STM 150-300-600 Reference Manual (PDF)
Page 1
ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600 Reference Manual 350 East Plumeria Drive San Jose, CA 95134 USA January 2011 202-10519-06 1.0
ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600 Reference Manual 350 East Plumeria Drive San Jose, CA 95134 USA January 2011 202-10519-06 1.0
STM 150-300-600 Reference Manual (PDF)
Page 2
...(s) or circuit layout(s) described herein. Statement of the ProSecure community. Revision History Manual Part Number Manual Publication Date Description Version Number 202-10519-06 1.0 February...prosecure.netgear.com or http://kb.netgear.com/app/home. Trademarks NETGEAR, the NETGEAR logo, ReadyNAS, ProSafe, ProSecure, Smart Wizard, Auto Uplink, X-RAID2, and NeoTV are available on the NETGEAR website at http://support.netgear.com. No part of this document without the written permission of Microsoft Corporation. ProSecure Web/Email Security Threat Management (STM) Appliance...
...(s) or circuit layout(s) described herein. Statement of the ProSecure community. Revision History Manual Part Number Manual Publication Date Description Version Number 202-10519-06 1.0 February...prosecure.netgear.com or http://kb.netgear.com/app/home. Trademarks NETGEAR, the NETGEAR logo, ReadyNAS, ProSafe, ProSecure, Smart Wizard, Auto Uplink, X-RAID2, and NeoTV are available on the NETGEAR website at http://support.netgear.com. No part of this document without the written permission of Microsoft Corporation. ProSecure Web/Email Security Threat Management (STM) Appliance...
STM 150-300-600 Reference Manual (PDF)
Page 3
ProSecure Web/Email Security Threat Management (STM) Appliance 202-10519-06 1.0 (continued) 202-10519-05 1.0 202-10519-01 1.1 202-10519-01 1.0 February 2011 (continued) (continued) • Revised the Setup Wizard update settings information (see Setup Wizard Step 7 of 11: Update Settings), software update information (see Updating the Software), and system status information (see Understanding the ProSecure DC ...users search methods. • Domain information in the output screens that are accessible from the Monitoring menu • Testing a URL as part of this reference manual. | 3
ProSecure Web/Email Security Threat Management (STM) Appliance 202-10519-06 1.0 (continued) 202-10519-05 1.0 202-10519-01 1.1 202-10519-01 1.0 February 2011 (continued) (continued) • Revised the Setup Wizard update settings information (see Setup Wizard Step 7 of 11: Update Settings), software update information (see Updating the Software), and system status information (see Understanding the ProSecure DC ...users search methods. • Domain information in the output screens that are accessible from the Monitoring menu • Testing a URL as part of this reference manual. | 3
STM 150-300-600 Reference Manual (PDF)
Page 5
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 10 of 11: Configuration Summary 48 Setup Wizard Step 11 of 11: Restarting the System 49 Verifying Correct Installation 49 Testing Connectivity 49 Testing HTTP Scanning 49 Registering the STM with NETGEAR 50 What to Do Next 51 Chapter 3 Performing Network and System Management Configuring Network Settings 52...
ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 10 of 11: Configuration Summary 48 Setup Wizard Step 11 of 11: Restarting the System 49 Verifying Correct Installation 49 Testing Connectivity 49 Testing HTTP Scanning 49 Registering the STM with NETGEAR 50 What to Do Next 51 Chapter 3 Performing Network and System Management Configuring Network Settings 52...
STM 150-300-600 Reference Manual (PDF)
Page 32
... that explain manual configuration; Additional information about the settings in the Setup Wizard screens is just an informational screen. Send a file or report. To open the help screen. The following sections explain the 11 configuration screens of screens have an accompanying help screen, click the question mark icon. ( ). ProSecure Web/Email Security Threat Management (STM) Appliance •...
... that explain manual configuration; Additional information about the settings in the Setup Wizard screens is just an informational screen. Send a file or report. To open the help screen. The following sections explain the 11 configuration screens of screens have an accompanying help screen, click the question mark icon. ( ). ProSecure Web/Email Security Threat Management (STM) Appliance •...
STM 150-300-600 Reference Manual (PDF)
Page 35
... completed the steps in the Setup Wizard, you can make changes to enter the time manually. Use Default NTP Servers The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by selecting Administration > System Date & Time. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 3 of 11: Time Zone Figure 22.
... completed the steps in the Setup Wizard, you can make changes to enter the time manually. Use Default NTP Servers The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by selecting Administration > System Date & Time. ProSecure Web/Email Security Threat Management (STM) Appliance Setup Wizard Step 3 of 11: Time Zone Figure 22.
STM 150-300-600 Reference Manual (PDF)
Page 36
...field blank, both of which is automatically disabled. Using the Setup Wizard to the default NETGEAR NTP servers. The correct time zone is automatically enabled. 36 | Chapter 2. When ...you select a time zone that become available when you need to work correctly. Manually Enter the Date and Time Time Zone Note: A list of the two NTP servers...Time (GMT) is available at http://support.ntp.org/bin/view/Servers/WebHome. ProSecure Web/Email Security Threat Management (STM) Appliance Table 6. Setup Wizard Step 3: System Date and Time Settings (Continued) Setting ...
...field blank, both of which is automatically disabled. Using the Setup Wizard to the default NETGEAR NTP servers. The correct time zone is automatically enabled. 36 | Chapter 2. When ...you select a time zone that become available when you need to work correctly. Manually Enter the Date and Time Time Zone Note: A list of the two NTP servers...Time (GMT) is available at http://support.ntp.org/bin/view/Servers/WebHome. ProSecure Web/Email Security Threat Management (STM) Appliance Table 6. Setup Wizard Step 3: System Date and Time Settings (Continued) Setting ...
STM 150-300-600 Reference Manual (PDF)
Page 59
...hour and minutes from the drop-down list as explained in the following section. Locate the Manually Refresh the Network section. 3. Click the Advanced Settings button. ProSecure Web/Email Security Threat Management (STM) Appliance 3. Note: When you click Refresh, the network restarts. To create a permanent MAC binding:...refresh of the dynamic MAC address refresh the MAC bindings. Note: The Advanced Settings button is described in view. 2. Managing Permanent MAC Address Bindings You can permanently bind a MAC address to immediately refresh the network. The Network Settings submenu tabs...
...hour and minutes from the drop-down list as explained in the following section. Locate the Manually Refresh the Network section. 3. Click the Advanced Settings button. ProSecure Web/Email Security Threat Management (STM) Appliance 3. Note: When you click Refresh, the network restarts. To create a permanent MAC binding:...refresh of the dynamic MAC address refresh the MAC bindings. Note: The Advanced Settings button is described in view. 2. Managing Permanent MAC Address Bindings You can permanently bind a MAC address to immediately refresh the network. The Network Settings submenu tabs...
STM 150-300-600 Reference Manual (PDF)
Page 71
...) that the STM automatically downloads the latest components from the NETGEAR update server. Chapter 3. The STM can automatically check for updating components: • Scheduled, automatic update • Manual update Because new virus threats can appear any hour of the day, it is an ... to factory default settings. Scheduling Updates Enabling scheduled updates ensures that includes the kernel modules and hardware drives. ProSecure Web/Email Security Threat Management (STM) Appliance Note: For the STM150 only, there is very important to keep both the pattern file and scan engine ...
...) that the STM automatically downloads the latest components from the NETGEAR update server. Chapter 3. The STM can automatically check for updating components: • Scheduled, automatic update • Manual update Because new virus threats can appear any hour of the day, it is an ... to factory default settings. Scheduling Updates Enabling scheduled updates ensures that includes the kernel modules and hardware drives. ProSecure Web/Email Security Threat Management (STM) Appliance Note: For the STM150 only, there is very important to keep both the pattern file and scan engine ...
STM 150-300-600 Reference Manual (PDF)
Page 73
... list: • Update Signature Patterns only. Select Administration > Software Update from the NETGEAR default update server. • Another Update Server. Only the (signature) pattern file is ...Apply to immediately check for available updates. This is updated. Performing a Manual Update If you specify by entering the server IP address or host name... lists, specify the hour and minutes that the update should occur. 3. ProSecure Web/Email Security Threat Management (STM) Appliance Table 21. Software Update Settings (Continued) Setting Description (or Subfield and ...
... list: • Update Signature Patterns only. Select Administration > Software Update from the NETGEAR default update server. • Another Update Server. Only the (signature) pattern file is ...Apply to immediately check for available updates. This is updated. Performing a Manual Update If you specify by entering the server IP address or host name... lists, specify the hour and minutes that the update should occur. 3. ProSecure Web/Email Security Threat Management (STM) Appliance Table 21. Software Update Settings (Continued) Setting Description (or Subfield and ...
STM 150-300-600 Reference Manual (PDF)
Page 75
... selections from the menu. Chapter 3. Performing Network and System Management | 75 Select Administration > System Date and Time from the drop-down list, select an NTP server, or select to enter the time manually. This is the default setting. The System Date and Time... The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by Servers contacting a default NETGEAR NTP server on the Internet. ProSecure Web/Email Security Threat Management (STM) Appliance To set time, date, and NTP servers: 1. The top of the screen displays the current weekday, date, time...
... selections from the menu. Chapter 3. Performing Network and System Management | 75 Select Administration > System Date and Time from the drop-down list, select an NTP server, or select to enter the time manually. This is the default setting. The System Date and Time... The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by Servers contacting a default NETGEAR NTP server on the Internet. ProSecure Web/Email Security Threat Management (STM) Appliance To set time, date, and NTP servers: 1. The top of the screen displays the current weekday, date, time...
STM 150-300-600 Reference Manual (PDF)
Page 76
...daylight savings time is automatically disabled. Server 1 Name / Enter the IP address or host name the primary NTP server. IP Address Manually Enter the Date Date and Time Time Enter the date in the hh-mm-ss (hour-minutes-seconds) format. You do not need... (also known as Verisign or Thawte. The digital certificate is , SSL VPN connections). You need to the default NETGEAR NTP servers. ProSecure Web/Email Security Threat Management (STM) Appliance Table 22. System Date and Time Settings (Continued) Setting Use Custom NTP Servers Description (or Subfield and Description) ...
...daylight savings time is automatically disabled. Server 1 Name / Enter the IP address or host name the primary NTP server. IP Address Manually Enter the Date Date and Time Time Enter the date in the hh-mm-ss (hour-minutes-seconds) format. You do not need... (also known as Verisign or Thawte. The digital certificate is , SSL VPN connections). You need to the default NETGEAR NTP servers. ProSecure Web/Email Security Threat Management (STM) Appliance Table 22. System Date and Time Settings (Continued) Setting Use Custom NTP Servers Description (or Subfield and Description) ...
STM 150-300-600 Reference Manual (PDF)
Page 77
... Certificate Management screen is from a trusted third party whose identity can be used by remote entities. The STM's Certificate Management screen lets you replace this manual in ...the size of this screen, and because of the server. ProSecure Web/Email Security Threat Management (STM) Appliance The STM uses digital certificates to authenticate connecting HTTPS servers, ... digital certificate with a digital certificate from NETGEAR. To display the Certificate Management screen, select Web Security > Certificate Management from a commercial CA provides a strong assurance of an applicant...
... Certificate Management screen is from a trusted third party whose identity can be used by remote entities. The STM's Certificate Management screen lets you replace this manual in ...the size of this screen, and because of the server. ProSecure Web/Email Security Threat Management (STM) Appliance The STM uses digital certificates to authenticate connecting HTTPS servers, ... digital certificate with a digital certificate from NETGEAR. To display the Certificate Management screen, select Web Security > Certificate Management from a commercial CA provides a strong assurance of an applicant...
STM 150-300-600 Reference Manual (PDF)
Page 97
..., excluding the delimiter commas, is detected. Chapter 4. You can enter a maximum of 40 file extensions; You can manually add or delete extensions. the maximum total length of this table. 3. No file extensions are either tagged, blocked, or...as the ones for the Filter by the NETGEAR Spam Classification Center are added to separate different extensions. Click Apply to save your settings. Distributed spam analysis. Blacklist. ProSecure Web/Email Security Threat Management (STM) Appliance Table 29. Email Filter Settings (Continued) Setting Description (or Subfield...
..., excluding the delimiter commas, is detected. Chapter 4. You can enter a maximum of 40 file extensions; You can manually add or delete extensions. the maximum total length of this table. 3. No file extensions are either tagged, blocked, or...as the ones for the Filter by the NETGEAR Spam Classification Center are added to separate different extensions. Click Apply to save your settings. Distributed spam analysis. Blacklist. ProSecure Web/Email Security Threat Management (STM) Appliance Table 29. Email Filter Settings (Continued) Setting Description (or Subfield...
STM 150-300-600 Reference Manual (PDF)
Page 110
...Filtering screen displays. ProSecure Web/Email Security Threat Management (STM) Appliance Note: For information about creating custom categories that allow you to modify these settings. Figure 61. Content Filtering, screen 1 of Web categories, see Creating Custom Categories for combinations of 3 110 | Chapter 4. Select Web Security > HTTP/...size of this screen, it is presented in this manual in view. 2. Click the Content Filtering submenu tab. the Content Filtering screen allows you might have already configured the Web category blocking settings; If you have used the Setup...
...Filtering screen displays. ProSecure Web/Email Security Threat Management (STM) Appliance Note: For information about creating custom categories that allow you to modify these settings. Figure 61. Content Filtering, screen 1 of Web categories, see Creating Custom Categories for combinations of 3 110 | Chapter 4. Select Web Security > HTTP/...size of this screen, it is presented in this manual in view. 2. Click the Content Filtering submenu tab. the Content Filtering screen allows you might have already configured the Web category blocking settings; If you have used the Setup...
STM 150-300-600 Reference Manual (PDF)
Page 113
...an option, you keep the %LOGIN-LINK% metaword in the text to enable the STM to User Login Portal Page check box. You can manually add or delete extensions. Audio and video file extensions (wav, mp3, avi, rm, rmvb, wma, wmv, mpg, mp4, and aac)..., bat, and cmd) are detected. No file extensions are added to add predefined file extensions from Embedded Objects downloaded Web pages. The text is the default setting. • Executables. You can also use the drop-down list to the File Extension field. ProSecure Web/Email Security Threat Management (STM) Appliance Table 34.
...an option, you keep the %LOGIN-LINK% metaword in the text to enable the STM to User Login Portal Page check box. You can manually add or delete extensions. Audio and video file extensions (wav, mp3, avi, rm, rmvb, wma, wmv, mpg, mp4, and aac)..., bat, and cmd) are detected. No file extensions are added to add predefined file extensions from Embedded Objects downloaded Web pages. The text is the default setting. • Executables. You can also use the drop-down list to the File Extension field. ProSecure Web/Email Security Threat Management (STM) Appliance Table 34.
STM 150-300-600 Reference Manual (PDF)
Page 127
...to the File Extension field. NETGEAR recommends the default value, which can also use the drop-down list, specify one of threats. You can specify is ...STM300, the default setting is sufficient to detect the vast majority of the following actions to be useful when you specify in the file size field: • Skip. Configuring Application Control The STM lets you can manually...file extensions (zip, rar, gz, tar, and bz2) are detected. ProSecure Web/Email Security Threat Management (STM) Appliance Table 38. The maximum file size that are added to separate different extensions...
...to the File Extension field. NETGEAR recommends the default value, which can also use the drop-down list, specify one of threats. You can specify is ...STM300, the default setting is sufficient to detect the vast majority of the following actions to be useful when you specify in the file size field: • Skip. Configuring Application Control The STM lets you can manually...file extensions (zip, rar, gz, tar, and bz2) are detected. ProSecure Web/Email Security Threat Management (STM) Appliance Table 38. The maximum file size that are added to separate different extensions...
STM 150-300-600 Reference Manual (PDF)
Page 128
..., click Apply. Select Application from the menu. Content Filtering and Optimizing Scans ProSecure Web/Email Security Threat Management (STM) Appliance To enable and configure application control: 1. Under the Application Settings section of ...the screen, select the Enable Application Control check box. 3. Because of the size of this screen, and because of the way the information is presented, the Application Control screen is divided and presented in this manual...
..., click Apply. Select Application from the menu. Content Filtering and Optimizing Scans ProSecure Web/Email Security Threat Management (STM) Appliance To enable and configure application control: 1. Under the Application Settings section of ...the screen, select the Enable Application Control check box. 3. Because of the size of this screen, and because of the way the information is presented, the Application Control screen is divided and presented in this manual...
STM 150-300-600 Reference Manual (PDF)
Page 137
...application. Select one or more file extensions and one or multiple check boxes to : - Applications The action applies to a URL. Manually enter up to the File Extension field. - SMTP - HTTP - Wildcards (*) are supported. Add Exception Settings (Continued) Setting ...the Sub Category drop-down list. For information about custom URL lists, see Creating Custom Categories for Web Access Exceptions on page 142. ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. File Extensions The action applies to the File Extension field. - Wildcards (*) are ...
...application. Select one or more file extensions and one or multiple check boxes to : - Applications The action applies to a URL. Manually enter up to the File Extension field. - SMTP - HTTP - Wildcards (*) are supported. Add Exception Settings (Continued) Setting ...the Sub Category drop-down list. For information about custom URL lists, see Creating Custom Categories for Web Access Exceptions on page 142. ProSecure Web/Email Security Threat Management (STM) Appliance Table 40. File Extensions The action applies to the File Extension field. - Wildcards (*) are ...
STM 150-300-600 Reference Manual (PDF)
Page 157
... through the User Portal Login screen, users need to log out after completing a session in clear text. - Chapter 5. Managing Users, Groups, and Authentication | 157 A network-validated domain-based authentication method that functions with a Lightweight Directory Access Protocol ... group policies or bookmarks based on LDAP attributes. • Active Directory. ProSecure Web/Email Security Threat Management (STM) Appliance 2. PAP. Understanding Active Directories and LDAP Configurations This manual assumes that functions with a hash of the other's challenge message that has...
... through the User Portal Login screen, users need to log out after completing a session in clear text. - Chapter 5. Managing Users, Groups, and Authentication | 157 A network-validated domain-based authentication method that functions with a Lightweight Directory Access Protocol ... group policies or bookmarks based on LDAP attributes. • Active Directory. ProSecure Web/Email Security Threat Management (STM) Appliance 2. PAP. Understanding Active Directories and LDAP Configurations This manual assumes that functions with a hash of the other's challenge message that has...