Netgear STM300 STM 150-300-600 Reference Manual (PDF) - Page 6

6

|

Contents

ProSecure Web/Email Security Threat Management (STM) Appliance

Configuring Web Content Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Configuring Web URL Filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116

HTTPS Scan Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Specifying Trusted Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124

Configuring FTP Scans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125

Configuring Application Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Setting Scanning Exclusions and Web Access Exceptions . . . . . . . . . . . 130

Setting Scanning Exclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Setting Access Exception Rules for Web Access. . . . . . . . . . . . . . . . .132

Creating Custom Groups for Web Access Exceptions. . . . . . . . . . . . .139

Creating Custom Categories for Web Access Exceptions . . . . . . . . . . 142

Chapter 5

Managing Users, Groups, and Authentication

About Users, Groups, and Domains. . . . . . . . . . . . . . . . . . . . . . . . . . . . .147

Configuring Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .148

Creating and Deleting Groups by Name. . . . . . . . . . . . . . . . . . . . . . . .149

Editing Groups by Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150

Creating and Deleting Groups by IP Address and Subnet . . . . . . . . . . 151

Configuring User Accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .152

Creating and Deleting User Accounts . . . . . . . . . . . . . . . . . . . . . . . . .153

Editing User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154

Configuring Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Understanding the STM’s Authentication Options . . . . . . . . . . . . . . . .155

Understanding Active Directories and LDAP Configurations . . . . . . . .157

Creating and Deleting LDAP and Active Directory Domains . . . . . . . .161

Editing LDAP and Active Directory Domains . . . . . . . . . . . . . . . . . . . .164

Understanding the ProSecure DC Agent . . . . . . . . . . . . . . . . . . . . . . .164

Requirements for the ProSecure DC Agent Software and

DC Agent Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165

Downloading ProSecure DC Agent Software, and Creating

and Deleting DC Agents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165

Creating and Deleting RADIUS Domains. . . . . . . . . . . . . . . . . . . . . . .167

Editing RADIUS Domains and Configuring VLANs . . . . . . . . . . . . . . .169

Global User Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

Viewing and Logging Out Active Users . . . . . . . . . . . . . . . . . . . . . . . . . .172

Chapter 6

Monitoring System Access and Performance

Configuring Logging, Alerts, and Event Notifications . . . . . . . . . . . . . . . . 175

Configuring the Email Notification Server. . . . . . . . . . . . . . . . . . . . . . .176

Configuring and Activating System, Email, and Syslog Logs. . . . . . . .177

Configuring Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Monitoring Real-Time Traffic, Security, Statistics, and Web Usage. . . . .184

Understanding the Information on the Dashboard Screen . . . . . . . . . . 184

Monitoring Web Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

Viewing System Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192

Querying Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194

Example: Using Logs to Identify Infected Clients . . . . . . . . . . . . . . . . . 199

Section	Page
ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600	1
Contents	4
1. Introduction	8
What Is the ProSecure Web/Email Security Threat Management Appliance STM150, STM300, or STM600?	8
What Can You Do with an STM?	9
Key Features and Capabilities	9
Stream Scanning for Content Filtering	10
Autosensing Ethernet Connections with Auto Uplink	11
Easy Installation and Management	11
Maintenance and Support	12
STM Model Comparison	12
Service Registration Card with License Keys	12
Package Contents	13
Hardware Features	14
Front Panel Ports and LEDs	14
Rear Panel Features	20
Bottom Panel with Product Label	22
Choosing a Location for the STM	23
Using the Rack-Mounting Kit	24
2. Using the Setup Wizard to Provision the STM in Your Network	25
Choosing a Deployment Scenario	25
Gateway Deployment	25
Server Group	26
Segmented LAN Deployment	27
Understanding the Steps for Initial Connection	27
Qualified Web Browsers	28
Logging In to the STM	28
Understanding the Web Management Interface Menu Layout	30
Using the Setup Wizard to Perform the Initial Configuration	32
Setup Wizard Step 1 of 10: Introduction	33
Setup Wizard Step 2 of 11: Networking Settings	33
Setup Wizard Step 3 of 11: Time Zone	35
Setup Wizard Step 4 of 11: Email Security	37
Setup Wizard Step 5 of 11: Web Security	39
Setup Wizard Step 6 of 11: Email Notification Server Settings	42
Setup Wizard Step 7 of 11: Update Settings	43
Setup Wizard Step 8 of 11: HTTP Proxy Settings	45
Setup Wizard Step 9 of 11: Web Categories	46
Setup Wizard Step 10 of 11: Configuration Summary	48
Setup Wizard Step 11 of 11: Restarting the System	49
Verifying Correct Installation	49
Testing Connectivity	49
Testing HTTP Scanning	49
Registering the STM with NETGEAR	50
What to Do Next	51
3. Performing Network and System Management	52
Configuring Network Settings	52
Configuring Session Limits and Timeouts	56
Configuring the Network Refresh and Permanent MAC Address Bindings	57
Managing Permanent MAC Address Bindings	59
Configuring the HTTP Proxy Settings	60
About Users with Administrative and Guest Privileges	61
Changing Administrative Passwords and Timeouts	62
Configuring Remote Management Access	64
Using an SNMP Manager	65
Supported MIB Browsers	67
Managing the Configuration File	67
Backing Up Settings	68
Restoring Settings	69
Reverting to Factory Default Settings	70
Updating the Software	71
Scheduling Updates	71
Performing a Manual Update	73
Critical Updates That Require a Restart	74
Configuring Date and Time Service	74
Managing Digital Certificates	76
Managing the Certificate for HTTPS Scans	78
Managing Trusted Certificates	79
Managing Untrusted Certificates	80
Managing the Quarantine Settings	81
Managing the STM’s Performance	82
4. Content Filtering and Optimizing Scans	84
About Content Filtering and Scans	84
Default Email and Web Scan Settings	85
Configuring Email Protection	87
Customizing Email Protocol Scan Settings	87
Customizing Email Anti-Virus Settings	88
Email Content Filtering	94
Protecting Against Email Spam	97
Configuring Web and Services Protection	105
Customizing Web Protocol Scan Settings	105
Configuring Web Malware Scans	107
Configuring Web Content Filtering	109
Configuring Web URL Filtering	116
HTTPS Scan Settings	119
Specifying Trusted Hosts	124
Configuring FTP Scans	125
Configuring Application Control	127
Setting Scanning Exclusions and Web Access Exceptions	130
Setting Scanning Exclusions	130
Setting Access Exception Rules for Web Access	132
Creating Custom Groups for Web Access Exceptions	139
Creating Custom Categories for Web Access Exceptions	142
5. Managing Users, Groups, and Authentication	147
About Users, Groups, and Domains	147
Configuring Groups	148
Creating and Deleting Groups by Name	149
Editing Groups by Name	150
Creating and Deleting Groups by IP Address and Subnet	151
Configuring User Accounts	152
Creating and Deleting User Accounts	153
Editing User Accounts	154
Configuring Authentication	154
Understanding the STM’s Authentication Options	155
Understanding Active Directories and LDAP Configurations	157
Creating and Deleting LDAP and Active Directory Domains	161
Editing LDAP and Active Directory Domains	164
Understanding the ProSecure DC Agent	164
Requirements for the ProSecure DC Agent Software and DC Agent Server	165
Downloading ProSecure DC Agent Software, and Creating and Deleting DC Agents	165
Creating and Deleting RADIUS Domains	167
Editing RADIUS Domains and Configuring VLANs	169
Global User Settings	170
Viewing and Logging Out Active Users	172
6. Monitoring System Access and Performance	175
Configuring Logging, Alerts, and Event Notifications	175
Configuring the Email Notification Server	176
Configuring and Activating System, Email, and Syslog Logs	177
Configuring Alerts	182
Monitoring Real-Time Traffic, Security, Statistics, and Web Usage	184
Understanding the Information on the Dashboard Screen	184
Monitoring Web Usage	190
Viewing System Status	192
Querying Logs	194
Example: Using Logs to Identify Infected Clients	199
Log Management	199
Viewing, Scheduling, and Generating Reports	200
Report Templates	200
Generating Reports for Downloading	202
Scheduling Automatic Generation and Emailing of Reports	203
Advanced Report Filtering Options	204
Viewing and Managing the Quarantine Files	208
Using Diagnostics Utilities	215
Using the Network Diagnostic Tools	216
Using the Realtime Traffic Diagnostics Tool	217
Gathering Important Log Information and Generating a Network Statistics Report	218
Restarting and Shutting Down the STM	219
7. Troubleshooting and Using Online Support	221
Basic Functioning	222
Power LED Not On	222
Test LED or Status LED Never Turns Off	222
LAN or WAN Port LEDs Not On	223
Troubleshooting the Web Management Interface	223
When You Enter a URL or IP Address a Time-Out Error Occurs	224
Troubleshooting a TCP/IP Network Using a Ping Utility	224
Testing the LAN Path to Your STM	225
Testing the Path from Your PC to a Remote Device	225
Restoring the Default Configuration and Password	226
Problems with Date and Time	227
Using Online Support	227
Enabling Remote Troubleshooting	227
Installing Hot Fixes	228
Sending Suspicious Files to NETGEAR for Analysis	229
Accessing the Knowledge Base and Documentation	230
A. Report Templates	231
B. Default Settings and Technical Specifications	243
C. Related Documents	246
D. Notification of Compliance	247

Netgear STM300 STM 150-300-600 Reference Manual (PDF) - Page 6

Managing Users, Groups, and Authentication, Monitoring System Access and Performance - ip address

Page 6 highlights