP Address section, the Perform a DNS Lookup section, and the Test URL section of the Diagnostics screen: Figure 123. Diagnostics, screen 1 of 3 Sending a Ping Packet Use the ping utility to send a ping packet request to check the connection between the STM and a specific IP address.
Page 217: Using The Realtime Traffic Diagnostics Tool
ProSecure Web/Email Security Threat Management (STM) Appliance Looking Up a DNS Address A Domain Name Server (DNS) converts the Internet name (for example, www.netgear.com) to an IP address. If you need the IP address of a Web, FTP, mail, or other server on the Internet, request a DNS lookup to find the IP address.
Page 218: Gathering Important Log Information And Generating A Network Statistics Report
Gathering Important Log Information and Generating a Network Statistics Report When you request support, NETGEAR Technical Support might ask you to collect the debug logs and other information from your STM. This section discusses the Gather Important Log Information section, Network Statistics Report section, and Reboot the System section of the Diagnostics screen: Figure 126.
Page 219: Restarting And Shutting Down The Stm
ProSecure Web/Email Security Threat Management (STM) Appliance Gathering Important Log Information To gather log information about your STM: Locate the Gather Important Log Information section on the Diagnostics screen. Click Download Now. You are prompted to save the downloaded log information file to your computer.
Page 220 ProSecure Web/Email Security Threat Management (STM) Appliance Note: For the STM150 only, there is an alternate way to restart: Press the Power button on the rear panel of the STM150 (see Rear Panel STM150 on page 20). The front panel Test LED flashes, and the STM150 reboots.
Page 221: Chapter 7 Troubleshooting And Using Online Support
• The date or time is not correct. Go to Problems with Date and Time on page 228. • I need help from NETGEAR. Go to Using Online Support on page 228. Note: The STM’s diagnostic tools are explained in...
Page 222: Basic Functioning
STM and that the power supply adapter is correctly connected to a functioning power outlet. If the error persists, you have a hardware problem and should contact NETGEAR Technical Support. Test LED or Status LED Never Turns Off...
Page 223: Power Led Not On
Restoring the Default Configuration and Password on page 227. If the error persists, you might have a hardware problem and should contact NETGEAR Technical Support. LAN or WAN Port LEDs Not On If either the LAN LEDs or WAN LEDs do not light when the Ethernet connection is made, check the following: •...
Page 224: Troubleshooting The Web Management Interface
ProSecure Web/Email Security Threat Management (STM) Appliance • Make sure that your browser has Java, JavaScript, or ActiveX enabled. If you are using Internet Explorer, click Refresh to be sure that the Java applet is loaded. • Try quitting the browser and launching it again. •...
Page 225: Troubleshooting A Tcp/Ip Network Using A Ping Utility
ProSecure Web/Email Security Threat Management (STM) Appliance Testing the LAN Path to Your STM You can ping the STM from your PC to verify that the LAN path to the STM is set up correctly. To ping the STM from a PC running Windows 95 or later: From the Windows toolbar, click Start and select Run.
Page 226: Restoring The Default Configuration And Password
ProSecure Web/Email Security Threat Management (STM) Appliance • Check to see that the network address of your PC (the portion of the IP address that is specified by the netmask) is different from the network address of the remote device. •...
Page 227: Problems With Date And Time
One of the advanced features that the STM provides is online support through a support tunnel. With this feature, NETGEAR Technical Support staff is able to analyze from a remote location any difficulty you might be experiencing with the STM and to perform advanced diagnostics.
Page 228: Using Online Support
Select Support > Online Support from the menu. The Online Support screen displays: Figure 128. In the Support Key field, enter the support key that was given to you by NETGEAR. Click Connect. When the tunnel is established, the tunnel status field displays ON.
Page 229: Installing Hot Fixes
The Test LED (STM150) or Status LED (STM300 and STM600) blinks during the hot fix installation. Sending Suspicious Files to NETGEAR for Analysis You can report any undetected malware file or malicious email to NETGEAR for online for analysis. The file is compressed and password protected before it is sent. 230 |...
Page 230: Accessing The Knowledge Base And Documentation
The email address of the submitter to enable NETGEAR to contact the submitter if needed. Import from File Click Browse to navigate to the file that you want to submit to NETGEAR. Source / Product Model Specify where the file originated (for example, an email address if received via email) and, if known, which product or scan feature (for example, the STM or a desktop antivirus application) detected the file.
Page 231: Appendix A Report Templates
Report Templates The following table provides information about the preconfigured report templates. These report templates are accessible from the Reports screen (see Viewing, Scheduling, and Generating Reports on page 200).  In the Filtering Options columns of the following table, a indicates that the option is ...
Page 232 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Top destination domains by number of requests: Destination • Chart with the requests by destination domains Domains by listed ...
Page 233 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Web Activity, Advanced (Click +More onscreen) Top Blocked Top blocked Web categories by number of requests: •...
Page 234 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Requests by For each Web server protocol separately, the number of requests per day for the time range that you specify in the Filtering Options section of the Reports screen:...
Page 235 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Blocked For HTTP and HTTPS separately, the number of Categories blocked Web category requests per hour for the time by Hour range that you specify in the Filtering Options section...
Page 236 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Blocked For each Web server protocol separately, the number Files By of blocked file extension requests per month for the Month time range that you specify in the Filtering Options...
Page 237 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Infected For each Web server protocol separately, the number Malwares by of detected malware infections or infection attempts Month per month for the time range that you specify in the...
Page 238 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Email Activity, Advanced (Click +More onscreen) Spam by For SMTP and POP3 separately, the number of Hour detected spam messages per hour for the time range that you specify in the Filtering Options section of the...
Page 239 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Email For each email server protocol separately, the Messages number of email messages per hour for the time by Hour range that you specify in the Filtering Options section of the Reports screen:...
Page 240 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Filtered For each email server protocol separately, the Emails by number of filtered email messages per month for the Month time range that you specify in the Filtering Options...
Page 241 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Infected For each email server protocol separately, the Malwares by number of detected virus or spyware infections or infection attempts per day for the time range that you specify in the Filtering Options section of the Reports...
Page 242 ProSecure Web/Email Security Threat Management (STM) Appliance Table 63. Report Templates Information (Continued) Activity Information Reported Filtering Options Enable logging of HTTP Client IP User Domain Applications traffic Address Categories Blocked The number of blocked applications per hour for the Applications time range that you specify in the Filtering Options by Hour...
Page 243: Appendix B Default Settings And Technical Specifications
Default Settings and Technical Specifications To return the STM to the default factory configuration settings that are shown in the following table, click the Default button on the Backup and Restore Settings screen (see Reverting to Factory Default Settings on page 70). Table 64.
Page 244 ProSecure Web/Email Security Threat Management (STM) Appliance Table 64. STM Default Configuration Settings (Continued) Feature Default LAN Connections MAC Address Default address MTU Size 1500 Ports STM150: 5 AutoSense 10/100/1000BASE-T, RJ-45 STM300: 3 AutoSense 10/100/1000BASE-T, RJ-45 STM600: 5 AutoSense 10/100/1000BASE-T, RJ-45 LAN IP Address In line transparent bridged Subnet Mask...
Page 245 ProSecure Web/Email Security Threat Management (STM) Appliance Table 65. STM Specifications (Continued) Feature Specification Electromagnetic Emissions Meets requirements of FCC Part 15 Class A VCCI Class A CE mark, commercial Safety Meets requirements of UL listed C-Tick Appendix B. Default Settings and Technical Specifications | 247...
Page 246: Appendix C Related Documents
Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link TCP/IP Networking Basics http://documentation.netgear.com/reference/enu/tcpip/index.htm Wireless Networking Basics http://documentation.netgear.com/reference/enu/wireless/index.htm Preparing Your Network http://documentation.netgear.com/reference/enu/wsdhcp/index.htm Virtual Private Networking http://documentation.netgear.com/reference/enu/vpn/index.htm...
Page 247: Appendix D Notification Of Compliance
FCC Declaration Of Conformity We, NETGEAR, Inc., 350 East Plumeria Drive, San Jose, CA 95134, declare under our sole responsibility that the ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600 complies with Part 15 of FCC Rules.
Page 248 • Consult the dealer or an experienced radio/TV technician for help. Modifications made to the product, unless expressly approved by NETGEAR, Inc., could void the user's right to operate the equipment. Canadian Department of Communications Radio Interference Regulations...
Page 249 ProSecure Web/Email Security Threat Management (STM) Appliance Additional Copyrights Copyright (c) 2001, Dr. Brian Gladman, brg@gladman.uk.net, Worcester, UK. All rights reserved. TERMS Redistribution and use in source and binary forms, with or without modification, are permitted subject to the following conditions: 1.
Page 250 ProSecure Web/Email Security Threat Management (STM) Appliance Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. License to copy and use this software is granted provided that it is identified as the “RSA Data Security, Inc. MD5 Message-Digest Algorithm” in all material mentioning or referencing this software or this function.
Page 251: Index
Index Numerics applications activity reports 10BaseT, 100BaseT, and 1000BaseT control custom categories logs recent 5 and top 5 violations AC input setting access exceptions STM150 status STM300 attached devices, monitoring with SNMP STM600 audio and video files access email filtering preventing inherited privileges FTP filtering read/write and read-only...
Page 252 Web content control, applications certificates cookies authentication commercial CAs CPU usage exchange critical updates managing crossover cable NETGEAR default self-signed third party website trusted dates untrusted setting warning messages troubleshooting Certification Authority (CA) daylight savings time Challenge Handshake Authentication Protocol (CHAP)
Page 253 ProSecure Web/Email Security Threat Management (STM) Appliance documentation exceptions, Web access online custom categories reference custom groups setting rules domain controller (DC) agent exclusions, scanning domains default executable files LDAP and Active Directory (AD) email filtering overview FTP filtering RADIUS Web filtering trusted Web access exceptions, applying to...
Page 254 ProSecure Web/Email Security Threat Management (STM) Appliance GoToMyPC proxy settings configuring manually groups by IP address and subnet, managing for HTTPS scanning by IP membership, authentication using the Setup Wizard by name, managing scanning local concurrent connections membership enabling overview testing Web access exceptions trusted hosts...
Page 255 ProSecure Web/Email Security Threat Management (STM) Appliance intrusion detection systems (IDS) and intrusion locations prevention systems (IPS) STM150 IP addresses STM300 DNS servers STM600 public Power STM150 subnet mask, STM STM300 IPS (intrusion prevention system) STM600 iTunes Status STM150, not applicable STM300 STM600 Java objects...
Page 256 Web content filtering, blocked page quarantine area size NTP servers, settings quarantined querying and viewing statistics recent 5 and top 5 threats online analysis, by NETGEAR management online documentation default settings online support digital certificates operating system, updating performance...
Page 257 ProSecure™ forum and community registering with NETGEAR ProSecure™ Web/Email Security Threat Management registration information, retrieving Appliance STM150, STM300, or STM600 Installation regulatory compliance Guide Remote Authentication Dial In User Service. See protocols RADIUS.
Page 258 ProSecure Web/Email Security Threat Management (STM) Appliance removing, embedded objects service registration card reports sessions email address for sending reports expiration length filtering options limits generating time-out scheduling Setup Wizard, initial configuration templates severities, syslog user-generated spam report shared secrets, RADIUS Web resource usage shutting down Reset button, STM150 (only)
Page 259 ProSecure Web/Email Security Threat Management (STM) Appliance speed settings and autosensing system activity reports spyware logs logs name See also anti virus, See also emails. status SSL (Secure Socket Layer) system date and time settings, using the Setup Wizard connection and HTTPS scanning disabling SSLv2 connections encryption for LDAP SSLv2, SSLv3, and TLSv1...
Page 260 ProSecure Web/Email Security Threat Management (STM) Appliance Transmission Control Protocol (TCP) time-out STM300 STM600 Transport Layer Security (TLS) User Datagram Protocol (UDP) time-out traps, SNMP user name, default trial period, service licenses User Portal Login link troubleshooting basic functioning users browsers accounts, configuring configuration settings, using sniffer...
Page 261 ProSecure Web/Email Security Threat Management (STM) Appliance default settings filtering, using the Setup Wizard setting access exceptions Web content filtering audio, compressed, executable, and video files blocked malware, user notifications blocked page, user notifications blocked URL, user notifications defaults files and objects, sizes logs overview security settings, using the Setup Wizard...

This manual is also suitable for:

Prosecure stm300 Prosecure stm600

NETGEAR STM150 - ProSecure Web And Email Threat Management Appliance Reference Manual

Chapter 1 Introduction

Chapter 2 Using the Setup Wizard to Provision the STM in Your

Chapter 3 Performing Network and System Management

Chapter 4 Content Filtering and Optimizing Scans

Chapter 5 Managing Users, Groups, and Authentication

Chapter 6 Monitoring System Access and Performance

Chapter 7 Troubleshooting and Using Online Support

Appendix A Report Templates

Appendix B Default Settings and Technical Specifications

Appendix C Related Documents

Appendix D Notification of Compliance

Index

Quick Links

Troubleshooting

Related Manuals for NETGEAR STM150 - ProSecure Web And Email Threat Management Appliance

Summary of Contents for NETGEAR STM150 - ProSecure Web And Email Threat Management Appliance

This manual is also suitable for:

Table of Contents