STM 150-300-600 Reference Manual (PDF)
Page 3
ProSecure Web/Email Security Threat Management (STM) Appliance 202-10519-06 1.0 (continued) 202-10519-05 1.0 202-10519-01 1.1 202-10519-01 1.0 February 2011 (continued) (continued) • Revised the Setup Wizard update settings information (... Software and DC Agent Server, and Downloading ProSecure DC Agent Software, and Creating and Deleting DC Agents) Also added the following minor features: • Requirement to accept terms of service agreement on the Real-Time Blacklist screen • Capability to set the public host, IP address, and port on the Distributed Spam Analysis...
ProSecure Web/Email Security Threat Management (STM) Appliance 202-10519-06 1.0 (continued) 202-10519-05 1.0 202-10519-01 1.1 202-10519-01 1.0 February 2011 (continued) (continued) • Revised the Setup Wizard update settings information (... Software and DC Agent Server, and Downloading ProSecure DC Agent Software, and Creating and Deleting DC Agents) Also added the following minor features: • Requirement to accept terms of service agreement on the Real-Time Blacklist screen • Capability to set the public host, IP address, and port on the Distributed Spam Analysis...
STM 150-300-600 Reference Manual (PDF)
Page 6
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Web Content Filtering 109 Configuring Web URL Filtering 116 HTTPS Scan Settings 119 Specifying Trusted Hosts 124 Configuring FTP Scans 125 Configuring Application Control 127 Setting Scanning Exclusions and Web Access Exceptions 130 Setting Scanning Exclusions 130 Setting Access Exception Rules for Web Access 132 Creating Custom Groups for Web Access Exceptions 139...
ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Web Content Filtering 109 Configuring Web URL Filtering 116 HTTPS Scan Settings 119 Specifying Trusted Hosts 124 Configuring FTP Scans 125 Configuring Application Control 127 Setting Scanning Exclusions and Web Access Exceptions 130 Setting Scanning Exclusions 130 Setting Access Exception Rules for Web Access 132 Creating Custom Groups for Web Access Exceptions 139...
STM 150-300-600 Reference Manual (PDF)
Page 7
ProSecure Web/Email Security Threat Management (STM) Appliance Log Management 199 Viewing, Scheduling, and Generating Reports 200 Report Templates 200 Generating Reports for Downloading 202 Scheduling Automatic Generation and Emailing of Reports 203 Advanced Report Filtering Options 204 Viewing and Managing... the Web Management Interface 224 When You Enter a URL or IP Address a Time-Out Error Occurs 225 Troubleshooting a TCP/IP Network ...Troubleshooting 228 Installing Hot Fixes 229 Sending Suspicious Files to NETGEAR for Analysis 230 Accessing the Knowledge Base and Documentation 231...
ProSecure Web/Email Security Threat Management (STM) Appliance Log Management 199 Viewing, Scheduling, and Generating Reports 200 Report Templates 200 Generating Reports for Downloading 202 Scheduling Automatic Generation and Emailing of Reports 203 Advanced Report Filtering Options 204 Viewing and Managing... the Web Management Interface 224 When You Enter a URL or IP Address a Time-Out Error Occurs 225 Troubleshooting a TCP/IP Network ...Troubleshooting 228 Installing Hot Fixes 229 Sending Suspicious Files to NETGEAR for Analysis 230 Accessing the Knowledge Base and Documentation 231...
STM 150-300-600 Reference Manual (PDF)
Page 9
... (see STM Model Comparison on page 12) for individual users and groups based on the STM's local database, on a group IP address, on a Lightweight Directory Access Protocol (LDAP) domain, group, or user, or on the network. You can develop into a...features and capabilities: • Up to analyze network and malware trends. • Manage through a supported management information base (MIB) browser. • Allow automated component updates. ProSecure Web/Email Security Threat Management (STM) Appliance What Can You Do with the STM: • Protect the network instantly. Downloading...
... (see STM Model Comparison on page 12) for individual users and groups based on the STM's local database, on a group IP address, on a Lightweight Directory Access Protocol (LDAP) domain, group, or user, or on the network. You can develop into a...features and capabilities: • Up to analyze network and malware trends. • Manage through a supported management information base (MIB) browser. • Allow automated component updates. ProSecure Web/Email Security Threat Management (STM) Appliance What Can You Do with the STM: • Protect the network instantly. Downloading...
STM 150-300-600 Reference Manual (PDF)
Page 11
...management tasks: • Browser-based management. The STM supports SNMP to let you monitor and manage log resources from reaching your computers. Chapter 1. Introduction | 11 ProSecure Web/Email Security Threat Management (STM) Appliance • Comprehensive protection. You can check automatically for Web categories, Web addresses, and Web... panel LEDs provide an easy way to a specified remote IP address or range of spyware, viruses, and other malware. • Objectionable traffic protection. Easy Installation and Management You can connect to easily configure the STM from a ...
...management tasks: • Browser-based management. The STM supports SNMP to let you monitor and manage log resources from reaching your computers. Chapter 1. Introduction | 11 ProSecure Web/Email Security Threat Management (STM) Appliance • Comprehensive protection. You can check automatically for Web categories, Web addresses, and Web... panel LEDs provide an easy way to a specified remote IP address or range of spyware, viruses, and other malware. • Objectionable traffic protection. Easy Installation and Management You can connect to easily configure the STM from a ...
STM 150-300-600 Reference Manual (PDF)
Page 22
ProSecure Web/Email Security Threat Management (STM) Appliance Bottom Panel with Product Label The product label on the bottom of the STM's enclosure displays the STM's default IP address, default user name, and default password, as well as regulatory compliance, input power, and other information. Introduction STM150 Product Label Figure 7. STM300 Product Label Figure 8. 22 | Chapter 1.
ProSecure Web/Email Security Threat Management (STM) Appliance Bottom Panel with Product Label The product label on the bottom of the STM's enclosure displays the STM's default IP address, default user name, and default password, as well as regulatory compliance, input power, and other information. Introduction STM150 Product Label Figure 7. STM300 Product Label Figure 8. 22 | Chapter 1.
STM 150-300-600 Reference Manual (PDF)
Page 28
... in Your Network ProSecure Web/Email Security Threat Management (STM) Appliance 4. Enter https://192.168.1.201 in the browser (see the document that Java is 192.168.1.201. Note: The STM factory default IP address is required only for the SSL VPN portal, not for DHCP, see the following figure, which shows the STM300). 28 | Chapter 2. Qualified Web Browsers To...
... in Your Network ProSecure Web/Email Security Threat Management (STM) Appliance 4. Enter https://192.168.1.201 in the browser (see the document that Java is 192.168.1.201. Note: The STM factory default IP address is required only for the SSL VPN portal, not for DHCP, see the following figure, which shows the STM300). 28 | Chapter 2. Qualified Web Browsers To...
STM 150-300-600 Reference Manual (PDF)
Page 34
... Wizard to the new IP address and log in your network to the Web Management Interface. ProSecure Web/Email Security Threat Management (STM) Appliance Table 5. Subnet Mask Note: If you change the default IP address from 192.168.1.201 to 10.0.0.1, you are sent, an action that of your model (STM150, STM300, or STM600). Enter the IP subnet mask. Specify the IP address for purposes of...
... Wizard to the new IP address and log in your network to the Web Management Interface. ProSecure Web/Email Security Threat Management (STM) Appliance Table 5. Subnet Mask Note: If you change the default IP address from 192.168.1.201 to 10.0.0.1, you are sent, an action that of your model (STM150, STM300, or STM600). Enter the IP subnet mask. Specify the IP address for purposes of...
STM 150-300-600 Reference Manual (PDF)
Page 36
... daylight savings time is automatically disabled. Manually Enter the Date and Time Time Zone Note: A list of the secondary NTP IP Address server. Date Enter the date in the hh-mm-ss (hour-minutes-seconds) format. Greenwich Mean Time (GMT) is applied... automatically enabled. 36 | Chapter 2. Using the Setup Wizard to specify in order for scheduling to the default NETGEAR NTP servers. ProSecure Web/Email Security Threat Management (STM) Appliance Table 6. Setup Wizard Step 3: System Date and Time Settings (Continued) Setting Description (or Subfield and Description)...
... daylight savings time is automatically disabled. Manually Enter the Date and Time Time Zone Note: A list of the secondary NTP IP Address server. Date Enter the date in the hh-mm-ss (hour-minutes-seconds) format. Greenwich Mean Time (GMT) is applied... automatically enabled. 36 | Chapter 2. Using the Setup Wizard to specify in order for scheduling to the default NETGEAR NTP servers. ProSecure Web/Email Security Threat Management (STM) Appliance Table 6. Setup Wizard Step 3: System Date and Time Settings (Continued) Setting Description (or Subfield and Description)...
STM 150-300-600 Reference Manual (PDF)
Page 42
...netgear.com. Password The password for SMTP server authentication. Typically, this field blank, the STM cannot send email notifications. The default port number is the email address of the sender for email identification purposes. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 6 of your ISP's outgoing email SMTP server. Setup Wizard Step 6: Email...box and enter the following screen. SMTP Server The IP address and port number or Internet name and port number of 11: Email Notification Server Settings Figure 25. Mail Server Requires ...
...netgear.com. Password The password for SMTP server authentication. Typically, this field blank, the STM cannot send email notifications. The default port number is the email address of the sender for email identification purposes. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 6 of your ISP's outgoing email SMTP server. Setup Wizard Step 6: Email...box and enter the following screen. SMTP Server The IP address and port number or Internet name and port number of 11: Email Notification Server Settings Figure 25. Mail Server Requires ...
STM 150-300-600 Reference Manual (PDF)
Page 44
...pattern file, and operating system (OS), the current version and the date of the following selections from the NETGEAR default update server. • Another Update Server. Only the (signature) pattern file is updated. Setup ...Every. Click + More to Provision the STM in the Server Address field. The scan engine and signatures are displayed. Server Address The update server IP address or host name. From the drop-down lists, specify the ...frequency with which the update should occur. • Daily. ProSecure Web/Email Security Threat Management (STM) Appliance Table 10.
...pattern file, and operating system (OS), the current version and the date of the following selections from the NETGEAR default update server. • Another Update Server. Only the (signature) pattern file is updated. Setup ...Every. Click + More to Provision the STM in the Server Address field. The scan engine and signatures are displayed. Server Address The update server IP address or host name. From the drop-down lists, specify the ...frequency with which the update should occur. • Daily. ProSecure Web/Email Security Threat Management (STM) Appliance Table 10.
STM 150-300-600 Reference Manual (PDF)
Page 45
... for proxy server authentication. Table 11. Using the Setup Wizard to Provision the STM in the following settings: Proxy Server The IP address and port number of 11: HTTP Proxy Settings Figure 27. Enter the following table, and then click Next to the Internet ...a Proxy Server to Connect to the Internet check box to the security subscription update settings by selecting Global Settings> HTTP Proxy. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 8 of the proxy server. Note: After you have completed the steps in the Setup Wizard, you can...
... for proxy server authentication. Table 11. Using the Setup Wizard to Provision the STM in the following settings: Proxy Server The IP address and port number of 11: HTTP Proxy Settings Figure 27. Enter the following table, and then click Next to the Internet ...a Proxy Server to Connect to the Internet check box to the security subscription update settings by selecting Global Settings> HTTP Proxy. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 8 of the proxy server. Note: After you have completed the steps in the Setup Wizard, you can...
STM 150-300-600 Reference Manual (PDF)
Page 49
... is functioning correctly. Using the Setup Wizard to Provision the STM in to enable HTTP scanning, see Testing a URL on page 217). • Ping the IP address of computers or networks. Verify that the system restarts automatically with the new configuration. The eicar.com test file is a legitimate DoS program and is....com test file from http://www.eicar.org/download/eicar.com. Check the downloaded eicar.com test file, and note the attached malware information file. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 11 of the STM. Chapter 2.
... is functioning correctly. Using the Setup Wizard to Provision the STM in to enable HTTP scanning, see Testing a URL on page 217). • Ping the IP address of computers or networks. Verify that the system restarts automatically with the new configuration. The eicar.com test file is a legitimate DoS program and is....com test file from http://www.eicar.org/download/eicar.com. Check the downloaded eicar.com test file, and note the attached malware information file. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 11 of the STM. Chapter 2.
STM 150-300-600 Reference Manual (PDF)
Page 51
... after you deploy the STM in Setup Wizard Step 1 of licenses that you have entered the license keys to the NETGEAR registration server, the STM retrieves and restores all registration information based on page 33. The STM is ready for the ... sections describe some important tasks that you might want to Provision the STM in to the STM Web Management Interface, using the default IP address or the IP address that are erased. ProSecure Web/Email Security Threat Management (STM) Appliance 3. What to Do Next You have completed setting up to scan the protocols and services that ...
... after you deploy the STM in Setup Wizard Step 1 of licenses that you have entered the license keys to the NETGEAR registration server, the STM retrieves and restores all registration information based on page 33. The STM is ready for the ... sections describe some important tasks that you might want to Provision the STM in to the STM Web Management Interface, using the default IP address or the IP address that are erased. ProSecure Web/Email Security Threat Management (STM) Appliance 3. What to Do Next You have completed setting up to scan the protocols and services that ...
STM 150-300-600 Reference Manual (PDF)
Page 52
... on page 74 • Managing Digital Certificates on page 76 • Managing the Quarantine Settings on page 81 • Managing the STM's Performance on page 82 Configuring Network Settings If you to its Web Management Interface. The STM requires a valid IP address to retrieve online updates and to... enable access to specify the interface speed and duplex settings for the management interface, for the Chapter 3. In addition to modifying ...
... on page 74 • Managing Digital Certificates on page 76 • Managing the Quarantine Settings on page 81 • Managing the STM's Performance on page 82 Configuring Network Settings If you to its Web Management Interface. The STM requires a valid IP address to retrieve online updates and to... enable access to specify the interface speed and duplex settings for the management interface, for the Chapter 3. In addition to modifying ...
STM 150-300-600 Reference Manual (PDF)
Page 54
ProSecure Web/Email Security Threat Management (STM) Appliance The following table: Table 13. The default name is the name of the STM150: Figure 34. You then need to select the speed and duplex setting for the secondary DNS server IP address. Unless you will access the Web Management Interface. Note: MGMT stands for the primary DNS server IP address...model (STM150, STM300, or STM600). Enter the IP address of the STM through which you change the default IP address from the drop-down list allows you need to open a new connection to the new IP address and log ...
ProSecure Web/Email Security Threat Management (STM) Appliance The following table: Table 13. The default name is the name of the STM150: Figure 34. You then need to select the speed and duplex setting for the secondary DNS server IP address. Unless you will access the Web Management Interface. Note: MGMT stands for the primary DNS server IP address...model (STM150, STM300, or STM600). Enter the IP address of the STM through which you change the default IP address from the drop-down list allows you need to open a new connection to the new IP address and log ...
STM 150-300-600 Reference Manual (PDF)
Page 56
... cannot change the total connection capacity per IP address or single source machine) that is, per user.) If a user exceeds the number of allocated sessions, packets might be dropped. Select Global Settings > Network Settings from the menu. Session limiting is disabled by default. ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Session Limits and Timeouts The Session...
... cannot change the total connection capacity per IP address or single source machine) that is, per user.) If a user exceeds the number of allocated sessions, packets might be dropped. Select Global Settings > Network Settings from the menu. Session limiting is disabled by default. ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Session Limits and Timeouts The Session...
STM 150-300-600 Reference Manual (PDF)
Page 61
... admin, and the default password for an administrator is , read/write access). ProSecure Web/Email Security Threat Management (STM) Appliance Internet. Enter the following table: Table 17. Select the check box and complete the fields as explained in the following settings: Proxy Server The IP address and port number of the proxy server. Chapter 3. To configure the HTTP...
... admin, and the default password for an administrator is , read/write access). ProSecure Web/Email Security Threat Management (STM) Appliance Internet. Enter the following table: Table 17. Select the check box and complete the fields as explained in the following settings: Proxy Server The IP address and port number of the proxy server. Chapter 3. To configure the HTTP...
STM 150-300-600 Reference Manual (PDF)
Page 64
... the Internet: type https:// (not http://) followed by the STM's WAN IP address into your browser: https://172.16.0.123. The STM's remote login URL is 172.16.0.123, type the following in your browser. ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Remote Management Access An administrator can configure, upgrade, and check the status of the STM...
... the Internet: type https:// (not http://) followed by the STM's WAN IP address into your browser: https://172.16.0.123. The STM's remote login URL is 172.16.0.123, type the following in your browser. ProSecure Web/Email Security Threat Management (STM) Appliance Configuring Remote Management Access An administrator can configure, upgrade, and check the status of the STM...
STM 150-300-600 Reference Manual (PDF)
Page 65
...IP addresses and IP address ranges, leave this field blank. 4. To specify a range, separate the beginning IP address and the ending IP address by the Internet Engineering Task Force (IETF). Click Apply to manage configurations, statistics collection, performance, and security. These variables can access the Web Management...with Internet Explorer 5.5 or later, simply click Yes to access Web Management Interface of the STM. ProSecure Web/Email Security Threat Management (STM) Appliance 2. In the Secure HTTPS Management section of the screen, enter number of the screen also displays ...
...IP addresses and IP address ranges, leave this field blank. 4. To specify a range, separate the beginning IP address and the ending IP address by the Internet Engineering Task Force (IETF). Click Apply to manage configurations, statistics collection, performance, and security. These variables can access the Web Management...with Internet Explorer 5.5 or later, simply click Yes to access Web Management Interface of the STM. ProSecure Web/Email Security Threat Management (STM) Appliance 2. In the Secure HTTPS Management section of the screen, enter number of the screen also displays ...