NETGEAR STM300EW-100NAS Bedienungsanleitung

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254

Zur Seite of

Richtige Gebrauchsanleitung

Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung NETGEAR STM300EW-100NAS an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von NETGEAR STM300EW-100NAS, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.

Was ist eine Gebrauchsanleitung?

Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung NETGEAR STM300EW-100NAS die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.

Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung NETGEAR STM300EW-100NAS. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.

Was sollte also eine ideale Gebrauchsanleitung beinhalten?

Die Gebrauchsanleitung NETGEAR STM300EW-100NAS sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts NETGEAR STM300EW-100NAS
- Den Namen des Produzenten und das Produktionsjahr des Geräts NETGEAR STM300EW-100NAS
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts NETGEAR STM300EW-100NAS
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen

Warum lesen wir keine Gebrauchsanleitungen?

Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von NETGEAR STM300EW-100NAS zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von NETGEAR STM300EW-100NAS und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service NETGEAR finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von NETGEAR STM300EW-100NAS zu überspringen, wie es bei der Papierform passiert.

Warum sollte man Gebrauchsanleitungen lesen?

In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts NETGEAR STM300EW-100NAS, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.

Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von NETGEAR STM300EW-100NAS widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.

Inhaltsverzeichnis der Gebrauchsanleitungen

  • Seite 1

    202-10519-01 1.0 September 2009 NETGEAR , Inc. 350 East Plumeria Drive San Jose, CA 95134 ProSecure W eb/Email Security Threat Management Appliance STM150/300/600 Reference Manual[...]

  • Seite 2

    ii v1.0, September 2009 © 2009 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR and the NETGEA R logo are registered trademarks and ProS ecure is a trademark of NETGEAR, Inc. Microsoft, W indows, and Windows NT ar e registered trademarks of Microsof t Corporation. Other brand and product names are registered trademarks or trademarks of th[...]

  • Seite 3

    v1.0, September 2009 iii Federal Of fice for T elecommuni cations Approvals has been notified of the placing of this equipment on the market and has been granted the right to test the series for comp li anc e with the regulations. V oluntary Control Co uncil for Interference (VCCI) St atement This equipment is in the second category (information eq[...]

  • Seite 4

    v1.0, Septembe r 2009 iv Open SSL Copyright (c) 1998–2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or withou t modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must reta in the above copyright notice, thi s list of conditions, and[...]

  • Seite 5

    v1.0, September 2009 v Product and Publication Det ails PPP Copyright (c) 1989 Carnegie Mellon University . All rights reserved. Redistribution and use in source and binary forms are permitted provide d that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other ma[...]

  • Seite 6

    v1.0, Septembe r 2009 vi[...]

  • Seite 7

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al vii v1.0, September 2009 Content s About This Manual Conventions, Formats, and Scope .................. ................ ................... .................... ......... xiii How to Print This Manual ................ ................ ............. ................ .[...]

  • Seite 8

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual viii v1.0, September 2009 Understanding the S teps for Initial Connection .. ............. ................ ................ ............... 2-4 Qualified Web Browsers .. ............. ................ ................ ................ ................ ............[...]

  • Seite 9

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al ix v1.0, September 2009 Updating the Software ........ ......... ................. ................ ............. ................ ................ ... 3-19 Scheduling Updates ..... ................ ................ ................ ................ ............. ....[...]

  • Seite 10

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual x v1.0, September 2009 Creating and Deleting Groups by Name ... ................ ................ ................ ............. .. 5-3 Editing Groups by Name ........... ... ... ... .... ... ............. ... ... ... .... ... ... ... .... ............ .... ... ...[...]

  • Seite 11

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al xi v1.0, September 2009 Chapter 7 T roubleshooting and Using Online Support Basic Functioning ..... ................ ................ ................ ................. ................ ............. ........ 7- 2 Power LED Not On ................ ................. ..[...]

  • Seite 12

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual xii v1.0, September 2009[...]

  • Seite 13

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al xiii v1.0, September 2009 About This Manual The NETGEAR ® Pr oSecu re™ W eb/Email Security Thr eat Management Appli ance STM Refer ence Manual describes how to configure and troubleshoo t a ProSecure W eb/Email Security Threat Management Appliance STM150, STM30 0, [...]

  • Seite 14

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual xiv v1.0, September 2009 • Scope . This manual is written for the STM according to these specifications: For more information abou t network, Internet, firewall, and VP N technologies, c lick the links to the NETGEAR website in Appendix B, “Related Documents .?[...]

  • Seite 15

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-1 v1.0, September 2009 Chapter 1 Introduction This chapter provides an overview of the feat ures and capabilities of the ProSecure W eb/Email Security Threat Managem en t Appliance STM150 , STM300, or STM600. It also identifies the physical features of [...]

  • Seite 16

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-2 Introduction v1.0, September 2009 In addition to scanning HTTP , HTTPS, FTP , SMTP , POP3, and IMAP traffic, the STM protects networks against spam phishing attacks and un wanted W eb use. The STM is a plug -and-play device that can be installe d and configured[...]

  • Seite 17

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-3 v1.0, September 2009 Key Features and Cap abilities The STM provides the following key features and capabilities: • Up to two pairs of 10/100/1000 Mbps Gigabit Ethernet W AN ports (see “STM Model Comparison” on page 1-5 ). • Scalable support ([...]

  • Seite 18

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-4 Introduction v1.0, September 2009 S tream Scanning for Content Filtering Stream Scanni ng is based on the simple observatio n that network traffic travels in streams. The STM scan engine starts re ceiving and analyz ing tr affic as the stream enters the network[...]

  • Seite 19

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-5 v1.0, September 2009 Easy Inst allation and Management Y ou can install, configure, and operate the STM wi thin minutes after connecting it to the network. The following features simplify in stallation and management tasks: • Browser -base d managem[...]

  • Seite 20

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-6 Introduction v1.0, September 2009 Service Registration Card with License Keys Be sure to store the license key card that came with your STM in a secure locatio n. Y ou do need these keys to activate your product during the initial setup. Hardware Gigabit RJ-45 [...]

  • Seite 21

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-7 v1.0, September 2009 Package Content s The STM prod uct package contain s the following items: • ProSecure W eb/Email Security Threat Ma nagement Appliance STM150, STM300, or STM600 • One AC power cable • Rubber feet (4) with adhesive backin g ?[...]

  • Seite 22

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-8 Introduction v1.0, September 2009 Front Panel Port s and LEDs The front panels of the three STM models pro vid e different components . STM150 Front Panel Figure 1-2 shows the front panel ports and status light-emitting diodes (LEDs) of the STM150. From left to[...]

  • Seite 23

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-9 v1.0, September 2009 The function of each STM150 LED is de scribed in the following table: T able 1-2. LED Descriptions for the STM150 Object Activity Descrip tion Power On (Green) Power is supplied to the STM. Off Power is not supplied to the STM. T [...]

  • Seite 24

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-10 Introduction v1.0, September 2009 Front Panel STM300 Figure 1-3 shows the front panel ports and LEDs of the STM300. From left to righ t, the STM300’ s front panel shows the following ports and LEDs: 1. Console port. Port for connecting to an option al co nso[...]

  • Seite 25

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-11 v1.0, September 2009 The function of each STM300 LED is de scribed in the following table: T able 1-3. LED Descriptions for the STM300 Object Activity Descrip tion Power On (Green) Power is supplied to the STM. Off Power is not supplied to the STM. S[...]

  • Seite 26

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-12 Introduction v1.0, September 2009 Front Panel STM600 Figure 1-4 shows the front panel ports and LEDs of the STM600. From left to righ t, the STM600’ s front panel shows the following ports and LEDs: 1. Console port. Port for connecting to an option al co nso[...]

  • Seite 27

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-13 v1.0, September 2009 The function of each STM600 LED is de scribed in the following table: T able 1-4. LED Descriptions for the STM600 Object Activity Descrip tion Power On (Green) Power is supplied to the STM. Off Power is not supplied to the STM. S[...]

  • Seite 28

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-14 Introduction v1.0, September 2009 Rear Panel Features The rear panel of the STM150 differs from the r ear panels of the STM300 and STM600. Rear Panel STM150 Figure 1-5 shows the rear panel components of the STM150. From left to right, the STM15 0’ s rear pan[...]

  • Seite 29

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-15 v1.0, September 2009 Rear Panel STM300 and STM600 The rear panels of the STM300 and STM600 are identical. Figure 1-6 shows the rear panel components of the STM300 and STM600. From left to right, the STM300’ s and STM600’ s rear panel components ([...]

  • Seite 30

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-16 Introduction v1.0, September 2009 STM150 Product Label STM300 Product Label Figure 1-7 Figure 1-8[...]

  • Seite 31

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Introduction 1-17 v1.0, September 2009 STM600 Product Label Choosing a Location for the STM The STM is su itable for use in an office environm ent where it can be free-standing (on its runner feet) or mounted into a standard 19-inch eq u ipment rack. Alternatively , y[...]

  • Seite 32

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 1-18 Introduction v1.0, September 2009 • T emperature operating limits are not likely to be exceeded. Install the unit in a clean, air- conditioned environment. For informatio n abou t the recommended operating t emperatures for the STM, see Appendix A, “Defaul[...]

  • Seite 33

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-1 v1.0, September 2009 Chapter 2 Using the Setup Wizard to Provision the STM in Y our Network This chapter describes provisioning the STM in your network. This chapter contains the following sections: ?[...]

  • Seite 34

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-2 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Server Group In a server group deployment, one STM appliance is installed at the gateway and another in front of the server group. This type of deployment he lps split the network[...]

  • Seite 35

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-3 v1.0, September 2009 Segmented LAN Deployment In a segmented LAN deployment, one STM app lia nce is installed in front of each network segment. This type of deployme nt helps split the network load and[...]

  • Seite 36

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-4 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Underst anding the S t ep s for Initial Connection Generally , five steps are required to complete th e basic and security configuration of your STM: 1. Connect the STM physica ll[...]

  • Seite 37

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-5 v1.0, September 2009 4. V erify the installation . See “V erifying Proper Installation” on page 2-27 . 5. Register the STM . “Registering the STM with NETGEAR” on page 2-28 . Each of these task[...]

  • Seite 38

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-6 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 The NETGEAR Configur ation Manager Login screen displays in th e browser (see Figu re 2-4 , which shows the STM60 0). 3. In the User field, type admin . Use lower case letters. 4.[...]

  • Seite 39

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-7 v1.0, September 2009 5. Click Login. The W eb Management Interface appears, displaying the Dashboard screen. ( Figure 2-2 on page 2-3 shows the top part of the screen. Fo r information about this scree[...]

  • Seite 40

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-8 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Underst anding the W eb Management Interface Menu La yout Figure 2-7 shows the menu at the top of the STM600’ s W eb Management Interface. The W eb Management Interface layouts [...]

  • Seite 41

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-9 v1.0, September 2009 Any of the following action buttons might be disp layed on screen (this list might not be complete): • Apply . Save and apply the configuration. • Reset . Reset the configurati[...]

  • Seite 42

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-10 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Using the Setup Wizard to Perf orm the Initial Configuration The Setup W izard facilitates the initial config uration of the STM by taking you through 1 1 screens, the last of wh[...]

  • Seite 43

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-11 v1.0, September 2009 Setup Wizard S tep 2 of 1 1: Networking Settings Enter the settings as explained in Ta b l e 2 - 1 , then click Next to go the following screen. Figure 2-1 1 Note: After you have [...]

  • Seite 44

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-12 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Setup Wizard S tep 3 of 1 1: Time Zone Subnet Mask Enter the IP subnet mask. Th e subnet ma sk specifies the network n umber portion of an IP address. Unless yo u are implementin[...]

  • Seite 45

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-13 v1.0, September 2009 Enter the settings as explained in Ta b l e 2 - 2 , then click Next to go the following screen. Note: After you have completed th e steps in the Setup W izard , you can make chang[...]

  • Seite 46

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-14 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Setup Wizard S tep 4 of 1 1: Email Security Enter the settings as explained in T able 2-3 on page 2-15 , then click Next to go the following screen. Figure 2-13 Note: After you h[...]

  • Seite 47

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-15 v1.0, September 2009 T able 2-3. Setup Wizard Step 4: Email Security Set tings Setting Description (or Sub field and Descr iption) Services to Scan SMTP SMTP scanning is enabled by defau lt on standar[...]

  • Seite 48

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-16 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 IMAP From the IMAP pull-down menu, spe cify one of the following actions when an infecte d e-mail is detected: • Quaran tine att achment . The e-mail is not blocked, but the at[...]

  • Seite 49

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-17 v1.0, September 2009 Setup Wizard S tep 5 of 1 1: Web Security Enter the settings as explained in Ta b l e 2 - 4 , then click Next to go the following screen. Figure 2-14 Note: After you have complete[...]

  • Seite 50

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-18 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 HTTPS HTTPS scanning is disabled by default. T o enable Hype rtext T ransfer Protocol over Secure Socket Layer (HTTPS) sca nning, select the corresponding checkbox. Y ou can chan[...]

  • Seite 51

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-19 v1.0, September 2009 Setup Wizard S tep 6 of 1 1: Em ail Notification Server Settings FTP From the FTP pull-down menu, specify one of the follo wing actions when an infected Web file or object is dete[...]

  • Seite 52

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-20 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Enter the settings as explained in T able 2-5 on page 2-20 , then click Next to go the following screen. Note: After you have completed th e steps in the Setup W izard , you can [...]

  • Seite 53

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-21 v1.0, September 2009 Setup Wizard S tep 7 of 1 1: Up date Settings Enter the settings as explained in T able 2-6 on page 2-22 , then click Next to go the following screen. Figure 2-16 Note: After you [...]

  • Seite 54

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-22 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 T able 2-6. Setup Wizar d Step 7: Up date Settings Setting Description (or Subfie ld and Description) System Information Y ou can not configure this section; it is shown for info[...]

  • Seite 55

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-23 v1.0, September 2009 Setup Wizard S tep 8 of 1 1: HTTP Proxy Settings Enter the settings as explained in Ta b l e 2 - 7 , then click Next to go the following screen. Figure 2-17 Note: After you have c[...]

  • Seite 56

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-24 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Setup Wizard S tep 9 of 1 1: W eb Categories Figure 2-18[...]

  • Seite 57

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-25 v1.0, September 2009 Enter the settings as explained in Ta b l e 2 - 8 , then click Next to go the following screen. Note: After you have completed th e steps in the Setup W izard , you can make chang[...]

  • Seite 58

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-26 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 Setup Wizard S tep 10 of 1 1: Configuration Summary Figure 2-19[...]

  • Seite 59

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-27 v1.0, September 2009 Click Apply to save your settings and automatically restart the system or click Back to make changes to the configuration. Setup Wizard S tep 1 1 of 1 1: Rest arting the System W [...]

  • Seite 60

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-28 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 The eicar .com test file is a legitimate DoS prog ram and is safe to use be cause it is not a malware threat and does not include any fragments of malware code. The test file is [...]

  • Seite 61

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Using the Setup Wizard to Prov is ion the STM in Your Netw ork 2-29 v1.0, September 2009 2. Enter the license key in the Registration Key field. 3. Fill out the customer and V AR fields. 4. Click Registe r . 5. Repeat step 2 and step 4 for additional license keys. The[...]

  • Seite 62

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 2-30 Using the Setup Wizard to Prov ision the STM in Your Network v1.0, September 2009 What to Do Next Y ou have completed setting up and deploying the STM to the networ k. The STM is now set up to scan the protocols and services that you specif ied for malware thr[...]

  • Seite 63

    3-1 v1.0, September 2009 Chapter 3 Performing Network and System Management This chapter describes the network settings, the system management features, and ways to improve the performance of the STM. If you have used the Setup W izard, you have already configured some of these settings, but there are situations in which you might want to modify th[...]

  • Seite 64

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-2 Performing Network and System Ma nagement v1.0, September 2009 T o configure the STM’ s network settings: 1. Select Global Setting s > Network Settings from the menu. The Ne twork Settings submenu tabs appear with the Network Settings screen in view ( Figu[...]

  • Seite 65

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-3 v1.0, September 2009 Figure 3-3 shows the Interface Speed & Duplex Set tings section of the Network Settings screen of the STM150. 2. Complete the fields and make your selections from the pull-down menus as explained in[...]

  • Seite 66

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-4 Performing Network and System Ma nagement v1.0, September 2009 Subnet Mask Enter the IP subnet mask. The subn et mask specifies the network number portion of an IP address. Unless you are implement ing su bnetting, use 255.2 55.255.0 as the subnet mask. Gateway[...]

  • Seite 67

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-5 v1.0, September 2009 3. Click Apply to save your settings. Changing the network settings has the following consequences: • Changing any of the settings in the Manageme nt Interface Settings se ction of the screen causes t[...]

  • Seite 68

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-6 Performing Network and System Ma nagement v1.0, September 2009 2. Click the Session Limits submenu tab. The Session Limits screen displays. 3. Select the radio buttons, make your selectio ns from the pull-down menu, and complete the fields as explained in Ta b [...]

  • Seite 69

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-7 v1.0, September 2009 4. Click Apply to save your settings. Cha nging any settings in the Sessi on T imeouts section of the screen requires the STM to restart. If you click Reset , the STM restar ts to restore the default ne[...]

  • Seite 70

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-8 Performing Network and System Ma nagement v1.0, September 2009 T o configure the HTTP proxy: 1. Select Global Setting s > HTTP Proxy from the menu. The HTTP Proxy screen displays. 2. Select the checkbox and complete the fields as explained in Ta b l e 3 - 3 [...]

  • Seite 71

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-9 v1.0, September 2009 About Users with Administ rative and Guest Privileges There are two pre-defined user types that can access the STM’ s W eb Management Interface: • Administrator . A user who has full access and the [...]

  • Seite 72

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-10 Performing Network an d System Management v1.0, September 2009 2. T o modify the administrator or guest settings, select the checkbox and complete the fields as explained in Ta b l e 3 - 4 . Figure 3-6 T able 3-4. Set Password Settings scr een; Administrator a[...]

  • Seite 73

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-11 v1.0, September 2009 3. Under the Administrator Settings and Guest Settings sections of the screen, click Apply to save your settings. 4. If you modified the administrato r settings and now want to modify the guest setting[...]

  • Seite 74

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-12 Performing Network an d System Management v1.0, September 2009 T o configure remote management: 1. Select Administration > Remote Management from the menu The Remote Management screen displays (see Figure 3-7 on page 3-12 ). 2. In the Secure HTTPS Managemen[...]

  • Seite 75

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-13 v1.0, September 2009 . Using an SNMP Manager Simple Network Management Protocol (SNMP) fo rms part of the Internet Protocol Suite as defined by the Internet Engineerin g T a sk Fo rce (IETF). SNMP is used in network manage[...]

  • Seite 76

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-14 Performing Network an d System Management v1.0, September 2009 2. Select the radio buttons and comple te the field s as explained in Ta b l e 3 - 6 . Figure 3-8 T able 3-6. SNMP Settings Setting Description (or Subfie ld and Descript ion) SNMP Settings Do Y ou[...]

  • Seite 77

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-15 v1.0, September 2009 3. Click Apply to save your settings. Supported MIB Browsers After you have configured the SNMP settings, you must enter the IP address of the STM in the Management Information Base (MIB) browsers thro[...]

  • Seite 78

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-16 Performing Network an d System Management v1.0, September 2009 Managing the Configuration File The configuration settings of the STM are stored in a configuratio n file on the STM. This file can be saved (backed up) to a PC, retrieved (restor ed) from the PC ,[...]

  • Seite 79

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-17 v1.0, September 2009 Back up your STM settings periodically , a nd store the backup file in a safe place. T o backup settings: 1. On the Backup and Rest ore Settings screen (see Figure 3-9 on pa ge 3-16 ), next to Save a c[...]

  • Seite 80

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-18 Performing Network an d System Management v1.0, September 2009 Reverting to Factory Default Settings T o reset the STM to the original factory default settings, click the default button next to Revert to factory default settings on the Back up and Restore Sett[...]

  • Seite 81

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-19 v1.0, September 2009 Up dating the Sof tware If you have used th e Setup W izard, you might ha ve already configured the software update settings; the Software Update screen allows you to modi fy these settings. The STM ha[...]

  • Seite 82

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-20 Performing Network an d System Management v1.0, September 2009 2. Select the radio buttons, complete the field, and make your selections from the pull-down menus as explained in T able 3-7 on page 3-21 . Figure 3-10[...]

  • Seite 83

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-21 v1.0, September 2009 3. Click Apply to save your settings. Performing a Manual Up date If you want to immediately check for and download available updates, perform a manual update: 1. Select Administration > Softwar e U[...]

  • Seite 84

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-22 Performing Network an d System Management v1.0, September 2009 3. After the update has completed, click Apply to activate the newly updated software. Critical Up dates That Require a Rest art If a downloaded update requires a restart, you are prompted to perfo[...]

  • Seite 85

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-23 v1.0, September 2009 Configuring Date and T ime Service If you have used the Setup W izard, you might have already configured the system date and time settings; the System Date and T ime screen allows you to modify these s[...]

  • Seite 86

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-24 Performing Network an d System Management v1.0, September 2009 3. Click Apply to save your settings. Changing the tim e zone requires the STM to restart. T able 3-8. System Date and Ti me Settings Setting Description (or Sub field and Description) System Date [...]

  • Seite 87

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-25 v1.0, September 2009 Managing Digit al Certificates The STM uses digital certificates (also known as X509 certificates) for secure web access connections over HTTPS (that is, SSL VPN connections). Digital certificates can [...]

  • Seite 88

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-26 Performing Network an d System Management v1.0, September 2009 import. However , NETGEAR recommends that you re place this digital certificate with a digital certificate from a well-known commercial CA pr ior to deploying the STM in your network. The STM’ s [...]

  • Seite 89

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-27 v1.0, September 2009 The top part of the Certificate Used for HTTP S Scans section displays information about the current certificate that is used for HTTPS scans Downloading the Certificate in to Y our Browser T o downloa[...]

  • Seite 90

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-28 Performing Network an d System Management v1.0, September 2009 Managing T rusted Certificates T o manage trusted certificates: Select W eb Security > Certificate Management from the menu. The Certificate Management screen displays. Figure 3-16 shows only th[...]

  • Seite 91

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-29 v1.0, September 2009 Importing a T rusted Certificate T o import a trusted certificate: 1. Click Br owse next to the Import from File field. 2. Navigate to a trusted certificate file on your computer . Follow the instructi[...]

  • Seite 92

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-30 Performing Network an d System Management v1.0, September 2009 Deleting an Untrusted Certificate T o delete an untrusted certificate: 1. Select the certificate from the Untrusted Certificates table. 2. Click Delete Selected . Moving an Untrusted Certificate to[...]

  • Seite 93

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-31 v1.0, September 2009 3. Click Apply to save your settings. Performance Management Performance management consists of controlling th e traffic through the STM so that the necessary traffic gets through when there is a bottl[...]

  • Seite 94

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-32 Performing Network an d System Management v1.0, September 2009 If you want to reduce tra ffic by preventing undesired e-mails from reac hing their destinations or b y preventing access to certain sites on the Internet, you can use the STM’ s content filterin[...]

  • Seite 95

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Performing Network and System Management 3-33 v1.0, September 2009 – Setting the size of W eb files to be scanned . Scann i ng large W eb files requires netw ork resources and might slow down traffic. Y ou can specify the maximum file size that is scanned, and if fi[...]

  • Seite 96

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 3-34 Performing Network an d System Management v1.0, September 2009[...]

  • Seite 97

    4-1 v1.0, September 2009 Chapter 4 Content Filtering and Optimizing Scans This chapter describes how to ap ply the content filtering features of the STM and how to opti mize scans to protect you r network. This chapter contains the following sections: • “About Content Filtering and Scans” on this page. • “Configuring E-mail Protection” [...]

  • Seite 98

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-2 Content Filtering and Optim izing Scans v1.0, September 2009 Default E-mail and W eb Scan Settings For most network environm ents, the default sca n se ttings and actions that are shown in Ta b l e 4 - 1 work well but you can adjust these to th e needs of your [...]

  • Seite 99

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-3 v1.0, September 2009 To o l s Alexa T oolbar Allowed GoT oMyPC Allowed Weatherbug Allowed Y ahoo T oolbar Allowed Web Object s Embedded Objects (ActiveX/Java/Flash Allowed Javascript Allowed Proxy Allowed Cookies Allowed Web[...]

  • Seite 100

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-4 Content Filtering and Optim izing Scans v1.0, September 2009 Configuring E-mail Protection The STM lets you configure the following settings to protect the network’ s e-mail communication: • The e-mail protocols that are scanned for malware threats. • Act[...]

  • Seite 101

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-5 v1.0, September 2009 2. Complete the fields and select the checkboxe s as exp lained in Ta b l e 4 - 2 . 3. Click Apply to save your settings. Customizing E-mail Anti-V irus Settings If you have used t he Setup W izard, you [...]

  • Seite 102

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-6 Content Filtering and Optim izing Scans v1.0, September 2009 2. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in Ta b l e 4 - 3 . Figure 4-2 T able 4-3. E-mail Anti-Virus Action Settings Setting Descr[...]

  • Seite 103

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-7 v1.0, September 2009 3. Click Apply to save your settings. Configuring E-mail Anti-V irus Exception Settings T o configure the e-mail anti-virus exception setti ngs: 1. Select Email Security > Anti-V irus from the menu. T[...]

  • Seite 104

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-8 Content Filtering and Optim izing Scans v1.0, September 2009 3. Make your selection from the pull-down menu s and complete the field as explained in Ta b l e 4 - 4 . 4. Click Apply to save your settings. Configuring E-mail Anti-V irus Notification Settings T o [...]

  • Seite 105

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-9 v1.0, September 2009 Figure 4-4[...]

  • Seite 106

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-10 Content Filtering and Optimizin g Scans v1.0, September 2009 3. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in Ta b l e 4 - 5 . T able 4-5. E-mail Anti-Virus Notification Settings Setting Descripti[...]

  • Seite 107

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-11 v1.0, September 2009 4. Click Apply to save your settings. E-mail Content Filtering The STM provides several options to filter unwa nted content from e-mails. Y o u can filter content from e-mails based on keywords in the s[...]

  • Seite 108

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-12 Content Filtering and Optimizin g Scans v1.0, September 2009 T o configure e-mail content filtering: 1. Select Email Security > Filters from the menu. The Filters screen displays. Figure 4-5[...]

  • Seite 109

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-13 v1.0, September 2009 2. Complete the fields and make your selections from the pull-down menus as explained in Ta b l e 4 - 6 . T able 4-6. E-mail Filter Settings Setting Description (or Subfield and Desc ription) Filter by [...]

  • Seite 110

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-14 Content Filtering and Optimizin g Scans v1.0, September 2009 3. Click Apply to save your settings. Protecting Against E-mail S pam The STM integrates multiple anti-spam technologi es to provide comprehensive protection against unwanted e-mail. Y ou can enable [...]

  • Seite 111

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-15 v1.0, September 2009 2. Blacklist . E-mails from the specified sources are considered spam and are blocked. 3. Real-time blacklist . E-mails from known spam sources that are collected by blacklist providers are blocked. 4. [...]

  • Seite 112

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-16 Content Filtering and Optimizin g Scans v1.0, September 2009 T o configure the whitelist and blacklist: 1. Select Email Security > Anti-Spam from the menu. The Anti-Sp am submenu tabs appear , with the Whitelist/Blacklist screen in view . Figure 4-6[...]

  • Seite 113

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-17 v1.0, September 2009 2. Complete the fields as explained in Ta b l e 4 - 6 . Configuring the Real-time Blacklist Blacklist providers are organizations that collect IP addresses of verified open SMTP relays that might be use[...]

  • Seite 114

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-18 Content Filtering and Optimizin g Scans v1.0, September 2009 By default, the STM comes with two pre-define d blacklist providers: Spamhaus, and Spamcop. Y ou can add a maximum of 16 black list providers to the RBL sources. T o enable the real-time blacklist: 1[...]

  • Seite 115

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-19 v1.0, September 2009 Configuring Distributed S pam Analysis Spam, phishing, and other e-mail- borne threats consist of milli ons of messages intentionally composed diff erently to evade co mmonly-used filters. Nonetheless, [...]

  • Seite 116

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-20 Content Filtering and Optimizin g Scans v1.0, September 2009 3. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in Ta b l e 4 - 8 . Figure 4-8 T able 4-8. Distributed S pam Analysis Settings Setting De[...]

  • Seite 117

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-21 v1.0, September 2009 4. Click Apply to save your settings. The Distributed Spam Analysis sec tion and the Send Quarantine Spam Report section each have their own Apply and Reset buttons to enable you to make changes to thes[...]

  • Seite 118

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-22 Content Filtering and Optimizin g Scans v1.0, September 2009 Configuring W eb and Services Protection The STM lets you confi gure the following se ttings to protect the network’ s Internet communication: • The W eb protocols that are scanned for malware th[...]

  • Seite 119

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-23 v1.0, September 2009 2. Complete the fields and select the checkboxe s as exp lained in Ta b l e 4 - 8 . 3. Click Apply to save your settings Figure 4-9 T able 4-9. Web Policy Settings Setting Description Services to Scan H[...]

  • Seite 120

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-24 Content Filtering and Optimizin g Scans v1.0, September 2009 Configuring Web Malware Scans If you have used the Setup W izard, you might have already configured the W eb malware action and exception scan settings; the Ma lware Scan screen allows you to modify [...]

  • Seite 121

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-25 v1.0, September 2009 T able 4-10. Malware S can Settings Setting Description Action HTTP and HTTPS Action From the HTTP or HTTPS pull-d own menu, specify one of the following actions when an i nfected Web file or object is [...]

  • Seite 122

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-26 Content Filtering and Optimizin g Scans v1.0, September 2009 3. Click Apply to save your settings. Configuring Web Content Filtering If you want to restrict internal LAN users from a ccess to certain types of information and objects on the Internet, use the ST[...]

  • Seite 123

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-27 v1.0, September 2009 If you have used the S etup W izard, you might have already config ured the W eb category block ing settings; the Content Filtering screen al lows you to modi fy these settings. T o configure W eb conte[...]

  • Seite 124

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-28 Content Filtering and Optimizin g Scans v1.0, September 2009 . Figure 4-12 [Content Filtering, scre en 2 of 3][...]

  • Seite 125

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-29 v1.0, September 2009 . 3. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in T able 4-1 1 on page 4-30 . Figure 4-13 [Content Filtering, scre en 3 of 3][...]

  • Seite 126

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-30 Content Filtering and Optimizin g Scans v1.0, September 2009 T able 4-1 1. Content Filter ing Settings Setting Description Content Filtering Log HTTP T raffic Select this checkbox to log HTTP traffic. For information about how to view the logged traffic, see ?[...]

  • Seite 127

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-31 v1.0, September 2009 Web Categorization Schedul e Do Y ou W ant this Schedule to be Active on All Days or S pecific Days? Select one of the following radio butto ns: • All Days . The schedule is in effect all days of the [...]

  • Seite 128

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-32 Content Filtering and Optimizin g Scans v1.0, September 2009 4. Click Apply to save your settings. Configuring Web URL Filtering If you want to allow or block internal LAN user s from access to certain sites on the Internet, use the STM’ s W eb URL filtering[...]

  • Seite 129

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-33 v1.0, September 2009 3. Complete the fields and select the checkboxe s as exp lained in T able 4-12 on page 4-34 . Figure 4-14[...]

  • Seite 130

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-34 Content Filtering and Optimizin g Scans v1.0, September 2009 T able 4-12. URL Filtering Settings Setting Description Whitelist (takes precedence over Blacklist) Enable Select this checkbox to bypass scanning of the URLs that are listed in the URL field. Users [...]

  • Seite 131

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-35 v1.0, September 2009 4. Click Apply to save your settings. Add URL T ype or copy a URL in the Add URL field. Then, click the add table button to add the URL to the URL field. Import from File T o import a list with URLs int[...]

  • Seite 132

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-36 Content Filtering and Optimizin g Scans v1.0, September 2009 HTTPS Scan Settings HTTPS traffic is encrypted traf fic that cannot be scanned otherwise the data stream would not be secure. However , the STM can scan HTT PS traffic that is transmitted through an [...]

  • Seite 133

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-37 v1.0, September 2009 If one of these is not satisfied, a security aler t message appears in the browser window (see Figure 4-16 ). However , even when a certificate is truste d or still valid, or when the name of a certific[...]

  • Seite 134

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-38 Content Filtering and Optimizin g Scans v1.0, September 2009 T o configure the HTTPS scan settings: 1. Select We b Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs appear , with the Malware Scan screen in view . 2. Click the HTTPS Settings s[...]

  • Seite 135

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-39 v1.0, September 2009 3. Complete the fields and select the checkboxe s as exp lained in Ta b l e 4 - 1 3 . 4. Click Apply to save your settings. S pecifying T rusted Host s Y ou can specify trusted hosts for which the ST M [...]

  • Seite 136

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-40 Content Filtering and Optimizin g Scans v1.0, September 2009 Note that c ertain sites contain el ements from dif f erent HTTPS hosts. As an example, assume that the https://example.com site contains HTTPS elements from the following three hosts: • trustedhos[...]

  • Seite 137

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-41 v1.0, September 2009 3. Complete the fields and select the checkbox as explaine d in Ta b l e 4 - 1 4 . 4. Click Apply to save your settings. Configuring FTP Scans Some malware threats are specifically developed to spread t[...]

  • Seite 138

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-42 Content Filtering and Optimizin g Scans v1.0, September 2009 2. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in Ta b l e 4 - 1 5 . Figure 4-19 T able 4-15. FTP Scan Settings Setting Description Acti[...]

  • Seite 139

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-43 v1.0, September 2009 3. Click Apply to save your settings. Scan Exception From the pull-down menu, specify one of the followin g actions when a f ile or object exceeds the size that you specify in the file size field: • S[...]

  • Seite 140

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-44 Content Filtering and Optimizin g Scans v1.0, September 2009 Configuring Application Control The STM lets you control user access to W eb applica tions such as instant messaging, media, peer- to-peer services, and online tools. Blocking an application prohibit[...]

  • Seite 141

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-45 v1.0, September 2009 Figure 4-21 [Application Control, scr een 2 of 3] Figure 4-22 [Application Control, scr een 3 of 3][...]

  • Seite 142

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-46 Content Filtering and Optimizin g Scans v1.0, September 2009 5. After you have configured each section, first click Apply to save the settings before you continue with the next section. Y ou must sa ve the configuration changes for each section individuall y .[...]

  • Seite 143

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-47 v1.0, September 2009 Setting Scanning Exclusions T o save resources, you can configur e scanning exclusions for IP addresses and ports that you know are secure. For example, if your network includes a W eb server that hosts[...]

  • Seite 144

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-48 Content Filtering and Optimizin g Scans v1.0, September 2009 3. In the Add column, click the add table button to add the exclus ion rule to the Scanning Exclusions table. The new exclusion rule is enabled by default. T o disable a rule, select the checkbox in [...]

  • Seite 145

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-49 v1.0, September 2009 2. Under the Exceptions table, click the add table button to specify an exception rule. The Add Exception screen displays. 3. Complete the fields and make your selections from the pull-down menus as exp[...]

  • Seite 146

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-50 Content Filtering and Optimizin g Scans v1.0, September 2009 Applies to (continued) All Users C li ck th e ap ply button to apply the exception to all users, both authenticated a nd unauthenticated. Authenticate d Click the apply button to apply the exception [...]

  • Seite 147

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-51 v1.0, September 2009 Applies to (continued) Group Membership by IP Do the following: 1. From the Name pull-down menu, select a grou p that is defined by its IP address. 2. Click the apply button to apply the excepti on to t[...]

  • Seite 148

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-52 Content Filtering and Optimizin g Scans v1.0, September 2009 4. Click Apply to save your settings. The new exception rule is added to the Exceptions table. T o return to the Exception screen without adding the rule, click Return . 5. Select the checkbox to the[...]

  • Seite 149

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Content Filtering and Optimi zing Scans 4-53 v1.0, September 2009 2. Click one of the fo llowi ng table buttons: • disable . Disables the rule or rules. The “!” stat us icon changes from a green circle to a grey circle, indicating that the rule is or ru les are [...]

  • Seite 150

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 4-54 Content Filtering and Optimizin g Scans v1.0, September 2009[...]

  • Seite 151

    5-1 v1.0, September 2009 Chapter 5 Managing Users, Group s, and Authentication This chapter describes how to manage users, grou ps, and authentication on the STM. This chapter contains the following sections: • “About Users, Groups, and Domai ns on this page. • “Configuring Groups” on page 5-2 . • “Configuring User Accounts” on page[...]

  • Seite 152

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-2 Managing Users, Groups, and Authen tication v1.0, September 2009 • Authenticated users . User who have a computer behind t he STM, who log in to the STM with a user name and password, and who are a ssigned an access policies that normally differs from the STM[...]

  • Seite 153

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-3 v1.0, September 2009 Creating and Deleting Group s by Name T o create a local group by name: 1. Select User Management > Groups from the menu. The Groups screen displays ( Figure 5-1 contains one example). The List of[...]

  • Seite 154

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-4 Managing Users, Groups, and Authen tication v1.0, September 2009 3. Click the add table button. The new group is added to the List of Groups table. T o delete a group from the List of Groups table, click th e delete table button in the Action column for the gro[...]

  • Seite 155

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-5 v1.0, September 2009 4. Click Apply to save your c hanges. Creating and Deleting Group s by IP Address and Subnet T o create a group by IP address and subnet: 1. Select User Management > IP Subnet/Groups from the menu[...]

  • Seite 156

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-6 Managing Users, Groups, and Authen tication v1.0, September 2009 2. In the Add New IP Subnets/Groups section of th e screen, complete the fields as explained in Ta b l e 5 - 3 . 3. Click the add table button. The new group is added to the Groups Membership by I[...]

  • Seite 157

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-7 v1.0, September 2009 The List of Users table displays the users with the following fields: • Enable . The check box allows you to enab le or disable the user . • Name . The name of the user . • Group . The gr oup t[...]

  • Seite 158

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-8 Managing Users, Groups, and Authen tication v1.0, September 2009 3. Click the add table button. The new user is added to the List of Users table. T o delete a user from the List of Users table, click the de lete table button in the Action column for the user th[...]

  • Seite 159

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-9 v1.0, September 2009 Configuring Authentication The login screen and authentication on the STM de pends on the user type and the authentication method: • Administrative users . Users wi th administrative and guest priv[...]

  • Seite 160

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-10 Managing Users, Groups, and Au thentication v1.0, September 2009 After a user has logged in through the User Portal Login screen, th e Authentication screen displays. The Authentication screen shows the IP address w ith which the user has logged in and lets a [...]

  • Seite 161

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-11 v1.0, September 2009 b. Log in again. c. On the Authentication screen (see Figure 5 -8 on page 5-10 ), click the logout link. In addition to authentication through the STM’ s local user database, the STM supports the [...]

  • Seite 162

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-12 Managing Users, Groups, and Au thentication v1.0, September 2009 RADIUS support two types of protocols: – PA P . Password Authentication Protocol (P AP) is a simple protocol in which the client sends a password in clear text. – CHAP . Challenge Ha ndshake [...]

  • Seite 163

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-13 v1.0, September 2009 If the size limit is exceeded so that “dc=co mpanyname,dc= com” misses some entries during the lookup process, a user can still be properly auth enticated. However , to prevent the size limit fr[...]

  • Seite 164

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-14 Managing Users, Groups, and Au thentication v1.0, September 2009 4. T o verify Jamie Hanson’ s user logon name, c lick the Account tab. The account properties for Jamie Hanson display . 5. Log in to the STM. 6. Select User Management > Authentications fro[...]

  • Seite 165

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-15 v1.0, September 2009 • The full name, Jamie Hanson ( Figure 5-12 show s only the Bind DN field). • The W indow s account name in e-ma il format such as jhanson@tes t AD.com ( Figu re 5-13 shows only the Bind DN fiel[...]

  • Seite 166

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-16 Managing Users, Groups, and Au thentication v1.0, September 2009 9. Click T est to verify that the LDAP server can actually function with th e bind DN that you hav e modified. The automated test procedure checks the connection to the LD AP server; the bind DN,[...]

  • Seite 167

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-17 v1.0, September 2009 The List of LDAP table di sp lays the following fields: • Domain Name . The name of the STM’ s domain to which the server has been assigned. • Server . The IP address of the LDAP or Active Dir[...]

  • Seite 168

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-18 Managing Users, Groups, and Au thentication v1.0, September 2009 3. Click T est to verify that the LDAP server can actu ally function with th e LDAP settings that you have specified. The automated test procedur e check s the con ne cti on to the LDAP server; t[...]

  • Seite 169

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-19 v1.0, September 2009 T o delete a domain and server from th e List of LDAP table, click the delete table button in the Action column for the domain and se rver that you want to delete. Editing LDAP and Acti ve Directory[...]

  • Seite 170

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-20 Managing Users, Groups, and Au thentication v1.0, September 2009 The List of RADIUS table displays the following fields: • Domain Name . The name of the STM’ s domain to which the server has been assigned. • Server . The IP address of the RADIUS server .[...]

  • Seite 171

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-21 v1.0, September 2009 4. Click T est to verify that the RADIUS server can act ually function with the RADIUS settings that you have specified. The automated test procedure checks th e connection to the RAD IUS server; th[...]

  • Seite 172

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-22 Managing Users, Groups, and Au thentication v1.0, September 2009 Editing RADIUS Domains and Configuring VLANs T o edit a RADIUS domain: 1. Select User Management > Authentication from the me nu. The authen tication submenu tabs appear with the LDAP screen i[...]

  • Seite 173

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-23 v1.0, September 2009 4. Modify the fields and make your selections from the pull-do wn menu as explained in T able 5-6 on page 5-20 . 5. Click T est to verify that the RADIUS server can act ually function with the RADIU[...]

  • Seite 174

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-24 Managing Users, Groups, and Au thentication v1.0, September 2009 Global User Settings Y ou can globally set the user session settings fo r authenticated users. T hese settings include the session expiration period, the allowed s ession idle tim e, and the defa[...]

  • Seite 175

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Managing Users, Grou ps, and Authentication 5-25 v1.0, September 2009 3. Click Apply to save the session settings. 4. Locate the Users Portal Login Settings sectio n on screen, and specify the default domain settings: •F r o m t h e Default Domain pull-down menu, se[...]

  • Seite 176

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 5-26 Managing Users, Groups, and Au thentication v1.0, September 2009 T o view all or selected users: 1. On the Active Users screen (see Figure 5-18 on page 5-25 ), select one of the following radio buttons: • Vi e w A l l . This selection returns all active user[...]

  • Seite 177

    6-1 v1.0, September 2009 Chapter 6 Monitoring System Access and Performance This chapter describes the system monitoring feat ures of the STM. Y ou can be alerted to importa nt events such as attacks and login failures. Y ou can al so view the system status and real-time traf fic and security information. In addition, the diagnostics utilities are [...]

  • Seite 178

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-2 Monitoring System Access and Performanc e v1.0, September 2009 Configuring the E-mail Notification Server If you have used the Setup W izard, you might have already configured the e-mail notification server; the E-mail Notification Server scr een allows you to [...]

  • Seite 179

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-3 v1.0, September 2009 3. Click Apply to save your settings. Configuring and Activating S ystem, E-mail, and Syslog Logs Y ou can configure the STM to log system events such as a change of time by an NTP server , secure login[...]

  • Seite 180

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-4 Monitoring System Access and Performanc e v1.0, September 2009 3. Select the Enable checkbox to enable the STM to send logs to an e-mail address. 4. Complete the fields, select the radio button and checkboxes, and make your selections from the pull-down men us [...]

  • Seite 181

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-5 v1.0, September 2009 5. Click Apply to save your settings. Sending Log to a Syslog Se rvers T o enable and configure logs to be sent to a syslog server: 1. Select Monitoring > Logs & Reports from the menu. The Logs &[...]

  • Seite 182

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-6 Monitoring System Access and Performanc e v1.0, September 2009 3. 4. Select the Enable checkbox to enable the STM to send logs to a syslog server . 5. Complete the fields, select the checkboxes, and make your selections from the pull-down menus as explained in [...]

  • Seite 183

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-7 v1.0, September 2009 6. Click Apply to save your settings. Clearing Logs 1. Select Monitoring > Logs & Reports from the menu. The Logs & Reports submenu tabs appear , with the Email and Syslog screen in view (see[...]

  • Seite 184

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-8 Monitoring System Access and Performanc e v1.0, September 2009 2. Locate the Clear the Following Log In formation sectio n at the bottom of the screen. 3. Select the checkboxes to speci fy which logs are cleared: • System . The system event logs are cleared. [...]

  • Seite 185

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-9 v1.0, September 2009 T o configure and activate the e-mail alerts: 1. Select Monitoring > Logs & Reports from the menu. The Logs & Reports submenu tabs appear , with the Email and Syslog screen in view . 2. Click[...]

  • Seite 186

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-10 Monitoring System Access and Performanc e v1.0, September 2009 4. Click Apply to save your settings. Enable Malware Alerts Select this checkbox to enable malware alerts, and configure the Subje c t an d Message fields. Subject Enter the subject line for the e-[...]

  • Seite 187

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-11 v1.0, September 2009 Monitoring Real-T ime T raffic, Security , S tatistics, and W eb Usage Y ou can monitor the real-time traffic, security events, and s tatistics from the Da shboard screen. The W eb Usage screen display[...]

  • Seite 188

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-12 Monitoring System Access and Performanc e v1.0, September 2009 T able 6-5 on page 6-13 explains the fields of the S tatus, T otal Threats, Threats (Last 7 Days) sections of the Dashboard screen. Figure 6-6 [Dashboa rd, screen 1 of 3][...]

  • Seite 189

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-13 v1.0, September 2009 T able 6-5. Dashboard: S tatu s, T otal Threats, a nd Threat s (Last 7 Days) formation Item Description Stat us System The current CPU, memory, and hard disk usage. When usage is within safe limits, th[...]

  • Seite 190

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-14 Monitoring System Access and Performanc e v1.0, September 2009 Threats (Last 7 Days) This is a graphic that shows the relative numb er of th reats and access violations over the last week, using different colors for the various applications: Note : IMBlock sta[...]

  • Seite 191

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-15 v1.0, September 2009 Ta b l e 6 - 6 explains the fields of the T otal Scanned Services Traf fic, Most Recent 5 and T op 5 sections of the Dashboard screen. T able 6-6. Dashboard: T ot al Scanned Services T raffic and Most [...]

  • Seite 192

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-16 Monitoring System Access and Performanc e v1.0, September 2009 T able 6-7 on page 6-17 explains the fields of the Service Statistics and Interface Statistics sections of the Dashboard screen. Figure 6-8 [Dashboa rd, screen 3 of 3] Note: Figure 6-8 shows the In[...]

  • Seite 193

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-17 v1.0, September 2009 T able 6-7. Dashboard: Service S tatistics an d Interface St atistics Informa tion Item Description Service S tatist ics For each of the six supported protocols (HTTP , HTTPS, FTP , SMTP , POP3, and IM[...]

  • Seite 194

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-18 Monitoring System Access and Performanc e v1.0, September 2009 Monitoring W eb Usage The W eb Usage screen shows you how the STM’ s W eb resources are being used. Y ou can see , for example, which host on the STM uses most resources. T o view the STM’ s W [...]

  • Seite 195

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-19 v1.0, September 2009 3. Use the From pull-down menu to select the start date of the W eb usage report (year , month, date) and the To pull-down menu to select the end date of the report (year , month, date). 4. Click Vi e [...]

  • Seite 196

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-20 Monitoring System Access and Performanc e v1.0, September 2009 T able 6-8 on page 6-21 explains the fields of the System Information, Management Interface Information, and Interfaces sections of the System Status screen. Figure 6-10[...]

  • Seite 197

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-21 v1.0, September 2009 T able 6-8. System St atus Information Setting Description System Information Firmware Information The current version and most recent update (that is, the most recently downloaded ve rsion) for the so[...]

  • Seite 198

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-22 Monitoring System Access and Performanc e v1.0, September 2009 Querying Logs and Generating Report s The extensive logging and reporting functions of the STM let you perform the fo llowing tasks that help you to monitor the protection of th e network and the p[...]

  • Seite 199

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-23 v1.0, September 2009 Y ou can query and generate each type of log separately and filter the information based on a number of criteria. For example, you can filter the virus logs using the following criteria (other log type[...]

  • Seite 200

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-24 Monitoring System Access and Performanc e v1.0, September 2009 3. Select the checkboxes and radio buttons, make yo ur selections from the pull-down menus, and complete the fields as explained in T able 6-9 on page 6-25 . Figure 6-1 1[...]

  • Seite 201

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-25 v1.0, September 2009 T able 6-9. Log Query Settings Setting Description (or Subfie ld and Description) Log T ype Select one of the following log types from the pull-down menu: • Tr a f f i c . All scanned incoming and ou[...]

  • Seite 202

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-26 Monitoring System Access and Performanc e v1.0, September 2009 Search Criteria (continued) Client IP The cli ent IP address that is querie d. This field is available for the following logs : T raffic, Virus, S pyware, S pam, Content filters, and Application. S[...]

  • Seite 203

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-27 v1.0, September 2009 4. Click one of the fo llowi ng action buttons: • Search . Query the log according to the search crite ria that you specifie d and view the log through the W eb Management Interfac e, that is, on scr[...]

  • Seite 204

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-28 Monitoring System Access and Performanc e v1.0, September 2009 T o identify infected clients that are sending spywar e or a virus in outbound traffic, query the STM spyware and virus logs and see if any of your internal IP addresses are the source of spyware o[...]

  • Seite 205

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-29 v1.0, September 2009 – Number of malware incidents – Number of files blocked – Number of blackl ist violations (not appli cable to IMAP) – Number of e-mails captured by Distributed Spam Analysis (not applicable to [...]

  • Seite 206

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-30 Monitoring System Access and Performanc e v1.0, September 2009 – T op 10 blocked clients by coun t – For each applicatio n, the number of blocked requests, in a graphic The reports t hat you select ar e generated as MH TML files, which contain headers for [...]

  • Seite 207

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-31 v1.0, September 2009 4. Click Generate . After a few minutes, the report are added to the Report List, which can contain a maximum of five saved reports. (T o delete a a previously saved report, click its delete table butt[...]

  • Seite 208

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-32 Monitoring System Access and Performanc e v1.0, September 2009 3. Select the checkboxes and complete the fields as explained in Ta b l e 6 - 1 1 . Figure 6-13 T able 6-1 1. Schedule Report Settings Setting Description Report Settings Frequency Select one of th[...]

  • Seite 209

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-33 v1.0, September 2009 4. Click Apply to save your settings. V iewing and Managing the Quarantine Files Depending on the selections that you made in the Email Security and W eb Security main menus (see Chapter 4, “Content [...]

  • Seite 210

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-34 Monitoring System Access and Performanc e v1.0, September 2009 Y ou can query and view the spam quarantine file and the malware quarantin e file separately and filter the information based on a number of crite ria. Y ou can filter the spam quarantine file usin[...]

  • Seite 211

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-35 v1.0, September 2009 3. Select the checkboxes and radio buttons, make yo ur selections from the pull-down menus, and complete the fields as explained in Ta b l e 6 - 9 . Figure 6-14 T able 6-1 2. Quaran ti ne File Settings[...]

  • Seite 212

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-36 Monitoring System Access and Performanc e v1.0, September 2009 4. Click Sear ch . Depending on the selected quarantine f ile (spam or malware), the Quarantine screen displays the Quarantined Spam table or th e Quarantined Infected Files table, which are explai[...]

  • Seite 213

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-37 v1.0, September 2009 The Quarantined Spam table shows the following columns: • Checkbox . Lets you select the table entry . • Date . The date that the e-mail was received. • Pro tocol . The protocol (SMTP) in which t[...]

  • Seite 214

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-38 Monitoring System Access and Performanc e v1.0, September 2009 • Send as Ham . The selected spam e-mail files are not tagged a s spam for Distributed Spam Analysis, ar e dele ted from the quarantine file, and are sent to the intended recipients. • Delete .[...]

  • Seite 215

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-39 v1.0, September 2009 Figure 6-18 shows the Quarantined Infected Files table with da ta. After you have selected one or more table entri e s, take one of the followi ng actions (or click the Return hyperlink to return to th[...]

  • Seite 216

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-40 Monitoring System Access and Performanc e v1.0, September 2009 2. Select the start date and time from the Begin Date/T ime pull-down menus. 3. Specify the recipient’ s e-mail address in the Send to field. 4. Click Send Report . Using Diagnostics Utilities Th[...]

  • Seite 217

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-41 v1.0, September 2009 Using the Network Diagnostic T ools This section discusses the Ping or Trace an IP Address section and the Perform a DNS Lookup section of the Diagnostics screen. Sending a Ping Packet Use the Ping uti[...]

  • Seite 218

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-42 Monitoring System Access and Performanc e v1.0, September 2009 Looking up a DNS Address A DNS (Domain Name Server) conv erts the Internet name (for ex ample, www .netgear .com) to an IP address. If you need the IP address of a W eb, FTP , mail, or other server[...]

  • Seite 219

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-43 v1.0, September 2009 4. In Destination IP Address, enter the IP address of the destination of the traffic stream that you want to analyze. 5. Click St a r t . Y ou are prompted to save the download ed traffic information f[...]

  • Seite 220

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-44 Monitoring System Access and Performanc e v1.0, September 2009 Gathering Import ant Log Information T o gather log info rmation about your STM: 1. Locate the Gather Important Log Inform ation section on the Diagnostics screen. 2. Click Download Now . Y ou are [...]

  • Seite 221

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Monitoring System Access and Performance 6-45 v1.0, September 2009 T o shut down the STM: 1. Locate the Res tart & Shutdown s ection on the Diagnostics screen (this section is not sh own on any of the Diagnostics screen figures in this manual). 2. Click the Shutdo[...]

  • Seite 222

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 6-46 Monitoring System Access and Performanc e v1.0, September 2009[...]

  • Seite 223

    7-1 v1.0, September 2009 Chapter 7 T roubleshooting and Using Online Support This chapter provides troubleshooting tips and information for the STM. A fter each problem description, instructions are prov ided to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the STM on? Go to “Basic Fu[...]

  • Seite 224

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-2 Troubleshooting and Using Online Support v1.0, September 2009 Basic Functioning After you turn on power to the STM, the fo llowing sequence of events should occur: 1. When power is first applied, ve rify that the PWR LED is on. 2. After approximately two minute[...]

  • Seite 225

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Troubleshooting and Using Online Support 7-3 v1.0, September 2009 If all LEDs are still more than several minutes minute after power up: • T urn the power off, and then turn it on again to see if the STM recovers. • Clear the STM’ s configuration to factory defa[...]

  • Seite 226

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-4 Troubleshooting and Using Online Support v1.0, September 2009 • Make sure that you are using the SSL https: //addr ess login rather than the http://addr ess login. • Make sure that your browser has Java, JavaS cript, or ActiveX enabled. If you are using Int[...]

  • Seite 227

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Troubleshooting and Using Online Support 7-5 v1.0, September 2009 T roubleshooting a TCP/IP Ne twork Using a Ping Utility Most TCP/IP terminal devices and firewalls contain a ping utility th at sends an echo request packet to the designated device. The device then res[...]

  • Seite 228

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-6 Troubleshooting and Using Online Support v1.0, September 2009 T esting the Path from Y our PC to a Remote Device After verifying that the LAN path works correctly , test the path from your PC to a remote device. From the W indows run menu, type: PING -n 10 <[...]

  • Seite 229

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Troubleshooting and Using Online Support 7-7 v1.0, September 2009 The STM restarts. During the reboot process, the Backup & Restore Se ttings screen remains visible. The reboot process is complete after several minutes when the T est LED (STM150) or St atus LED (S[...]

  • Seite 230

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-8 Troubleshooting and Using Online Support v1.0, September 2009 Using Online Support The STM includes online support tools that a llow NETGE A R T echnical Support to securely perform diagnostics of the STM, and that lets you submit suspic ious files for analysis[...]

  • Seite 231

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Troubleshooting and Using Online Support 7-9 v1.0, September 2009 Inst alling Hot Fixes NETGEAR might release hot fixes or patches if certain problems are found in any software release. When a hot fix is available, install it immediately to ensure op timum pe rformanc[...]

  • Seite 232

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-10 Troubleshooting and Using Online Support v1.0, September 2009 6. Navigate to the location on your computer where you have saved the hot fix file, and then select it. 7. Click Open. The hot fix file now appears in the Import from File field. 8. Click Apply to i[...]

  • Seite 233

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Troubleshooting and Using Online Support 7-11 v1.0, September 2009 3. Click Submit . Accessing the Knowledge Base and Document ation T o access NETGEAR’ s Knowledge Base for the STM, select Support > Knowledge Base from the menu. T o access NETGEAR’ s documenta[...]

  • Seite 234

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual 7-12 Troubleshooting and Using Online Support v1.0, September 2009[...]

  • Seite 235

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Default Settings and Technical Specifications A-1 v1.0, September 2009 Appendix A Default Settings and T echnical Specifications T o return the STM returns to the default fact ory configuration settings that are shown in Ta b l e A - 1 , click the default button on th[...]

  • Seite 236

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual A-2 Default Settings and Technical Specifications v1.0, September 2009 Ta b l e A - 2 shows the STM specifications. LAN Connecti ons MAC Address Default address MTU Size 1500 Ports STM150: 5 AutoSense 10/100/1000BASE-T , RJ-45 STM300: 3 AutoSense 10/100/1000BASE-T [...]

  • Seite 237

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Default Settings and Technical Specifications A-3 v1.0, September 2009 Electromagnetic Emissions Meets requirements of FCC Part 1 5 Class A VCCI Class A CE mark, commercial Safety Meets requirements of UL listed C-T ick T able A-2. STM Specifications (continued) Featu[...]

  • Seite 238

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual A-4 Default Settings and Technical Specifications v1.0, September 2009[...]

  • Seite 239

    ProSecure Web/Email Secur ity Threat Management (STM) Appliance Reference Manu al Related Documents B-1 v1.0, September 2009 Appendix B Related Document s This appendix provides links to reference documents yo u c an use to gain a more complete understanding of the technolog ies used in your NETGEAR product. Document Li nk TCP/IP Networking Basics [...]

  • Seite 240

    ProSecure Web/Email Secu rity Threat Man agement (ST M) Applianc e Reference M anual B-2 Related Documents v1.0, September 2009[...]

  • Seite 241

    Index-1 v2.0, February 2007 Index Numerics 10BaseT , 100BaseT , and 1000BaseT 3-4 A AC input STM150 1-14 STM300 1-15 STM600 1-15 access preventing inherited privileges 5-1 1 read/write and read-only 3-9 remote management 3-1 1 action buttons (W eb Management Interface) 2-8 activating, ser vice licenses 1-6 , 2-28 Active Directory (AD) domains 5-16 [...]

  • Seite 242

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-2 v2.0, Februar y 2007 keywords, e-mails 4-1 1 , 4-13 sites, reducing traffic 3-32 URLs 4- 34 We b access exceptions 4-49 categories 2-25 , 4-26 , 4-30 objects 4-26 , 4-30 bottom panel and label STM150 1-16 STM300 1-16 STM600 1-17 browsers, for W eb Management Interface 2- 5 bundle key , for r[...]

  • Seite 243

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-3 v2.0, February 2007 D date settings 2-13 , 3-23 , 3-24 troubleshooting 7-7 daylight savings time 2-13 , 3-24 debug logs 6-43 dedicated management VLAN port 1-6 defaults configuration restoring 7-6 settings A-1 content filtering settings 4-2 domains, for authent ica ti on 5-25 factory default[...]

  • Seite 244

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-4 v2.0, Februar y 2007 exclusions, scanning 4-47 executable files e-mail filtering 4- 14 FTP filtering 4-43 We b f i l t e r i n g 4-30 F facilities, syslog server 6-7 factory defaults login 1-15 service license s, automatic retrieval 2-30 settings, reverting to 3-18 failure bypass 1-6 feature[...]

  • Seite 245

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-5 v2.0, February 2007 hot fixes 7-9 HTML, scanning 4-25 HTTP action, infected W e b file or object 2-18 , 4-25 concurrently scanned connections 1-5 default port 2-17 , 4-23 enabling scanning 2-17 , 4-23 logging, traffic 4-30 proxy settings configuring manually 3-8 using the Setup W izard 2-23 [...]

  • Seite 246

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-6 v2.0, Februar y 2007 troubleshooting 7-2 , 7-3 ports STM150 1-8 STM300 1-10 STM600 1-12 LDAP binding a dn 5-12 configuring a dn 5-17 domains 5-16 overview 5-1 1 settings 5-17 users and groups 4-51 LEDs Hard drive (HDD) STM150, not applicable STM300 1-1 1 STM600 1-13 LAN STM150 1-9 STM300 1-1[...]

  • Seite 247

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-7 v2.0, February 2007 digital certific ates 3-25 performance 3-31 Management Information Base. See MIB. management ports STM150, not applicable STM300 1-10 STM600 1-12 maximum transmiss ion unit. See MTU (settings). media applications configuring 4-46 defaults 4-2 status 6-13 memory usage 6-13[...]

  • Seite 248

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-8 v2.0, Februar y 2007 placement, locati on 1-17 polling interval 6-1 1 POP3 action, infected e-mails 2-15 , 4-7 default port 2-15 , 4-5 Distributed Spam Analysis 4-20 enabling scanning 2-15 , 4-5 file extension blocking 4-14 file name blocking 4-14 keyword blocking 4-13 password-protected att[...]

  • Seite 249

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-9 v2.0, February 2007 real-time protection, capab ilities 1-4 traffic, diagnostics 6-42 real-time black list (RBL ), e-mails 4-17 real-time clock . See RT C . rear panel STM150 1-14 STM300 1-15 STM600 1-15 rebooting 6-44 reducing traffic 3-32 reference documents B-1 registering with NETGEAR 2-[...]

  • Seite 250

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-10 v2.0, Februar y 2007 shutting down 6-44 signatures, pattern file 2-22 Simple Mail T ransfer Protocol. See SMTP . Simple Network Management Protocol. See SNMP . size, exceptions e-mail attachm ent s 2-16 , 4-8 FTP files and objects 4-43 W eb files and objects 2- 19 , 4-25 size, quara ntine a[...]

  • Seite 251

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-11 v2.0, February 2007 rear panel 1-15 Stream Scanning technology overview 1-4 streaming, sca nned file parts 2-18 , 4-25 submenu tabs (W eb Ma nagement Interface) 2-8 subnet mask, STM 2-12 , 3-4 support, online 7-8 suspicious files 7-10 switch, power STM150 1-14 STM300 1-15 STM600 1-15 syslog[...]

  • Seite 252

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-12 v2.0, Februar y 2007 update failure alert 6-8 , 6-9 update servers 2-22 , 3-21 update settings backing up 3-16 security subscriptions configuring manually 3-19 using the Setup W izard 2-21 updates critical 3-22 product xiv scheduling 2-22 , 3-19 updating software automatic ally 3-21 manuall[...]

  • Seite 253

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-13 v2.0, February 2007 reports 6-29 , 6-33 scan throughput 1-5 security settings, using the Setup W i zard 2-17 statistics 6-13 usage monitoring 6-18 reports 6-19 W eb Management Interface 2-8 browsers, qualified 2-5 layout 2-8 settings 2-1 1 status 6-21 troubleshooting 7-3 whitelist e-mails 4[...]

  • Seite 254

    FVX338 ProSafe VPN Firewall 200 Reference Ma nual Index-14 v2.0, Februar y 2007[...]