Netgear UTM25-100NAS Reference Manual
Netgear UTM25-100NAS - Prosecure Utm Appliance 25U No Sub Included Manual
 |
UPC - 606449061383
View all Netgear UTM25-100NAS manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear UTM25-100NAS manual content summary:
- Netgear UTM25-100NAS | Reference Manual - Page 1
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 202-10482-01 September 2009 v1.0 - Netgear UTM25-100NAS | Reference Manual - Page 2
installed and used in accordance with the instruction manual, may cause harmful interference to radio communications netgear.com/app/answers/detail/a_id/11621/sno/0. Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSecure Unified Threat Management Appliance UTM10 or UTM25 - Netgear UTM25-100NAS | Reference Manual - Page 3
radio interference in such residential areas. When used near a radio or TV receiver, it may become the cause of radio interference. Read instructions for correct handling. Additional Copyrights AES Copyright (c) 2001, Dr. Brian Gladman, [email protected], Worcester, UK. All rights reserved. TERMS - Netgear UTM25-100NAS | Reference Manual - Page 4
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - Netgear UTM25-100NAS | Reference Manual - Page 5
Model Number: Publication Date: Product Family: Product Name: Home or Business Product: Language: Publication Part Number: Publication Version Number UTM September 2009 UTM ProSecure Unified Threat Management Appliance UTM10 or UTM25 Business English 202-10482-01 1.0 v v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 6
vi v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 7
This Manual xviii Revision History ...xviii Chapter 1 Introduction What Is the ProSecure Unified Threat Management Appliance UTM10 or UTM25? .....1-1 Key Features and Capabilities 1-2 Dual WAN Ports for Increased Reliability or Outbound Load Balancing (UTM25 Only 1-3 Advanced VPN Support for - Netgear UTM25-100NAS | Reference Manual - Page 8
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual of 10: System Date and Time 2-14 Setup Wizard Step 4 of 10: Security Services 2-16 Setup Wizard Step 5 of 10: Email Security 2-18 Setup Wizard Step 6 with NETGEAR 2-27 What to Do Next ...2-29 Chapter 3 Manually Configuring - Netgear UTM25-100NAS | Reference Manual - Page 9
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Dynamic DNS 3-19 Configuring Advanced WAN Options Administrator Tips ...5-2 Using Rules to Block or Allow Specific Kinds of Traffic 5-3 Services-Based Rules 5-3 Order of Precedence for Rules 5-10 Setting LAN WAN Rules - Netgear UTM25-100NAS | Reference Manual - Page 10
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Adding Customized Services 5-30 Creating Quality of Service (QoS) Profiles 5-33 Creating Bandwidth Profiles 5-36 Setting a Schedule to Block or Allow Specific Traffic 5-39 Enabling Source MAC Filtering 5-40 Setting up IP/MAC - Netgear UTM25-100NAS | Reference Manual - Page 11
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Testing the Connections and Viewing Status Information 7-16 Testing the VPN Connection 7-16 NETGEAR VPN Client Status and Log Information 7-17 Viewing the UTM IPsec VPN Connection Status 7-19 Viewing the UTM IPsec VPN Log 7-20 - Netgear UTM25-100NAS | Reference Manual - Page 12
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Manually Configuring and Editing SSL Connections 8-17 Creating the Portal Layout 8-18 Configuring Domains, Groups, Scan Signatures and Scan Engine Firmware 10-21 Configuring Date and Time Service 10-24 xii v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 13
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Chapter 11 Monitoring System Access and Performance Report 11-47 Rebooting and Shutting Down the UTM 11-48 Chapter 12 Troubleshooting and Using Online Support Basic Functioning ...12-2 Power LED Not On 12-2 Test LED Never Turns - Netgear UTM25-100NAS | Reference Manual - Page 14
UTM25 Reference Manual Testing the LAN Path to Your UTM 12-7 Testing the Path from Your PC to a Remote Device 12-7 Restoring the Default Configuration and Password 12-8 Problems with Date and Time 12-9 Using Online Support 12-10 Enabling Remote Troubleshooting Reboot ...C-2 Service Logs ...C-3 - Netgear UTM25-100NAS | Reference Manual - Page 15
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual WAN Status ...C-5 Traffic Metering Logs C-9 Unicast Logs benefits of Two-Factor Authentication D-1 What is Two-Factor Authentication D-2 NETGEAR Two-Factor Authentication Solutions D-2 Appendix E Related Documents Index xv v1.0, - Netgear UTM25-100NAS | Reference Manual - Page 16
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual xvi v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 17
About This Manual The NETGEAR® ProSecure™ Unified Threat Management UTM10 or UTM25 Reference Manual describes how to install, configure, and troubleshoot a ProSecure Unified Threat Management Appliance UTM10 or UTM25. The information in this manual is intended for readers with intermediate computer - Netgear UTM25-100NAS | Reference Manual - Page 18
UTM10 or UTM25 Manual Publication Date September 2009 For more information about network, Internet, firewall, and VPN technologies, click the links to the NETGEAR Website in Appendix E, "Related Documents." Note: Product updates are available on the NETGEAR website at http://prosecure.netgear.com - Netgear UTM25-100NAS | Reference Manual - Page 19
This chapter contains the following sections: • "What Is the ProSecure Unified Threat Management Appliance UTM10 or UTM25?" on this page. • "Key Features and Capabilities" on page 1-2. • "Service Registration Card with License Keys" on page 1-8. • "Package Contents" on page 1-9. • "Hardware Features - Netgear UTM25-100NAS | Reference Manual - Page 20
sessions. • Advanced IPsec VPN and SSL VPN support with support for up to 10 (UTM10) or 25 (UTM25) site-to-site IPsec VPN tunnels and up to 5 (UTM10) or 13 (UTM25) dedicated SSL VPN tunnels. • Bundled with a 1-user license of the NETGEAR ProSafe VPN Client software (VPN01L). • Advanced stateful - Netgear UTM25-100NAS | Reference Manual - Page 21
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Dual WAN Ports for Increased Reliability or Outbound Load Balancing (UTM25 Only) The UTM25 with a 1-user license of the NETGEAR ProSafe VPN Client software (VPN01L). - Supports up to 10 (UTM10) or 25 (UTM25) site-to-site IPsec VPN - Netgear UTM25-100NAS | Reference Manual - Page 22
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual A Powerful, True Firewall Unlike simple Internet sharing NAT have the following capabilities: • DoS protection. Automatically detects and thwarts denial of service (DoS) attacks such as Ping of Death and SYN Flood. • Secure firewall - Netgear UTM25-100NAS | Reference Manual - Page 23
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Objectionable traffic protection. The UTM prevents objectionable content from reaching your computers. You can control access to the Internet content by screening for Web services, Web addresses, and keywords within Web addresses. - Netgear UTM25-100NAS | Reference Manual - Page 24
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Extensive Protocol Support The UTM supports Service (QoS). The UTM supports QoS, including traffic prioritization and traffic classification with Type Of Service (ToS) and Differentiated Services includes the NETGEAR IPSec VPN Wizard - Netgear UTM25-100NAS | Reference Manual - Page 25
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • SSL VPN Wizard. The UTM includes the NETGEAR SSL VPN LEDs provide an easy way to monitor its status and activity. Maintenance and Support NETGEAR offers the following features to help you maximize your use of the UTM: - Netgear UTM25-100NAS | Reference Manual - Page 26
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Service Registration Card with License Keys Be sure after you have entered the license keys to activate the UTM (see "Registering the UTM with NETGEAR" on page 2-27), the license keys are erased. The license keys and the different - Netgear UTM25-100NAS | Reference Manual - Page 27
kit (UTM25 only). • ProSecure Unified Threat Management UTM10 or UTM25 Installation Guide. • Resource CD, including: - Application Notes and other helpful information. - ProSafe VPN Client Software (VPN01L) • Service Registration Card with License Key(s). • Warranty and Support Information Card - Netgear UTM25-100NAS | Reference Manual - Page 28
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The front panel also contains three groups of Test LED Figure 1-2 Right LAN LEDs Active WAN Right WAN LEDs LEDs Note: Figure 1-2 shows the UTM25 with two WAN ports. The UTM10 has a single WAN port (the left WAN port that is - Netgear UTM25-100NAS | Reference Manual - Page 29
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 1-1. LED Descriptions (continued) Object Activity LAN Ports Left LED Right LED DMZ LED Off On (Green) Blink (Green) Off On (Amber) On (Green) Off - Netgear UTM25-100NAS | Reference Manual - Page 30
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Rear Panel The rear panel of the UTM includes a cable lock receptacle, a console port, a reset button, and an AC power connection. Security lock receptacle Figure 1-3 - Netgear UTM25-100NAS | Reference Manual - Page 31
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 1-4 shows the product label for the UTM10. Figure 1-4 Figure 1-5 shows the product label for the UTM25. Figure 1-5 Introduction v1.0, September 2009 1-13 - Netgear UTM25-100NAS | Reference Manual - Page 32
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Choosing a Location for the UTM install the appliance in a rack. (A mounting kit is provided in the product package for the UTM25). Attach the mounting brackets using the hardware that is supplied with the mounting kit. Figure 1-6 - Netgear UTM25-100NAS | Reference Manual - Page 33
your network according to the instructions in the installation guide. See the ProSecure Unified Threat Management UTM10 or UTM25 Installation Guide for complete steps. A PDF of the Installation Guide is on the NETGEAR website at http://prosecure.netgear.com or http://kb.netgear.com/app/home. 2. Log - Netgear UTM25-100NAS | Reference Manual - Page 34
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual choose a browser that supports JavaScript, Java, cookies the UTM via DHCP. For instructions on how to configure your NETGEAR Configuration Manager Login screen displays in the browser (see Figure 2-1 on page 2-3, which shows the UTM25 - Netgear UTM25-100NAS | Reference Manual - Page 35
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 2-1 Note: The first time that you can import the UTM's root certificate by clicking the hyperlink at the he bottom of the NETGEAR Configuration Manager Login screen. 3. In the User field, type admin. Use lower case letters. - Netgear UTM25-100NAS | Reference Manual - Page 36
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 5. Click Login. The Web Management Interface appears, displaying the System Status screen. (Figure 2-2 on page 2-4 shows the top part of the UTM25's screen. For information about this screen, see "Viewing System Status" on page 11- - Netgear UTM25-100NAS | Reference Manual - Page 37
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Understanding the Web Management Interface Menu Layout Figure 2-3 shows the menu at the top of the UTM25's Web Management Interface. The UTM10's Web Management Interface layout is identical with the exception that it shows only a - Netgear UTM25-100NAS | Reference Manual - Page 38
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The bottom of each screen provides action buttons. The nature of the screen determines which action buttons are shown. Figure 2-4 shows an example. Figure 2-4 Any - Netgear UTM25-100NAS | Reference Manual - Page 39
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Almost all screens and sections of screens have Chapter 3, "Manually Configuring Internet and WAN Settings." To start the Setup Wizard: 1. Select Wizards from the main navigation menu. The "Welcome to the Netgear Configuration Wizard - Netgear UTM25-100NAS | Reference Manual - Page 40
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard Step 1 of 10: LAN Settings Figure 2-7 Enter the settings as explained in Table 2-1 on page 2-9, then click Next to go the following screen. - Netgear UTM25-100NAS | Reference Manual - Page 41
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-1. Setup Wizard Step 1: LAN Settings on your network is the DHCP server for the default VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio button - Netgear UTM25-100NAS | Reference Manual - Page 42
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-1. Setup Wizard Step 1: LAN Settings • dc (for domain) For example, to search the Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net port The port number for the LDAP server. - Netgear UTM25-100NAS | Reference Manual - Page 43
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-1. Setup Wizard Step 1: LAN Settings ( by default. Note: When you deselect the Enable DNS Proxy radio button, the UTM still services DNS requests that are sent to its LAN IP address unless you disable DNS Proxy in the - Netgear UTM25-100NAS | Reference Manual - Page 44
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: Click the Auto Detect action button at the bottom of the menu. The auto-detect process probes the WAN port for a range of connection methods and suggests one that your ISP is most likely to support. Note: After you have - Netgear UTM25-100NAS | Reference Manual - Page 45
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-2. Setup Wizard Step 2: WAN Settings (continued) Setting Description (or Subfield and Description) Austria (PPTP) (continued) Other (PPPoE) Idle Timeout Select the Keep Connected radio - Netgear UTM25-100NAS | Reference Manual - Page 46
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-2. Setup Wizard Step 2: WAN Settings (continued) For more information about these settings, see "Configuring Date and Time Service" on page 10-24. 2-14 Using the Setup Wizard to Provision the UTM in Your Network - Netgear UTM25-100NAS | Reference Manual - Page 47
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Adjust for If daylight savings time is supported in your region, select the Automatically Daylight or Server 2 field blank, both fields are set to the default Netgear NTP servers. Note: A list of public NTP servers is available - Netgear UTM25-100NAS | Reference Manual - Page 48
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard Step 4 of 10: Security Services Figure 2-10 Enter the settings as explained in Table 2-4 on page 2-17, then click Next to go the following screen. Note: After you have completed - Netgear UTM25-100NAS | Reference Manual - Page 49
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-4. Setup Wizard Step 4: Security Services Settings Setting Email HTTPS scanning, select the corresponding checkbox. You can change the standard service port (port 443) or add another port in the corresponding Ports to - Netgear UTM25-100NAS | Reference Manual - Page 50
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard Step 5 of 10: Email Security Figure 2-11 Enter the settings as explained in Table 2-5, then click Next to go the following screen. Note: - Netgear UTM25-100NAS | Reference Manual - Page 51
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-5. Setup Wizard Step 5: Email Security Settings (continued) Setting Description (or Subfield and Description) IMAP From the IMAP pull-down menu, specify one of the - Netgear UTM25-100NAS | Reference Manual - Page 52
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: After you have completed the steps in the Setup Wizard, you can make changes to the Web security settings by selecting Application Security > HTTP/ - Netgear UTM25-100NAS | Reference Manual - Page 53
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard Step 7 of 10: Web Categories to Be Blocked Figure 2-13 Using the Setup Wizard to Provision the UTM in Your Network v1.0, September 2009 2-21 - Netgear UTM25-100NAS | Reference Manual - Page 54
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Enter the settings as explained in Table 2-7, then click Next to go the following screen. Note: After you have completed the steps in the Setup - Netgear UTM25-100NAS | Reference Manual - Page 55
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard Step 8 of 10: Administrator Email descriptive name of the sender for e-mail identification purposes. For example, enter [email protected]. The IP address and port number or Internet name and port number of - Netgear UTM25-100NAS | Reference Manual - Page 56
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 2-8. Setup Wizard Step 8: Administrator Email Notification Settings (continued) Setting This server requires authentication Send notifications to Description (or Subfield and Description) If the SMTP - Netgear UTM25-100NAS | Reference Manual - Page 57
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: After you have completed the steps of the following radio buttons: • Default update server. Files are updated from the default NETGEAR update server. • Server address. Files are updated from the server that you specify: enter - Netgear UTM25-100NAS | Reference Manual - Page 58
UTM10 or UTM25 Reference Manual Setup Wizard Step 10 of 10: Saving the Configuration Figure 2-16 Click Apply to save your settings and automatically restart the system. Verifying Proper Installation Test the UTM before deploying it in a live production environment. The following instructions walk - Netgear UTM25-100NAS | Reference Manual - Page 59
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Verify that the UTM properly scans NETGEAR To receive threat management component updates and technical support, you must register your UTM with NETGEAR. The support registration key is provided with the product package (see "Service - Netgear UTM25-100NAS | Reference Manual - Page 60
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If your UTM is connected to the Internet, you can activate the service licenses: 1. Select Support the licenses and registers the unit with the NETGEAR registration server. 2-28 Using the Setup Wizard to Provision the UTM in - Netgear UTM25-100NAS | Reference Manual - Page 61
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: When you reset the UTM to the original factory default settings after you have entered the license keys to activate the UTM (see "Registering the UTM with NETGEAR scan the protocols and services that you specified and perform - Netgear UTM25-100NAS | Reference Manual - Page 62
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2-30 Using the Setup Wizard to Provision the UTM in Your Network v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 63
Chapter 3 Manually Configuring Internet and WAN Settings Note: The initial Internet configuration page. • "Configuring the Internet Connections" on page 3-2. • "Configuring the WAN Mode (Required for the UTM25's Dual WAN Mode)" on page 3-9. • "Configuring Secondary WAN Addresses" on page 3-17. • " - Netgear UTM25-100NAS | Reference Manual - Page 64
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Configure dynamic DNS on the WAN ports (optional). to the Internet: 1. Select Network Config > WAN Settings from the menu. On the UTM25, the WAN Settings tabs appear, with the WAN1 ISP Settings screen in view (see Figure - Netgear UTM25-100NAS | Reference Manual - Page 65
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 3-1 2. Click the Auto Detect action button at the bottom of the menu. The auto-detect process probes the WAN port for a range of connection methods and suggests one that your ISP is most likely to support. (Figure 3-2 shows - Netgear UTM25-100NAS | Reference Manual - Page 66
and "Troubleshooting the ISP Connection" on page 12-5. 3. To verify the connection, click the WAN Status option arrow at the top right of the screen. A popup window appears, displaying the connection status of the UTM25's WAN port 1. (The UTM10 has only a single WAN port.) Figure 3-3 3-4 Manually - Netgear UTM25-100NAS | Reference Manual - Page 67
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The WAN Status window should show a valid IP address and gateway. If the configuration was not successful, skip ahead to "Manually Configuring the Internet Connection" on this page , or see "Troubleshooting the ISP Connection" on - Netgear UTM25-100NAS | Reference Manual - Page 68
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To manually configure the WAN1 ISP (UTM25) or WAN ISP (UTM10) settings: 1. On the UTM25, select Network Configuration > WAN Settings > WAN1 ISP Settings. The WAN Settings tabs appear, with the WAN1 ISP Settings screen in view (see - Netgear UTM25-100NAS | Reference Manual - Page 69
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 5. If your connection is PPTP or PPPoE, your ISP requires an initial login. Enter the if your ISP charges you based on the period that you have logged in. Manually Configuring Internet and WAN Settings 3-7 v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 70
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 6. Configure the Internet (IP) Address settings as explained in Table 3-3. Click the Current IP Address link to see the currently assigned IP address. Figure 3-6 Table 3-3. - Netgear UTM25-100NAS | Reference Manual - Page 71
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 3-4. DNS Server Settings Setting Description (or Subfield and Description Failure Detection Method on the WAN Mode screen to support auto-rollover. Manually Configuring Internet and WAN Settings 3-9 v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 72
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Load Balancing Mode. The UTM distributes or classical routing, as explained in the following sections. Network Address Translation (UTM10 and UTM25) Network Address Translation (NAT) allows all PCs on your LAN to share a single - Netgear UTM25-100NAS | Reference Manual - Page 73
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If your ISP has allocated a number of static IP addresses to you, and you have assigned one of these addresses to each PC, you can - Netgear UTM25-100NAS | Reference Manual - Page 74
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure the dual-WAN ports for auto-rollover mode: 1. Select Network Config > WAN Settings from the menu, then click the WAN Mode tab. The - Netgear UTM25-100NAS | Reference Manual - Page 75
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 3-5. Auto-Rollover Mode Settings (UTM25 Only) (continued) Setting Description (or Subfield and Description) WAN Failure Detection Method Select one of the following detection failure methods: DNS lookup using DNS queries - Netgear UTM25-100NAS | Reference Manual - Page 76
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: The default time to roll over after the the low speed link. • Continuity of source IP address for secure connections. Some services, particularly HTTPS, cease to respond when a client's source IP address changes shortly - Netgear UTM25-100NAS | Reference Manual - Page 77
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 3-9 a. Figure 3-9 shows one example in the Protocol Binding table. Configure the protocol binding settings as explained in Table 3-6. Table 3-6. Protocol Binding Settings (UTM25 using the Services menu (see "Services-Based - Netgear UTM25-100NAS | Reference Manual - Page 78
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 3-6. Protocol Binding Settings (UTM25 Only) (continued) Setting Description (or Subfield and Description) Source Network (continued) Destination Network Group 1-Group 8 If this option is selected, the rule is applied to - Netgear UTM25-100NAS | Reference Manual - Page 79
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Secondary WAN Addresses A single WAN of the following inbound firewall rule screens: - Add LAN WAN Inbound Service screen - Add DMZ WAN Inbound Service screen • In the NAT IP pull-down menus of the following outbound - Netgear UTM25-100NAS | Reference Manual - Page 80
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the Secondary Addresses option arrow. On the UTM25, the WAN1 Secondary Addresses screen displays (see Figure 3-10, which shows the UTM25 screen with some examples in the List of Secondary WAN addresses table). On the UTM10, - Netgear UTM25-100NAS | Reference Manual - Page 81
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Dynamic DNS Dynamic DNS (DDNS) is an Internet service that and the address can change frequently-hence, the need for a commercial DDNS service, which allows you to register an extension to its domain, and restores DNS - Netgear UTM25-100NAS | Reference Manual - Page 82
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 3-11 The WAN Mode section on screen reports the currently configured WAN mode. (For the UTM25, for example, Single Port WAN1, Load Balancing, or Auto Rollover.) Only those options that match the configured WAN Mode are - Netgear UTM25-100NAS | Reference Manual - Page 83
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Click the Information option arrow in the upper right corner of a DNS screen for registration information. Figure 3-12: 5. Access the Web site of the DDNS service provider and register for an account (for example, for dyndns. - Netgear UTM25-100NAS | Reference Manual - Page 84
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Advanced WAN Options The advanced options include configuration of the maximum transmission unit (MTU) size, port speed, UTM's MAC address, and setting a rate-limit - Netgear UTM25-100NAS | Reference Manual - Page 85
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Enter the default information settings as provides the WAN connection. If you cannot establish an Internet connection, you might need to manually select the port speed. If you know the Ethernet port speed of the modem or - Netgear UTM25-100NAS | Reference Manual - Page 86
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 3-8. Advanced WAN Settings (continued) Setting Description (or Subfield and Description) Use this MAC Address Select the Use this MAC Address radio button to manually remote management, NETGEAR strongly recommend that - Netgear UTM25-100NAS | Reference Manual - Page 87
Chapter 4 LAN Configuration Note: The initial LAN configuration of the UTM's default VLAN 1 is described in Chapter 2, "Using the Setup Wizard to Provision the UTM in Your Network." This chapter describes how to configure the advanced LAN features of your UTM. This chapter contains the following - Netgear UTM25-100NAS | Reference Manual - Page 88
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual VLANs have a number of advantages: • can be used to restrict access to each VLAN. Managing the UTM's Port-Based VLANs The UTM supports port-based VLANs. Port-based VLANs help to confine broadcast traffic to the LAN ports. Even - Netgear UTM25-100NAS | Reference Manual - Page 89
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual When you create a VLAN profile, assign LAN ports to the VLAN, and enable the VLAN, the LAN ports that are member of the VLAN can - Netgear UTM25-100NAS | Reference Manual - Page 90
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual For each VLAN profile, the following fields are displayed in the VLAN Profiles table: • Checkbox. Allows you to select the VLAN profile in the table. • - Netgear UTM25-100NAS | Reference Manual - Page 91
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The UTM delivers the following settings to Agent makes it possible for DHCP broadcast messages to be sent over routers that do not support forwarding of these types of messages. The DHCP Relay Agent is therefore the routing protocol - Netgear UTM25-100NAS | Reference Manual - Page 92
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual LDAP Server A Lightweight Directory Access Protocol (LDAP) server allows a user to query and modify directory services that run over TCP/IP. For example, clients can query email addresses, contact information, and other service - Netgear UTM25-100NAS | Reference Manual - Page 93
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Either select an entry from the VLAN Profiles table by clicking the corresponding edit table button or add a new VLAN profile by clicking the add - Netgear UTM25-100NAS | Reference Manual - Page 94
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-1. VLAN Profile Settings Setting Description ( device on your network is the DHCP server for the VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio - Netgear UTM25-100NAS | Reference Manual - Page 95
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-1. VLAN Profile Settings (continued) Setting Description (or Subfield and Description) Enable DHCP Server Select the Enable DHCP Server radio button to enable the UTM - Netgear UTM25-100NAS | Reference Manual - Page 96
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual example, to search the Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net port The port the Enable DNS Proxy radio button, the UTM still services DNS requests that are sent to its LAN IP - Netgear UTM25-100NAS | Reference Manual - Page 97
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Multi-Home LAN IPs on the configured on the UTM. The following is an example of properly configured IP addresses on the UTM25: WAN1 IP address: 10.0.0.1 with subnet 255.0.0.0 WAN2 IP address: 20.0.0.1 with subnet 255 - Netgear UTM25-100NAS | Reference Manual - Page 98
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. In the Add Secondary LAN IPs section of cannot be configured in the DHCP server. The hosts on the secondary subnets must be manually configured with the IP addresses, gateway IP address and DNS server IP addresses. Managing Groups - Netgear UTM25-100NAS | Reference Manual - Page 99
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Some advantages of the Network Database are: • changing their IP address. Managing the Network Database You can view the Network Database, manually add or remove database entries, and edit database entries. To view the Network - Netgear UTM25-100NAS | Reference Manual - Page 100
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 4-5 The Known PCs and Devices table lists the PC or device. For computers that do not support the NetBIOS protocol, the name is displayed as "Unknown" (you can edit the entry manually to add a meaningful name). If the PC or - Netgear UTM25-100NAS | Reference Manual - Page 101
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Adding PCs or Devices to the Network Database To add PCs or devices manually to the Network Database: 1. In the Add Known PCs and Devices section of the LAN Groups screen (see Figure 4-5 on page 4-14), enter the settings - Netgear UTM25-100NAS | Reference Manual - Page 102
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Editing PCs or Devices in the Network Database To edit PCs or devices manually in the Network Database: 1. In the Known PCs and Devices table of the LAN Groups screen (see Figure 4-5 on page 4-14), click the edit table - Netgear UTM25-100NAS | Reference Manual - Page 103
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the Edit Group Names option arrow at the right of the LAN submenu tabs. The Network Database Group Names screen displays. (Figure 4-7 shows some - Netgear UTM25-100NAS | Reference Manual - Page 104
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To reserve an IP address, select Reserved UTM (the rightmost LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet without compromising security on your LAN. By default, the DMZ port and both - Netgear UTM25-100NAS | Reference Manual - Page 105
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To enable and configure the DMZ port: 1. Select Network Config > DMZ Setup from the menu. The DMZ Setup screen displays. Figure 4-8 2. Enter the settings as - Netgear UTM25-100NAS | Reference Manual - Page 106
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-3. DMZ Setup Settings Setting Description ( device on your network is the DHCP server for the VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio - Netgear UTM25-100NAS | Reference Manual - Page 107
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-3. DMZ Setup Settings (continued) dc (for domain) For example, to search the in Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net port The port number for the LDAP server. The - Netgear UTM25-100NAS | Reference Manual - Page 108
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-3. DMZ Setup Settings (continued for DNS address name resolution. This setting is enabled by default. Note: The UTM still services DNS requests sent to its LAN IP address unless you disable DNS Proxy in the firewall settings - Netgear UTM25-100NAS | Reference Manual - Page 109
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Static Routes To add a static route to the Static Route table: 1. Select Network Config > Routing from the menu. The Routing screen displays. Figure 4-9 2. Click - Netgear UTM25-100NAS | Reference Manual - Page 110
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Enter the settings as explained in Table 4-4. select the interface that is the physical network interface (WAN1, WAN2, LAN, or DMZ for the UTM25 or WAN, LAN, or DMZ for the UTM10) or virtual interface (VLAN profile) through which - Netgear UTM25-100NAS | Reference Manual - Page 111
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To enable and configure RIP: 1. Select Network Configuration > Routing from the menu. 2. Click the RIP Configuration option arrow at the right of the Routing submenu - Netgear UTM25-100NAS | Reference Manual - Page 112
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-5. RIP Configuration Settings routing that does not include subnet information. This is the most commonly supported version. • RIP-2. Routing that supports subnet information. Both RIP-2B and RIP-2M send the routing data - Netgear UTM25-100NAS | Reference Manual - Page 113
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 4-5. RIP Configuration Settings (continued) Setting Authentication for RIP-2B/2M required? (continued) Description (or Subfield and Description) Not Valid Before The beginning of the - Netgear UTM25-100NAS | Reference Manual - Page 114
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4-28 v1.0, September 2009 LAN Configuration - Netgear UTM25-100NAS | Reference Manual - Page 115
the following sections: • "About Firewall Protection" on this page. • "Using Rules to Block or Allow Specific Kinds of Traffic" on page 5-3. • "Creating Services, QoS Profiles, and Bandwidth Profiles" on page 5-30. • "Setting a Schedule to Block or Allow Specific Traffic" on page 5-39. • "Enabling - Netgear UTM25-100NAS | Reference Manual - Page 116
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Administrator Tips Consider the following operational and hosts (see "Managing Groups and Hosts (LAN Groups)" on page 4-12) - Services (see "Services-Based Rules" on page 5-3) - Schedules (see "Setting a Schedule to Block or Allow - Netgear UTM25-100NAS | Reference Manual - Page 117
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using Rules to Block or Allow Specific Number of Maximum Number of Outbound Rules Inbound Rules Supported Rules 300 300 600 50 50 100 50 50 100 400 400 800 Services-Based Rules The rules to block traffic are based on - Netgear UTM25-100NAS | Reference Manual - Page 118
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Quality of Service (QoS) priorities. Each service has its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change the QoS priority, which changes - Netgear UTM25-100NAS | Reference Manual - Page 119
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-2. Outbound Rules Overview Setting Service Action (Filter) Select Schedule LAN Users WAN Users DMZ Users Description (or Subfield and Description) The service or application to be covered by this rule. If the service or - Netgear UTM25-100NAS | Reference Manual - Page 120
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-2. Outbound Rules Overview (continued) Setting QoS Profile Bandwidth Profile Log NAT IP Description (or Subfield and Description) The priority assigned to IP packets of this service. The priorities are defined by "Type of - Netgear UTM25-100NAS | Reference Manual - Page 121
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Whether or not DHCP is enabled, how the PCs traffic that would otherwise be blocked by the firewall. Note: The UTM always blocks denial of service (DoS) attacks. A DoS attack does not attempt to steal data or damage your PCs, but - Netgear UTM25-100NAS | Reference Manual - Page 122
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Table 5-3. Inbound Rules Overview Setting Description (or Subfield and Description) Service The service or application to be covered by this rule. If the service or application does not appear in the list, you must define it - Netgear UTM25-100NAS | Reference Manual - Page 123
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-3. Inbound Rules Overview (continued) DMZ WAN rules. The priority assigned to IP packets of this service. The priorities are defined by "Type of Service (ToS) in the Internet Protocol Suite" standards, RFC 1349. The - Netgear UTM25-100NAS | Reference Manual - Page 124
UTM10 or UTM25 Reference Manual Note: Some residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP might periodically check for servers and might suspend your account if it discovers any active services at your - Netgear UTM25-100NAS | Reference Manual - Page 125
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual disposition of a packet. For example, you should place the most strict rules at the top (those with the most specific services or addresses). The up and down table buttons in the Action column allows you to relocate a defined rule - Netgear UTM25-100NAS | Reference Manual - Page 126
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To make changes to an existing outbound or inbound service rule: In the Action column to the right advanced administrators only! Incorrect configuration might cause serious problems. 5-12 v1.0, September 2009 Firewall Protection - Netgear UTM25-100NAS | Reference Manual - Page 127
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To create a new outbound LAN WAN service rule: 1. In the LAN WAN Rules screen, click the add table button under the Outbound Services table. The Add LAN WAN Outbound Service screen displays. Figure 5-3 2. Enter the settings as - Netgear UTM25-100NAS | Reference Manual - Page 128
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To create a new inbound LAN WAN service rule: 1. In the LAN WAN Rules screen, click the add table button under the Inbound Services table. The Add LAN WAN Inbound Service screen displays. Figure 5-4 2. Enter the settings as - Netgear UTM25-100NAS | Reference Manual - Page 129
Management UTM10 or UTM25 Reference Manual To access the DMZ WAN Rules screen: 1. Select Network Security > Firewall from the menu. The Firewall submenu tabs appear. 2. Click the DMZ WAN Rules submenu tab. The DMZ WAN Rules screen displays. (Figure 5-5 shows a rule in the Outbound Services table as - Netgear UTM25-100NAS | Reference Manual - Page 130
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click one of the following table buttons: • disable. outbound policy. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day. An outbound rule - Netgear UTM25-100NAS | Reference Manual - Page 131
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual DMZ WAN Inbound Services Rules The Inbound Services table lists all existing rules for inbound traffic. If you have not defined any rules, no rules are listed. By default, all inbound traffic (from - Netgear UTM25-100NAS | Reference Manual - Page 132
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setting LAN DMZ Rules The LAN DMZ tab. The LAN DMZ Rules screen displays. Figure 5-8 To make changes to an existing outbound or inbound service rule: In the Action column to the right of to the rule, click on of the following table - Netgear UTM25-100NAS | Reference Manual - Page 133
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • up. Moves the rule up one position in the default outbound policy. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day. An outbound rule may - Netgear UTM25-100NAS | Reference Manual - Page 134
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 5-2 on page 5-5. 3. Click Apply. The new rule is now added to the Outbound Services table. The rule is automatically enabled. LAN DMZ Inbound Services Rules The Inbound Services table - Netgear UTM25-100NAS | Reference Manual - Page 135
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the Attack Checks submenu tab. The Attack to protect the UTM from a SYN flood attack. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the - Netgear UTM25-100NAS | Reference Manual - Page 136
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-4. Attack Checks Settings ( default, the Block UDP flood checkbox is deselected. A UDP flood is a form of denial of service attack that can be initiated when one device sends a large number of UDP packets to random ports - Netgear UTM25-100NAS | Reference Manual - Page 137
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setting Session Limits Session limits allows you to specify the total number of sessions that are allowed, per user, over an IP connection across the - Netgear UTM25-100NAS | Reference Manual - Page 138
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-5. Session Limit Settings Setting Description use the Session Initiation Protocol (SIP) across the firewall and provides support for multiple SIP clients. ALG support for SIP is disabled by default. To enable ALG for SIP: - Netgear UTM25-100NAS | Reference Manual - Page 139
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 5-13 3. Select the Enable SIP checkbox. 4. Click Apply to save your settings. Inbound Rules Examples LAN WAN Inbound Rule: Hosting A Local Public Web Server - Netgear UTM25-100NAS | Reference Manual - Page 140
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual In this example, we will configure multi-NAT to support multiple public IP addresses on one WAN interface. By scheme is used to illustrate this procedure: • Netgear UTM: - WAN1 IP address (UTM25) or WAN IP address (UTM10): 10.1.0.118 - Netgear UTM25-100NAS | Reference Manual - Page 141
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Web server PC on the UTM's LAN - LAN IP address: 192.168 3. Click the add table button under the Inbound Services table. The Add LAN WAN Inbound Service screen displays. Figure 5-16 Firewall Protection v1.0, September 2009 5-27 - Netgear UTM25-100NAS | Reference Manual - Page 142
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. From the Service pull-down menu, select HTTP for protocols. 2. Place the rule below all other inbound rules. Warning: For security, NETGEAR strongly recommends that you avoid creating an exposed host. When a computer is designated - Netgear UTM25-100NAS | Reference Manual - Page 143
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 1. Select Any and Allow Always (or Allow by Schedule). 2. Place the rule below all other inbound rules. Figure 5-17 Outbound Rules Example Outbound rules let - Netgear UTM25-100NAS | Reference Manual - Page 144
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 5-18 Creating Services, QoS Profiles, and Bandwidth Profiles When you create inbound and outbound firewall rules, you use firewall objects such as services, QoS profiles, bandwidth profiles, and schedules to narrow down the - Netgear UTM25-100NAS | Reference Manual - Page 145
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other players' moves. When a computer on the Internet sends a request for service to a server computer, the - Netgear UTM25-100NAS | Reference Manual - Page 146
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. In the Add Customer Service section of the screen, enter the settings as explained in Table 5-6. Table 5-6. Services Settings Setting Name Type ICMP Type Start Port Finish Port Description (or Subfield and Description) A - Netgear UTM25-100NAS | Reference Manual - Page 147
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Modify the settings that you wish to change (see Table 5-6 on page 5-32). 3. Click Apply to save your changes. The modified service is displayed in the Custom Services table. Creating Quality of Service (QoS) Profiles A quality - Netgear UTM25-100NAS | Reference Manual - Page 148
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To create a QoS profile: 1. Select Network Security > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the QoS Profiles submenu tab. The QoS Profiles screen - Netgear UTM25-100NAS | Reference Manual - Page 149
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: This document assumes that you are ToS byte of an IP header. • DSCP. A method that sets the Differentiated Services Code Point (DSCP) in the Differentiated Services (DS) field (which is the same as the ToS byte) of an IP - Netgear UTM25-100NAS | Reference Manual - Page 150
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Click Apply to save your changes. > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the Bandwidth Profiles submenu tab. The Bandwidth Profiles screen displays - Netgear UTM25-100NAS | Reference Manual - Page 151
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 5-23 The screen displays the List of Bandwidth Profiles table with the user-defined profiles. 3. Under the List of Bandwidth Profiles table, click the - Netgear UTM25-100NAS | Reference Manual - Page 152
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-8. Bandwidth Profile Settings Setting Description (or Subfield and Description) Profile Name Minimum Bandwidth Maximum Bandwidth Type A descriptive name of the bandwidth profile for identification - Netgear UTM25-100NAS | Reference Manual - Page 153
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setting a Schedule to Block or Allow Specific Security > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the Schedule 1 submenu tab. The Schedule 1 screen displays. - Netgear UTM25-100NAS | Reference Manual - Page 154
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Specific Times. The schedule is active only Addresses table. Note: For additional ways of restricting outbound traffic, see "Outbound Rules (Service Blocking)" on page 5-4. To enable MAC filtering and add MAC addresses to be - Netgear UTM25-100NAS | Reference Manual - Page 155
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 5-26 2. In the MAC Filtering Enable section, select the Yes radio button. 3. In the same section, select one of the following options from the - Netgear UTM25-100NAS | Reference Manual - Page 156
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setting up IP/MAC Bindings IP/MAC Binding allows you to bind an IP address to a MAC address and vice-versa. Some PCs or devices - Netgear UTM25-100NAS | Reference Manual - Page 157
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 5-27 3. Enter the settings as explained in Table 5-9. Table 5-9. IP/MAC Binding Settings Setting Description (or Subfield and Description) Email IP/MAC Violations Do - Netgear UTM25-100NAS | Reference Manual - Page 158
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-9. IP/MAC Binding Settings (continued) Setting IP Address Log Dropped Packets Description (or Subfield and Description) The IP address of the PC or device - Netgear UTM25-100NAS | Reference Manual - Page 159
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note these restrictions on port triggering: • Only one PC can use a port triggering application at any time. • After a PC has finished using a port triggering application, - Netgear UTM25-100NAS | Reference Manual - Page 160
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-10. Port Triggering Settings Setting Description (or Subfield and Description) Name A descriptive name of the rule for identification and management purposes. Enable From the - Netgear UTM25-100NAS | Reference Manual - Page 161
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using the Intrusion Prevention System The Intrusion Prevention System (IPS) of the UTM monitors all network traffic to detect, in realtime, network attacks and port - Netgear UTM25-100NAS | Reference Manual - Page 162
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: Traffic that passes on the UTM's VLANs and on the secondary IP addresses that you have configured on the LAN Multi-homing screen (see " - Netgear UTM25-100NAS | Reference Manual - Page 163
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 5-31 Firewall Protection v1.0, September 2009 5-49 - Netgear UTM25-100NAS | Reference Manual - Page 164
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 5-11. IPS: Less Familiar Attack Names overflow attacks against specific Web services. These Web services include IMail Web Calendaring, ZixForum, ScozNet, ScozNews, and other services. Detect the behavior about visiting - Netgear UTM25-100NAS | Reference Manual - Page 165
access policies that are based on the time-of-day, Web addresses, and Web address keywords. You can also block Internet access by applications and services, such as instant messaging and peer to peer file sharing clients. Note: Traffic that passes on the UTM's VLANs and on the secondary IP addresses - Netgear UTM25-100NAS | Reference Manual - Page 166
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Default E-mail and Web Scan Settings For most network Skype Allowed Allowed Allowed Allowed Allowed Peer-to-Peer (P2P) Services BitTorrent eDonkey Gnutella Allowed Allowed Allowed Web Objects Embedded Objects (ActiveX - Netgear UTM25-100NAS | Reference Manual - Page 167
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-1. Default E-mail and Web Scan Settings (continued) Scan Type Default Scan Setting Default Action (if applicable) Drugs and Violence Education Gaming Inactive Sites Internet - Netgear UTM25-100NAS | Reference Manual - Page 168
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Customizing E-mail Protocol Scan Settings To configure the e-mail protocols and ports to scan: 1. Select Application Security > Services from the menu. The Services screen displays (Figure 6-1 shows the upper part of the Services - Netgear UTM25-100NAS | Reference Manual - Page 169
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Customizing E-mail Anti-Virus and Notification Settings Whether or not the UTM detects an e-mail virus, you can configure it to take a variety of actions ( - Netgear UTM25-100NAS | Reference Manual - Page 170
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 6-2. Table 6-2. E-mail Anti-Virus and Notification Settings Setting Description (or Subfield and Description) Action SMTP POP3 IMAP From - Netgear UTM25-100NAS | Reference Manual - Page 171
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-2. E-mail Anti-Virus and Notification Settings (continued) Setting Description (or Subfield and Description) Append Safe Stamp (SMTP and POP3) For SMTP and POP3 e-mail - Netgear UTM25-100NAS | Reference Manual - Page 172
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-2. E-mail Anti-Virus and Notification Settings (continued) Setting Subject Message Description (or Subfield and Description) The default subject line for the notification e-mail is " - Netgear UTM25-100NAS | Reference Manual - Page 173
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure e-mail content filtering: 1. Select Application Security > Email Filters from the menu. The Email Filters screen displays. Figure 6-3 Content Filtering and Optimizing Scans 6-9 v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 174
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 6-3. Table 6-3. E-mail Filter Settings Setting Description (or Subfield and Description) Filter by Subject Keywords Keywords Action Enter keywords - Netgear UTM25-100NAS | Reference Manual - Page 175
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-3. E-mail Filter Settings (continued) Setting Description (or Subfield and Description) Filter by File Type File Extension Action By default, the File Extension field lists - Netgear UTM25-100NAS | Reference Manual - Page 176
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Real-time blacklist. E-mails from known spam sources that are collected by blacklist providers are blocked. 4. Distributed Spam Analysis. E-mails that are detected as spam by the NETGEAR Spam Classification Center are either - Netgear UTM25-100NAS | Reference Manual - Page 177
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure the whitelist and blacklist: 1. Select Application Security > Anti-Spam from the menu. The Anti-Spam submenu tabs appear, with the Whitelist/Blacklist screen - Netgear UTM25-100NAS | Reference Manual - Page 178
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 6-3. Table 6-4. Whitelist/Blacklist Settings Setting Description (or Subfield and Description) Sender IP Address Whitelist Enter the source IP - Netgear UTM25-100NAS | Reference Manual - Page 179
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual blacklist providers and are made available to the public in the form of real-time blacklists (RBLs). By accessing these RBLs, the UTM can block - Netgear UTM25-100NAS | Reference Manual - Page 180
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the add table button in Note: Unlike other scans, you do not need to configure the spam score because the NETGEAR Spam Classification Center performs the scoring automatically as long as the UTM is connected to the - Netgear UTM25-100NAS | Reference Manual - Page 181
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 6-6 3. Enter the settings as explained in Table 6-5. Table 6-5. Distributed Spam Analysis Settings Setting Description (or Subfield and Description) Distributed Spam Analysis SMTP POP3 Select - Netgear UTM25-100NAS | Reference Manual - Page 182
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-5. Distributed Spam Analysis Settings ( Action SPAM to mail header pull-down menu (see above), select this checkbox to add the "X-NETGEAR-SPAM" tag to the e-mail header. The default setting is to add the default tag - Netgear UTM25-100NAS | Reference Manual - Page 183
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Web and Services Protection The UTM lets you configure the following settings to protect the network's Internet and Web services communication: • The Web protocols, instant messaging services, and peer-to-peer services - Netgear UTM25-100NAS | Reference Manual - Page 184
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 6-7 2. Enter the settings as explained in Table 6-5. Select the HTTP checkbox to enable Hypertext Transfer Protocol (HTTP) scanning. This service is enabled by default and uses default port 80. Select the HTTPS checkbox - Netgear UTM25-100NAS | Reference Manual - Page 185
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-6. Web Protocol, Instant Messaging, and Peer-to-Peer Settings (continued) Setting Description (or Subfield and Description) Note: If a protocol uses a port other than the standard service port (for example, port 80 for - Netgear UTM25-100NAS | Reference Manual - Page 186
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 6-8 2. Enter the settings as explained in Table 6-2. Table 6-7. Malware Scan Settings Setting Description (or Subfield and Description) Action HTTP and HTTPS Action From the - Netgear UTM25-100NAS | Reference Manual - Page 187
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-7. Malware Scan Settings (continued) detected malware threat is replaced with the following text, which you can customize: NETGEAR ProSecure UTM has detected and stopped malicious code embedded in this web site or web - Netgear UTM25-100NAS | Reference Manual - Page 188
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Several types of Web content a period (.) is specified as the keyword, all Internet browsing access is blocked. Note: Wildcards (*) are supported. For example, if "www.net*.com" is specified, any URL that begins with "www.net" is - Netgear UTM25-100NAS | Reference Manual - Page 189
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: You can bypass any type of The Content Filtering screen displays. Because of the large size of this screen, it is presented in this manual in three figures (Figure 6-9 on this page, Figure 6-10 on page 6-26, and Figure 6-11 - Netgear UTM25-100NAS | Reference Manual - Page 190
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 6-10 [Content Filtering, screen 2 of 3] 6-26 Content Filtering and Optimizing Scans v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 191
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 6-11 [Content Filtering, screen 3 of 3] 3. Enter the settings as explained in Table 6-8 on page 6-28. Content Filtering and Optimizing Scans v1.0, September 2009 6-27 - Netgear UTM25-100NAS | Reference Manual - Page 192
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-8. Content Filtering Settings Setting By default, the File Extension field lists the most common file extensions. You can manually add or delete extensions. Use commas to separate different extensions. You can enter - Netgear UTM25-100NAS | Reference Manual - Page 193
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-8. Content Filtering Settings (continued) Setting Description (or Subfield and Description) Select the Web Categories You Wish to Block Select the Enable Blocking checkbox to - Netgear UTM25-100NAS | Reference Manual - Page 194
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-8. Content Filtering Settings (continued) Setting Description (or Subfield and Description) Web Category Lookup URL Submit to NETGEAR Enter a URL to find out if it has been categorized, and if so, in which category. - Netgear UTM25-100NAS | Reference Manual - Page 195
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure Web URL filtering: 1. Select Application Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs appear, with the Malware Scan screen in - Netgear UTM25-100NAS | Reference Manual - Page 196
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual URLs on the whitelist are not scanned. Note: Wildcards (*) are supported. For example, if you enter "www.net*.com" in the URLs, click the export table button and follow the instructions of your browser. Type or copy a URL in the - Netgear UTM25-100NAS | Reference Manual - Page 197
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual URLs on the whitelist are not scanned. Note: Wildcards (*) are supported. For example, if you enter "www.net*.com" in the URLs, click the export table button and follow the instructions of your browser. Add URL Type or copy a URL - Netgear UTM25-100NAS | Reference Manual - Page 198
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual HTTPS Scan Settings HTTPS traffic is encrypted traffic that cannot be scanned otherwise the data stream would not be secure. However, the UTM can scan - Netgear UTM25-100NAS | Reference Manual - Page 199
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If one of these is not satisfied, a security alert message appears in the browser window (see Figure 6-14). Figure 6-14 However, even when a certificate is - Netgear UTM25-100NAS | Reference Manual - Page 200
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure the HTTPS scan settings: 1. Select Application Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs appear, with the Malware Scan screen - Netgear UTM25-100NAS | Reference Manual - Page 201
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-10. HTTPS Settings Setting port in the Ports to Scan field for the HTTPS service on the Services screen (see "Customizing Web Protocol Scan Settings and Services" on page 6-19). HTTPS 3rd Party Website Certificate - Netgear UTM25-100NAS | Reference Manual - Page 202
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To completely bypass the scanning of the https://example.com site, you must add all three hosts to the trusted hosts list because different files - Netgear UTM25-100NAS | Reference Manual - Page 203
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-11. Trusted Hosts Settings (continued) delete table button. export To export the hosts, click the export table button and follow the instructions of your browser. Add Host Type or copy a trusted host in the Add Host field - Netgear UTM25-100NAS | Reference Manual - Page 204
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To configure the FTP scan settings: 1. Select Application Security > FTP from the menu. The FTP screen displays. Figure 6-17 2. Enter the settings as explained in - Netgear UTM25-100NAS | Reference Manual - Page 205
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 6-12. FTP Scan Settings (continued) Setting By default, the File Extension field lists the most common file extensions. You can manually add or delete extensions. Use commas to separate different extensions. You can enter a - Netgear UTM25-100NAS | Reference Manual - Page 206
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To set Web access exception rules: 1. Select Application Security > Block/Accept Exceptions from the menu. The Block/Accept Exceptions screen displays. This screen shows the - Netgear UTM25-100NAS | Reference Manual - Page 207
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Enter the settings as explained in Table 6-13. Table 6-13. Add and Edit Block Scanning Exception Settings Setting Description (or Subfield and Description) Action From - Netgear UTM25-100NAS | Reference Manual - Page 208
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Modify the settings that you wish to change (see Table 6-13 on page 6-43). 3. Click Apply to save your changes. The modified exception rule is - Netgear UTM25-100NAS | Reference Manual - Page 209
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 6-20 2. In the Add Scanning Exclusions section of the screen, specify an exclusion rule as explained in Table 6-14. Table 6-14. Add Scanning Exclusion - Netgear UTM25-100NAS | Reference Manual - Page 210
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 6-46 Content Filtering and Optimizing Scans v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 211
IPsec VPN" on page 7-58. Considerations for Dual WAN Port Systems (UTM25 Only) On the UTM25 only, if both of the WAN ports are configured, you can enable modes. For information about how to select and configure a dynamic DNS service for resolving FQDNs, see "Configuring Dynamic DNS" on page 3-19. - Netgear UTM25-100NAS | Reference Manual - Page 212
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The diagrams and table below show how the WAN mode selection relates to VPN configuration. WAN Auto-Rollover: FQDN Required for VPN UTM25 Rest of UTM25 Functions UTM25 WAN Port Functions UTM25 Rollover Control WAN 1 Port WAN 2 - Netgear UTM25-100NAS | Reference Manual - Page 213
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using the IPsec VPN Wizard for Client and Gateway Configurations You can use the IPsec VPN Wizard to configure multiple gateway or client VPN tunnel policies. The section below provides wizard and NETGEAR efficiently guides you - Netgear UTM25-100NAS | Reference Manual - Page 214
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-4 To view the wizard default settings, click the VPN Wizard Default Values option arrow at the top right of the screen. A popup window appears ( - Netgear UTM25-100NAS | Reference Manual - Page 215
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-5 3. Select the radio buttons and complete the fields and as explained Table 7-2. Table 7-2. (IPsec) VPN Wizard Settings for a Gateway-to-Gateway Tunnel Setting Description ( - Netgear UTM25-100NAS | Reference Manual - Page 216
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-2. (IPsec) VPN Wizard Settings for a Gateway-to-Gateway Tunnel (continued) Setting Description (or Subfield and Description) This VPN tunnel will use following local WAN Interface (UTM25 only) For the UTM25 only, select - Netgear UTM25-100NAS | Reference Manual - Page 217
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Click Apply to save your settings. The IPsec VPN policy is now added to the List of VPN Policies table on the VPN Policies screen. - Netgear UTM25-100NAS | Reference Manual - Page 218
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: When using FQDNs, if the dynamic DNS service is slow VPN Wizard Configure the Gateway for a Client Tunnel" on page 7-8. • "Using the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection" on page 7-11. Using - Netgear UTM25-100NAS | Reference Manual - Page 219
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-9 To display the wizard default settings, click the VPN Wizard Default Values option arrow at the top right of the screen. A popup window appears ( - Netgear UTM25-100NAS | Reference Manual - Page 220
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Select the radio buttons and complete the fields and as explained Table 7-3. addresses. A combination of an IP address and a FQDN is not supported. . 7-10 Virtual Private Networking Using IPsec Connections v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 221
Threat Management UTM10 or UTM25 Reference Manual 4. Click Apply to save your settings. The IPsec VPN policy is now added to the List of VPN Policies table on the VPN Policies screen. By default, the VPN policy is enabled. Figure 7-10 Note: When using FQDNs, if the dynamic DNS service is slow to - Netgear UTM25-100NAS | Reference Manual - Page 222
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-11 2. In the upper left of the Policy Editor window, click the New Connection icon (the first icon on the left) to open a new - Netgear UTM25-100NAS | Reference Manual - Page 223
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Enter the settings as explained in Table and Description) Select the Secure radio button. If you want to connect manually only, select the Only Connect Manually checkbox. From the pull-down menu, select IP Subnet. Enter the - Netgear UTM25-100NAS | Reference Manual - Page 224
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 5. In the left frame, click My Identity. The screen adjusts. Figure 7-13 6. Enter the settings as explained in Table 7-5. Table 7-5. Security Policy Editor: My Identity - Netgear UTM25-100NAS | Reference Manual - Page 225
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-5. Security Policy Editor: My Identity Settings (continued) Setting ID Type Secure Interface Configuration Internet Interface Description (or Subfield and Description) From the pull-down - Netgear UTM25-100NAS | Reference Manual - Page 226
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 9. Enter the settings as explained in Table 7-6. NETGEAR ProSafe VPN Client and the UTM provide VPN connection and status information. This information is useful for verifying the status of a connection and troubleshooting problems - Netgear UTM25-100NAS | Reference Manual - Page 227
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-15 In the example that is shown in Figure 7-15, you should receive the message "Successfully connected to My Connections\UTM_SJ" within 30 seconds. The VPN client icon in the system tray should say On: NETGEAR VPN Client - Netgear UTM25-100NAS | Reference Manual - Page 228
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-16 • Right-click the VPN Client icon in the system tray and select Connection Monitor. Figure 7-17 7-18 Virtual Private Networking Using IPsec Connections v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 229
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The VPN client system tray icon provides a vertical bar indicates traffic on the tunnel. Viewing the UTM IPsec VPN Connection Status To review the status of current IPsec VPN tunnels: 1. Select Monitoring > Active Users & VPNs - Netgear UTM25-100NAS | Reference Manual - Page 230
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Active IPsec SAs table lists each active connection with the information that is described in Table 7-8. The default poll interval is 5 seconds. To change - Netgear UTM25-100NAS | Reference Manual - Page 231
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-19 Managing IPsec VPN Policies After you have both the VPN policy and IKE policy. You can edit existing policies, or manually add new VPN and IKE policies directly in the policy tables. Virtual Private Networking - Netgear UTM25-100NAS | Reference Manual - Page 232
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Managing IKE Policies The Internet Key Exchange (IKE) protocol performs negotiations between the two VPN gateways, and provides automatic management of the keys that are - Netgear UTM25-100NAS | Reference Manual - Page 233
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 7-20 Each policy contains the data that are explained in Table 7-9 These fields are explained in more detail in Table 7-10. Table 7-9. List of - Netgear UTM25-100NAS | Reference Manual - Page 234
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To add or edit an IKE policy, see "Manually Adding or Editing an IKE displays (see Figure 7-21 on page 7-25, which shows the UTM25 screen). The WAN1 and WAN2 radio buttons (next to Select Local Gateway) are shown on the - Netgear UTM25-100NAS | Reference Manual - Page 235
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 7-21 Virtual Private Networking Using IPsec Connections v1.0, September 2009 7-25 - Netgear UTM25-100NAS | Reference Manual - Page 236
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Complete the fields, select the radio buttons, and make your selections from the pull-down menus as explained Table 7-10. Table 7-10. Add IKE Policy - Netgear UTM25-100NAS | Reference Manual - Page 237
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-10. Add IKE Policy Settings (continued) Item Local Select Local Gateway (UTM25 only) Identifier Type Remote Identifier Type IKE SA Parameters Encryption Algorithm Description (or Subfield and Description) For the UTM25 - Netgear UTM25-100NAS | Reference Manual - Page 238
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-10. Add IKE Policy Settings ( not Dead Peer Detection (DPD) is enabled: • Yes. This feature is enabled: when the UTM25 detects an IKE connection failure, it deletes the IPsec and IKE SA and forces a reestablishment of - Netgear UTM25-100NAS | Reference Manual - Page 239
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-10. Add IKE Policy Settings (continued) first checked. If the user account is not present in the local user database, the UTM25 connects to a RADIUS server. For more information, see "RADIUS Client Configuration" on page - Netgear UTM25-100NAS | Reference Manual - Page 240
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE Policies table. Managing VPN Policies You can create - Netgear UTM25-100NAS | Reference Manual - Page 241
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the VPN Policies submenu tab. and of the automatically created accompanying IKE policy) is the Connection Name. "Auto" or "Manual" as described previously (Auto is used during VPN Wizard configuration). IP address (either a - Netgear UTM25-100NAS | Reference Manual - Page 242
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-11. List of VPN Policies Information ( Policies. 2. Click the enable or disable table button To add or edit a VPN policy, see "Manually Adding or Editing a VPN Policy" on this page. Note: You cannot delete or edit an IKE - Netgear UTM25-100NAS | Reference Manual - Page 243
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 7-23 Virtual Private Networking Using IPsec Connections v1.0, September 2009 7-33 - Netgear UTM25-100NAS | Reference Manual - Page 244
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Complete the fields, select the radio buttons and checkboxes, and make your selections from the pull-down menus as explained Table 7-12. Table 7-12. Add - Netgear UTM25-100NAS | Reference Manual - Page 245
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item Description (or Subfield and Description) Traffic Selection Local IP Remote IP From the pull-down menu, select - Netgear UTM25-100NAS | Reference Manual - Page 246
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item Description (or Subfield and Description) Integrity Algorithm Key-In Key-Out From the pull-down menu, select - Netgear UTM25-100NAS | Reference Manual - Page 247
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item PFS Key Group Select IKE Policy Description (or Subfield and Description) Select this checkbox to enable Perfect - Netgear UTM25-100NAS | Reference Manual - Page 248
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual You can enable XAUTH when you manually add or edit an IKE policy. Two types of XAUTH are available: • Edge Device. The UTM is used as a VPN concentrator on which one or - Netgear UTM25-100NAS | Reference Manual - Page 249
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Complete the fields, select the radio buttons, User Accounts" on page 9-9. RADIUS Client Configuration Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for managing authentication, authorization, and - Netgear UTM25-100NAS | Reference Manual - Page 250
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual server in the network when a user requests access to network resources. During the establishment of a VPN connection, the VPN gateway can interrupt the process with - Netgear UTM25-100NAS | Reference Manual - Page 251
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Complete the fields and select the radio buttons as explained Table 7-14. Table 7-14. RADIUS Client Settings Item Description (or Subfield and Description) Primary RADIUS - Netgear UTM25-100NAS | Reference Manual - Page 252
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: You select the RADIUS authentication in Figure 7-26 on page 7-44). Note: After configuring a Mode Config record, you must manually configure an IKE policy and select the newly-created Mode Config record from the 'Select Mode - Netgear UTM25-100NAS | Reference Manual - Page 253
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the Mode Config submenu tab. The Mode Config screen displays. Figure 7-25 As an example, the screen shows two Mode Config records with the - Netgear UTM25-100NAS | Reference Manual - Page 254
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 7-26 4. Complete the fields, select the checkbox, and make your selections from the pull-down menus as explained Table 7-15. Table 7-15. Add Mode - Netgear UTM25-100NAS | Reference Manual - Page 255
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-15. Add Mode Config Record Settings (continued) Item Description (or Subfield and Description) WINS Server DNS Server If there is a WINS server on the - Netgear UTM25-100NAS | Reference Manual - Page 256
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 5. Click Apply to save your settings. The new The Add IKE Policy screen displays. (Figure 7-27 shows the upper part of the UTM25 screen only.) The WAN1 and WAN2 radio buttons (next to Select Local Gateway) are shown on the Add - Netgear UTM25-100NAS | Reference Manual - Page 257
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 8. On the Add IKE Policy screen, complete record (see above). Local Select Local Gateway For the UTM25 only, select a radio button to specify the WAN1 or WAN2 (UTM25 only) interface. Identifier Type From the pull-down menu, - Netgear UTM25-100NAS | Reference Manual - Page 258
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-16. Add IKE Policy Settings for a The default is 28800 seconds (8 hours). However, for a Mode Config configuration, NETGEAR recommends 3600 seconds (1 hour). Enable Dead Peer Detection Note: See also "Configuring - Netgear UTM25-100NAS | Reference Manual - Page 259
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-16. Add IKE Policy Settings for Configuring the ProSafe VPN Client for Mode Config Operation From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection for Mode Config operation - Netgear UTM25-100NAS | Reference Manual - Page 260
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. In the upper left of the Policy Editor window, and Description) Select the Secure radio button. If you want to connect manually only, select the Only Connect Manually checkbox. From the pull-down menu, select IP Subnet. Enter the - Netgear UTM25-100NAS | Reference Manual - Page 261
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-17. Security Policy Editor: Remote Party, Mode Config Settings (continued) Setting Use ID Type Description (or Subfield and Description) Select the Use checkbox. Then, - Netgear UTM25-100NAS | Reference Manual - Page 262
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 5. In the left frame, click My Identity. The screen adjusts. Figure 7-29 6. Enter the settings as explained in Table 7-18. Table 7-18. Security Policy Editor: - Netgear UTM25-100NAS | Reference Manual - Page 263
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 7-18. Security Policy Editor: My Identity, Mode Config Settings (continued) Setting ID Type Secure Interface Configuration Internet Interface Description (or Subfield and Description) From - Netgear UTM25-100NAS | Reference Manual - Page 264
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 9. Enter the settings as explained in Table 7-19. on the other end of the tunnel must also support DPD. Keepalive, though less reliable than DPD, does not require any support from the peer device. 7-54 Virtual Private Networking - Netgear UTM25-100NAS | Reference Manual - Page 265
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Keepalives The Keepalive feature maintains the IPSec SA by sending periodic ping requests to a host across the tunnel and monitoring the replies. To configure - Netgear UTM25-100NAS | Reference Manual - Page 266
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Enter the settings as explained in Table 7-20. Table 7-20. Keepalive Settings Item General Enable Keepalive Description (or Subfield and Description) Select the Yes radio - Netgear UTM25-100NAS | Reference Manual - Page 267
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. In the IKE SA Parameters section of the screen, locate (or Subfield and Description) Select the Yes radio button to enable DPD. When the UTM25 detects an IKE connection failure, it deletes the IPsec and IKE SA and forces a - Netgear UTM25-100NAS | Reference Manual - Page 268
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring NetBIOS Bridging with IPsec VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for several basic network services such as naming and neighborhood device discovery. Because VPN routers do not - Netgear UTM25-100NAS | Reference Manual - Page 269
can establish an encrypted connection. With support for up to 13 dedicated SSL VPN VPN Wizard for Client Configurations" on page 8-2. • "Manually Configuring and Editing SSL Connections" on page 8-17. UTM's SSL VPN portal can provide two levels of SSL service to the remote user: • SSL VPN Tunnel. The - Netgear UTM25-100NAS | Reference Manual - Page 270
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual one or both of these SSL service levels, depending on how you Manually Configuring and Editing SSL Connections" on page 8-17." To start the SSL VPN Wizard: 1. Select Wizards from the main navigation menu. The "Welcome to the Netgear - Netgear UTM25-100NAS | Reference Manual - Page 271
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The following sections explain the five 17 or in other chapters; each section below provides a specific link to a section in "Manually Configuring and Editing SSL Connections" on page 8-17 or to a section in another chapter. - Netgear UTM25-100NAS | Reference Manual - Page 272
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Web browser window. For example, "Company Customer Support" Banner Title The banner title of a banner message that cache-control" content="must-revalidate"> Note: NETGEAR strongly recommends enabling HTTP meta tags for security - Netgear UTM25-100NAS | Reference Manual - Page 273
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual cache control is ignored by Web browsers that do not support ActiveX. SSL VPN Portal Pages to Display VPN Tunnel page this checkbox to provides access to specific defined network services. Note: Any pages that are not selected are - Netgear UTM25-100NAS | Reference Manual - Page 274
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: If you leave the Domain Name field blank, Server and Authentication Secret fields. • MIAS-PAP. Microsoft Internet Authentication Service (MIAS) PAP. Complete the Authentication Server and Authentication Secret fields. - Netgear UTM25-100NAS | Reference Manual - Page 275
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-2. SSL VPN Wizard Step 2: Domain Settings (continued) Setting Description (or Subfield and Description) Portal The portal that you selected on the first SSL VPN - Netgear UTM25-100NAS | Reference Manual - Page 276
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: After you have completed the steps in the SSL VPN Wizard, you can make changes to the user settings by selecting Users > Users. For - Netgear UTM25-100NAS | Reference Manual - Page 277
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual SSL VPN Wizard Step 4 of 6: Client IP Address Range and Routes Figure 8-5 Note that Figure 8-5 contains some examples. Enter the settings as explained in Table 8-4 - Netgear UTM25-100NAS | Reference Manual - Page 278
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-4. SSL VPN Wizard Step 4: Client IP Address Range and Routes Settings Item Description (or Subfield and Description) Client IP Address Range Enable Full Tunnel Support Select this checkbox to enable full tunnel support - Netgear UTM25-100NAS | Reference Manual - Page 279
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual SSL VPN Wizard Step 5 of 6: Port Forwarding Figure 8-6 Note that Figure 8-6 contains some examples. Enter the settings as explained in Table 8-5, then click Next to - Netgear UTM25-100NAS | Reference Manual - Page 280
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-5. SSL VPN Wizard Step 5: Port Forwarding 80 POP3 (receive mail) 110 NTP (network time protocol) 123 Citrix 1494 Terminal Services 3389 VNC (virtual network computing) 5900 or 5800 Add New Host Name for Port - Netgear UTM25-100NAS | Reference Manual - Page 281
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual SSL VPN Wizard Step 6 of 6: Verify and Save Your Settings Figure 8-7 Virtual Private Networking Using SSL Connections v1.0, September 2009 8-13 - Netgear UTM25-100NAS | Reference Manual - Page 282
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Verify your settings; if you need message "Operation Succeeded" appears at the top of the screen, and the "Welcome to the Netgear Configuration Wizard" screen displays again (see Figure 8-1 on page 8-2). Accessing the New SSL - Netgear UTM25-100NAS | Reference Manual - Page 283
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 8-8 4. Enter the user name and password that you just created with the help of the SSL VPN Wizard 5. Click Login. The default User Portal - Netgear UTM25-100NAS | Reference Manual - Page 284
access to the network services that you defined in "SSL VPN Wizard Step 5 of 6: Port Forwarding" on page 8-11. • Change Password. Allows the user to change their password. • Support. Provides access to the NETGEAR Web site. Viewing the UTM SSL VPN Connection Status To review the status of current - Netgear UTM25-100NAS | Reference Manual - Page 285
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. From the Log Type pull-down menu, select SSL VPN. The SSL VPN logs display. Figure 8-11 Manually Configuring and Editing SSL Connections To manually configure and activate SSL connections, perform the following six basic steps - Netgear UTM25-100NAS | Reference Manual - Page 286
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual the list you have created. 4. For SSL VPN tunnel service, configure the virtual network adapter (see "Configuring the SSL ideal way to communicate remote access instructions, support information, technical contact information, or VPN - Netgear UTM25-100NAS | Reference Manual - Page 287
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Portal layouts are applied by selecting one from the available portal layouts in the configuration of a domain. When you have completed your portal layout, you - Netgear UTM25-100NAS | Reference Manual - Page 288
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The List of Layouts table displays the following fields: • Layout Name. The descriptive name of the portal. • Description. The banner message that is displayed at - Netgear UTM25-100NAS | Reference Manual - Page 289
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Web browser window. For example, "Company Customer Support Banner Title The banner title of a banner message that cache-control" content="must-revalidate"> Note: NETGEAR strongly recommends enabling HTTP meta tags for security - Netgear UTM25-100NAS | Reference Manual - Page 290
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual cache control is ignored by Web browsers that do not support ActiveX. SSL VPN Portal Pages to Display VPN Tunnel this checkbox to provides access to specific defined network services Note: Any pages that are not selected are not - Netgear UTM25-100NAS | Reference Manual - Page 291
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Adding Servers and Port Numbers To configure port forwarding, you must define the IP addresses of the internal servers and the port number for TCP - Netgear UTM25-100NAS | Reference Manual - Page 292
UTM10 or UTM25 Reference Manual Table 8-7. Port Forwarding Applications/TCP Port Numbers TCP Application Port Number FTP Data (usually not needed) FTP Control Protocol SSH Telnet SMTP (send mail) HTTP (web) POP3 (receive mail) NTP (network time protocol) Citrix Terminal Services VNC (virtual - Netgear UTM25-100NAS | Reference Manual - Page 293
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. In the Add New Host Name for Port has the IP address 10.0.0.45). • Select whether you want to enable full tunnel or split tunnel support based on your bandwidth: - A full tunnel sends all of the client's traffic across the VPN - Netgear UTM25-100NAS | Reference Manual - Page 294
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • If you enable split tunnel support and you assign an entirely different subnet to the VPN tunnel clients than the subnet that is used by the local network, you must add a - Netgear UTM25-100NAS | Reference Manual - Page 295
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Select the checkbox and complete the fields as explained Table 8-8. Table 8-8. Client IP Address Range Settings Item Description (or Subfield and Description) Client IP Address Range Enable Full Tunnel Support Select this - Netgear UTM25-100NAS | Reference Manual - Page 296
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual resources are groups of IP addresses, IP address ranges, and services. By defining resource objects, you can more quickly create and network resources. But for most organizations, NETGEAR recommends that you use network resources. If - Netgear UTM25-100NAS | Reference Manual - Page 297
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Adding New Network Resources To define a network of the resource for identification and management purposes. • Service. From the Service pull-down menu, select the type of service to which the resource applies: - VPN Tunnel. - Netgear UTM25-100NAS | Reference Manual - Page 298
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Editing Network Resources to Specify Addresses 1. Select VPN > created it on the first Resources screen. The SSL service that is assigned to the resource. You cannot modify the service after you have assigned it to the resource on - Netgear UTM25-100NAS | Reference Manual - Page 299
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-9. Add Resource Addresses Settings (continued) Item IP addresses, address ranges, or all IP addresses and to different SSL VPN services. A specific hierarchy is invoked over which policies take precedence. The UTM policy - Netgear UTM25-100NAS | Reference Manual - Page 300
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual For example, a policy that is configured for a the following global policy configuration: • Policy 1: A Deny rule has been configured to block all services to the IP address range 10.0.0.0 - 10.0.0.255. • Policy 2: A Deny rule has - Netgear UTM25-100NAS | Reference Manual - Page 301
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 8-18 2. Make your selection from the following Query options: • Click Global to view all global policies. • Click Group to view group policies, and choose - Netgear UTM25-100NAS | Reference Manual - Page 302
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual . Figure 8-19 3. Select the radio buttons, complete the fields, and make your selection from the pull-down menus as explained Table 8-10. Table 8-10. Add - Netgear UTM25-100NAS | Reference Manual - Page 303
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-10. Add Policy Settings ( those ports. Leave the fields blank to apply the policy to all traffic. Service From the pull-down menu, select the service to which the SSL VPN policy is applied: • VPN Tunnel. The policy - Netgear UTM25-100NAS | Reference Manual - Page 304
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 8-10. Add Policy Settings (continued) those ports. Leave the fields blank to apply the policy to all traffic. Service From the pull-down menu, select the service to which the SSL VPN policy is applied: • VPN Tunnel. The - Netgear UTM25-100NAS | Reference Manual - Page 305
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Click Apply to save your settings. The policy is added to the List of SSL VPN Policies table on the Policies screen. The new policy - Netgear UTM25-100NAS | Reference Manual - Page 306
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 8-38 Virtual Private Networking Using SSL Connections v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 307
Chapter 9 Managing Users, Authentication, and Certificates This chapter describes how to manage users, authentication, and security certificates for IPsec VPN and SSL VPN. This chapter contains the following sections: • "Configuring VPN Authentication Domains, Groups, and Users" on this page. • " - Netgear UTM25-100NAS | Reference Manual - Page 308
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual protocols and methods that the UTM supports. Table 9-1.Authentication Protocols and Methods authentication method that functions with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft - Netgear UTM25-100NAS | Reference Manual - Page 309
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 9-1.Authentication Protocols and Methods Authentication Protocol or is a standard for querying and updating a directory. Because LDAP supports a multilevel hierarchy (for example, groups or organizational units), this - Netgear UTM25-100NAS | Reference Manual - Page 310
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Under the List of Domains table, click the add table button. The Add Domain screen displays. Figure 9-2 3. Enter the settings as explained in Table 9-2. Table 9-2. - Netgear UTM25-100NAS | Reference Manual - Page 311
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 9-2. • MIAS-CHAP. Microsoft Internet Authentication Service (MIAS) CHAP. Complete the Authentication : A combination of local and external authentication is supported. Warning: If you disable local authentication, make sure - Netgear UTM25-100NAS | Reference Manual - Page 312
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 6. If you change local authentication, click Apply in the Domain screen to save your settings. To delete one or more domains: 1. In the List of - Netgear UTM25-100NAS | Reference Manual - Page 313
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Creating and Deleting Groups To create a VPN group: 1. Select Users > Groups from the menu. The Groups screen displays. Figure 9-3 shows the UTM's default group-geardomain- - Netgear UTM25-100NAS | Reference Manual - Page 314
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 9-3. (VPN) Group Settings Setting Description (or Subfield and Description) Name Domain Idle Timeout A descriptive (alphanumeric) name of the group for identification and management purposes. - Netgear UTM25-100NAS | Reference Manual - Page 315
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 9-4 3. Modify the VPN portal. • IPSEC VPN User. A user who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and only when the XAUTH feature is enabled (see "Configuring Extended Authentication (XAUTH)" - Netgear UTM25-100NAS | Reference Manual - Page 316
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To create an individual user account: 1. Select Users > Users from the menu. The Users screen displays. Figure 9-5 shows the UTM's default users-admin and guest- - Netgear UTM25-100NAS | Reference Manual - Page 317
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 9-6 3. Enter the settings as portal. • IPSEC VPN User. User who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and only when the XAUTH feature is enabled (see "Configuring Extended Authentication - Netgear UTM25-100NAS | Reference Manual - Page 318
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. Click Apply to save your settings. The user is added to the List of Users table. To delete one or more users: 1. In the List - Netgear UTM25-100NAS | Reference Manual - Page 319
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: For security reasons, the Deny Login from WAN Interface checkbox is selected by default for guests and administrators. The Disable Login checkbox is disabled ( - Netgear UTM25-100NAS | Reference Manual - Page 320
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 4. In the Defined Addresses Status section of the screen, select one of the following radio buttons: • Deny Login from Defined Addresses. Deny logging in from - Netgear UTM25-100NAS | Reference Manual - Page 321
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Click the by Client Browser submenu tab. The by Client Browser screen displays. Figure 9-9 shows a browser in the Defined Browsers table as an example. Figure 9-9 4. - Netgear UTM25-100NAS | Reference Manual - Page 322
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 7. Click the add table button. The browser is added to the Defined Browsers table. 8. Repeat step 6 and step 7 for any other browsers that you want - Netgear UTM25-100NAS | Reference Manual - Page 323
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Enter the settings as explained portal. • IPSEC VPN User. User who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and only when the XAUTH feature is enabled (see "Configuring Extended Authentication ( - Netgear UTM25-100NAS | Reference Manual - Page 324
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual On the UTM, the uploaded digital certificate a self-signed digital certificate from NETGEAR. This certificate can be downloaded from the UTM login screen for browser import. However, NETGEAR recommends that you replace this digital - Netgear UTM25-100NAS | Reference Manual - Page 325
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Certificates screen contains four tables that are explained in detail in the following sections: • Trusted Certificates (CA Certificate) table. Contains the trusted digital certificates - Netgear UTM25-100NAS | Reference Manual - Page 326
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Trusted Certificates (CA Certificates) table lists the digital certificates of CAs and contains the following fields: • CA Identity (Subject Name). The organization or person - Netgear UTM25-100NAS | Reference Manual - Page 327
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual When a security alert is generated, the user can decide whether or not to trust the host. Figure 9-12 Generating a CSR and Obtaining a Self Certificate from a - Netgear UTM25-100NAS | Reference Manual - Page 328
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 9-13 [Certificates, screen 2 of 3] 2. In the Generate Self Certificate Request section of the screen, enter the settings as explained in Table 9-7. Table 9-7. Generate Self - Netgear UTM25-100NAS | Reference Manual - Page 329
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 9-7. Generate Self Certificate Request Settings (continued) Setting Hash Algorithm Signature Algorithm Signature Key Length Optional Fields Description (or Subfield and Description) From the pull- - Netgear UTM25-100NAS | Reference Manual - Page 330
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 9-14 5. Copy the contents of BEGIN CERTIFICATE REQUEST---" and "---END CERTIFICATE REQUEST"). d. Submit the CA form. If no problems ensue, the digital certificate is issued by the CA. 7. Download the digital certificate file - Netgear UTM25-100NAS | Reference Manual - Page 331
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 10. Click Browse and navigate to the digital certificate file from the CA that you just stored on your computer. 11. Click the upload table - Netgear UTM25-100NAS | Reference Manual - Page 332
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To view the currently-loaded CRLs and upload a new CRL: 1. Select VPN > Certificates from the menu. The Certificates screen displays. Figure 9-15 shows the bottom - Netgear UTM25-100NAS | Reference Manual - Page 333
DSL or cable modems are used to connect to the Internet. At 1.5 Mbps, the WAN ports support the following traffic rates: • Load balancing mode (UTM25 only): 3 Mbps (two WAN ports at 1.5 Mbps each) • Auto-rollover mode (UTM25 only): 1.5 Mbps (one active WAN port at 1.5 Mbps) • Single WAN port mode - Netgear UTM25-100NAS | Reference Manual - Page 334
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual administrators only! Incorrect configuration might cause serious problems. Each rule lets you specify the more information about outbound rules, see "Outbound Rules (Service Blocking)" on page 5-4. For detailed procedures on how - Netgear UTM25-100NAS | Reference Manual - Page 335
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual When you define outbound firewall rules, you can further refine their application according to the following criteria: • Services. You can specify the services or applications to be covered by an outbound rule. If the desired - Netgear UTM25-100NAS | Reference Manual - Page 336
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Content Filtering If you want to reduce . - Web services blocking. You can block Web services such as instant messaging and peerto-peer services. For more information, see "Customizing Web Protocol Scan Settings and Services" on page - Netgear UTM25-100NAS | Reference Manual - Page 337
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual - Web object blocking. You can block the following Web component types: embedded objects (ActiveX, Java, Flash), proxies, and cookies, and you can disable Java scripts. - Netgear UTM25-100NAS | Reference Manual - Page 338
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Warning: This feature is for advanced administrators only! Incorrect configuration might cause serious problems • Services. You can specify the services or applications to be covered by an inbound rule. If the desired service or - Netgear UTM25-100NAS | Reference Manual - Page 339
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual - Groups. The rule is applied to a group rules to regulate the priority of traffic. To define QoS profiles, see "Creating Quality of Service (QoS) Profiles" on page 5-33. • Bandwidth Profile. You can define bandwidth profiles and - Netgear UTM25-100NAS | Reference Manual - Page 340
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual LAN port) can be dedicated as a hardware DMZ port to safely provide services to the : Specifying an Exposed Host" on page 5-28. Configuring VPN Tunnels The UTM supports up to 25 site-to-site IPsec VPN tunnels and up to 13 dedicated - Netgear UTM25-100NAS | Reference Manual - Page 341
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual For more information about QoS profiles, see "Creating Quality of Service (QoS) Profiles" on passwords for the Web Management Interface are both password. NETGEAR recommends that you change these passwords to more secure passwords - Netgear UTM25-100NAS | Reference Manual - Page 342
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To modify the administrator user account settings, including the password: 1. Select Users > Users from the menu. The Users screen displays. Figure 10-1 shows the UTM's - Netgear UTM25-100NAS | Reference Manual - Page 343
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Select the Check to Edit Password checkbox. The password fields become active. 4. Enter the old password, enter the new password, and then confirm the new - Netgear UTM25-100NAS | Reference Manual - Page 344
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Remote Management Access An administrator can malicious WAN user can reconfigure the UTM and misuse it in many ways, NETGEAR highly recommends that you change the admin and guest default passwords before continuing (see - Netgear UTM25-100NAS | Reference Manual - Page 345
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual "Setting User Login Policies" on page 9-12 for instructions on restricting administrator access by IP address. Note: are also disabled. Tip: If you are using a dynamic DNS service such as TZO, you can identify the WAN IP address of - Netgear UTM25-100NAS | Reference Manual - Page 346
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using an SNMP Manager Simple Network Management Protocol (SNMP) forms part of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). - Netgear UTM25-100NAS | Reference Manual - Page 347
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 10-1. Table 10-1. SNMP Settings Setting Description (or Subfield and Description) Settings Do You Want to Enable SNMP? - Netgear UTM25-100NAS | Reference Manual - Page 348
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Backup & Restore Settings screen lets you: • • Network settings. IP address, subnet mask, gateway, and so on. • Scan settings. Services to scan, primary and secondary actions, and so on. • Update settings. Update source, update - Netgear UTM25-100NAS | Reference Manual - Page 349
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Select Save file, and then click OK. 3. Open the folder where you have saved the backup file, and then verify that it has been saved - Netgear UTM25-100NAS | Reference Manual - Page 350
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Reverting to Factory Default Settings To reset 168.1.1. Updating the Firmware The UTM can automatically detect any new firmware version from NETGEAR. The firmware upgrade process for the UTM consists of the following stages that are - Netgear UTM25-100NAS | Reference Manual - Page 351
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Viewing the Available Firmware Versions To view the current version of the firmware that your UTM is running and the other available firmware versions: 1. Select - Netgear UTM25-100NAS | Reference Manual - Page 352
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. To see which other firmware versions are available, click Query under the Firmware Download section to allow the UTM to connect to the NETGEAR update server. The Firmware Download section shows the available firmware versions, - Netgear UTM25-100NAS | Reference Manual - Page 353
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Rebooting Without Changing the Firmware To reboot the UTM without changing the firmware: 1. In the Firmware Reboot section of the Firmware screen (see Figure 10-6 - Netgear UTM25-100NAS | Reference Manual - Page 354
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 10-7 The Info section shows the following information fields for the scan engine firmware and pattern file: • Current Version. The version of the files. • - Netgear UTM25-100NAS | Reference Manual - Page 355
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Automatic Update and Frequency of the following radio buttons: • Default update server. Files are updated from the default NETGEAR update server. • Server address. Files are updated from the server that you specify: - Netgear UTM25-100NAS | Reference Manual - Page 356
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Date and Time Service Configure date, time and NTP server designations on the System Date & Time screen. Network Time Protocol (NTP) is a protocol that is used to synchronize computer - Netgear UTM25-100NAS | Reference Manual - Page 357
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 10-3. System Date & Time Settings (continued) Setting Description (or Subfield and Description) Automatically Adjust for If daylight savings time is supported fields are set to the default Netgear NTP servers. Note: A list - Netgear UTM25-100NAS | Reference Manual - Page 358
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 10-26 Network and System Management v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 359
one or both WAN ports. To monitor traffic limits on each of the WAN ports: 1. Select Network Config > WAN Metering from the menu. On the UTM25, the WAN Metering tabs appear, with the WAN1 Traffic Meter screen in view (see Figure 11-1 on page 11-2, which shows the - Netgear UTM25-100NAS | Reference Manual - Page 360
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Internet Traffic Statistics section in the lower part of the screen displays statistics on Internet traffic via the WAN port. If you have not - Netgear UTM25-100NAS | Reference Manual - Page 361
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-1. WAN Traffic Meter Settings Setting Description (or Subfield and Description) Enable Traffic Meter Do you want to enable Traffic Metering on WAN1? (UTM25) or Do you want to enable Traffic Metering on WAN? (UTM10) - Netgear UTM25-100NAS | Reference Manual - Page 362
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-1. WAN Traffic Meter Settings (continued) Protocol option arrow at the top right of the WAN1 Traffic Meter or WAN2 Traffic Meter screen (UTM25), or at the top right of the WAN Traffic Meter screen (UTM10). The Traffic by - Netgear UTM25-100NAS | Reference Manual - Page 363
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring Logging, Alerts, and Event Notifications By default, the UTM logs security-related events such as accepted and dropped packets on different segments of your LAN, denied incoming and outgoing service requests, hacker - Netgear UTM25-100NAS | Reference Manual - Page 364
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 11-2. Table 11-2. E-mail Notification Settings Setting Description (or Subfield and Description) Show as mail sender SMTP server - Netgear UTM25-100NAS | Reference Manual - Page 365
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-4 Monitoring System Access and Performance v1.0, September 2009 11-7 - Netgear UTM25-100NAS | Reference Manual - Page 366
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Enter the settings as explained in Table 11-2. Table 11-3. E-mail and Syslog Settings Setting Description (or Subfield and Description) System Logs Option Select the - Netgear UTM25-100NAS | Reference Manual - Page 367
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-3. E-mail and Syslog Settings (continued) Setting access blocked Web sites and URLs. • Service Logs. All events that are related to the status of scanning and filtering services that are part of the Application Security - Netgear UTM25-100NAS | Reference Manual - Page 368
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-3. E-mail and Syslog Settings ( , or Intrusion Prevention System (IPS) (outbreak) attack occurs. Five types of alerts are supported: • Update Failure Alert. Sent when an attempt to update any component such as a pattern - Netgear UTM25-100NAS | Reference Manual - Page 369
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-5 3. Enter the settings as explained in Table 11-4. Table 11-4. Alerts Settings Setting Description (or Subfield and Description) Enable Update Failure Alerts Enable - Netgear UTM25-100NAS | Reference Manual - Page 370
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-4. Alerts Settings (continued) Setting Description (or Subfield and Description) Enable Malware Alerts (continued) Subject Enter the subject line for the e-mail alert. The - Netgear UTM25-100NAS | Reference Manual - Page 371
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Configuring and Activating Firewall Logs . Note: Enabling firewall logs might generate a significant volume of log messages. NETGEAR recommends that you enable firewall logs for debugging purposes only. To configure and activate - Netgear UTM25-100NAS | Reference Manual - Page 372
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-5. Firewall Logs Settings Setting security scanning status with detected network threats, detected network traffic, and service statistics for the six supported protocols (HTTP, HTTPS, FTP, SMTP, POP3, and IMAP). - Netgear UTM25-100NAS | Reference Manual - Page 373
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-7 [Dashboard, screen 1 of 3] Monitoring System Access and Performance v1.0, September 2009 11-15 - Netgear UTM25-100NAS | Reference Manual - Page 374
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To clear the statistics, click Clear statistics. To • Peer to Peer blocked (to configure, see "Customizing Web Protocol Scan Settings and Services" on page 6-19). Network Displays the total number of: • IPS attack signatures - Netgear UTM25-100NAS | Reference Manual - Page 375
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-6. Dashboard: Total Threats, Threats (Counts), and Total Traffic (Bytes) Information (continued) Item Description (or Subfield and Description) Threats (Counts) This is a graphic that - Netgear UTM25-100NAS | Reference Manual - Page 376
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-7 explains the fields of the Most Recent 5 and Top 5 sections of the Dashboard screen. Table 11-7. Dashboard: Most Recent 5 and Top 5 Information Category - Netgear UTM25-100NAS | Reference Manual - Page 377
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-9 [Dashboard, screen 3 of 3] Table 11-8 explains the fields of the Service Statistics section of the Dashboard screen. Table 11-8. Dashboard: Service Statistics Information Item Description (or Subfield and Description) - Netgear UTM25-100NAS | Reference Manual - Page 378
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Viewing Status Screens The UTM provides real-time information in . Because of the size of the System Status screen, it is divided and presented in this manual in three figures (Figure 11-10 on page 11-21, Figure 11-11 on page 11- - Netgear UTM25-100NAS | Reference Manual - Page 379
Management UTM10 or UTM25 Reference Manual Figure 11-10 [System Status, screen 1 of 3] Table 11-9 explains the fields of the Status and System Information sections of the System Status screen. Table 11-9. System Status: Status and System Information Setting Status System Services Description (or - Netgear UTM25-100NAS | Reference Manual - Page 380
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-9. System Status: Status and System 11-11 [System Status, screen 2 of 3] Table 11-10 on page 11-23 explains the UTM25 fields of the WAN1 Configuration, WAN2 Configuration, and LAN Port sections of the System Status screen. - Netgear UTM25-100NAS | Reference Manual - Page 381
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-10. System Status: WAN Configuration and LAN Port Information Setting Description (or Subfield and Description) WAN1 Configuration/WAN2 Configuration (UTM25) or WAN Configuration (UTM10) WAN Mode WAN State NAT - Netgear UTM25-100NAS | Reference Manual - Page 382
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-11. System Status: Interface Statistics Setting Description (or Subfield and Description) For each interface (LAN, WAN1, WAN2, and DMZ for the UTM25 VPN Tunnel Connection Status To review the status of current IPsec - Netgear UTM25-100NAS | Reference Manual - Page 383
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the IPSec VPN Connection Status button to build the connection or click the drop table button to terminate the connection. To review the status of current SSL VPN tunnels: 1. Select Monitoring > Active Users & VPNs from - Netgear UTM25-100NAS | Reference Manual - Page 384
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the SSL VPN Connection Status submenu tab. The SSL VPN Connection Status screen displays. Figure 11-15 The active user's user name, group, and - Netgear UTM25-100NAS | Reference Manual - Page 385
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 2. Click the Status option arrow at the top right of the Port Triggering screen.The Port Triggering Status screen appears in a popup window. Figure 11- - Netgear UTM25-100NAS | Reference Manual - Page 386
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-18 2. Click the WAN Status option arrow at the top right of the WAN1 ISP Settings screen (UTM25) or WAN1 ISP Settings screen (UTM10). The Connection Status screen appears in a popup window. Figure 11-19 11-28 Monitoring - Netgear UTM25-100NAS | Reference Manual - Page 387
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The Connection Status screen displays the information that is described in Table 11-14. Table 11-14. WAN1 (UTM25) or WAN (UTM10) Port Status Informations Item Connection Time Connection Type Connection Status IP Address Subnet - Netgear UTM25-100NAS | Reference Manual - Page 388
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-20 2. Click the LAN Groups submenu tab. The LAN Groups screen displays (Figure 11-21 shows some examples in the Known PCs and - Netgear UTM25-100NAS | Reference Manual - Page 389
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual that do not support the NetBIOS protocol, the name is displayed as "Unknown" (you can edit the entry manually to add a the UTM rediscovers the devices. Viewing the DHCP Log To review the most recent entries in the DHCP log: 1. Select - Netgear UTM25-100NAS | Reference Manual - Page 390
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-22 Querying Logs and Generating Reports The extensive logging and reporting functions of the UTM let you perform the following tasks that help - Netgear UTM25-100NAS | Reference Manual - Page 391
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • System Logs. The system event logs that you events are logged in the system logs. • Service Logs. All events that are related to the status of scanning and filtering services that are part of the Application Security main - Netgear UTM25-100NAS | Reference Manual - Page 392
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-23 3. Enter the settings as explained in Table 11-15. Table 11-15. Logs Query Settings Setting Log Type Description (or Subfield and - Netgear UTM25-100NAS | Reference Manual - Page 393
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-15. Logs Query Settings (continued) Setting Log Type (continued) View All Search Criteria Description (or Subfield and Description) • Service Logs. All events that are related to the status of scanning and filtering - Netgear UTM25-100NAS | Reference Manual - Page 394
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-15. Logs Query Settings (continued) Setting Search Criteria (continued) Description (or Subfield and Description) Client IP The client IP address that is queried. - Netgear UTM25-100NAS | Reference Manual - Page 395
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-15. Logs Query Settings (continued) Setting , ERROR, WARNING, NOTICE, INFO, and DEBUG. This field is available only for the Service log. URL The URL that is queried. This field is available only for the Content filters - Netgear UTM25-100NAS | Reference Manual - Page 396
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Example: Using Logs to Identify Infected are always recorded. Note: After the UTM reboots, traffic logs are lost. Therefore, NETGEAR recommends that you connect the UTM to a syslog server to save the traffic logs externally - Netgear UTM25-100NAS | Reference Manual - Page 397
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Scheduling and Generating Reports The UTM lets you schedule and generate three types of reports: • Email Reports. For each protocol (SMTP, POP3, and IMAP), the - Netgear UTM25-100NAS | Reference Manual - Page 398
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual - The following application incident are shown per day, both in tables and graphics: • Number of instant messaging application violations, top 10 violating instant messaging applications - Netgear UTM25-100NAS | Reference Manual - Page 399
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 11-24 3. Enter the settings as explained in Table 11-16. Table 11-16. Generate Report Settings Setting Description (or Subfield and Description) Time - Netgear UTM25-100NAS | Reference Manual - Page 400
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Scheduling Reports To schedule automatic generation and e-mailing of reports: 1. Select Monitoring > Logs & Reports from the menu. The Logs & Reports submenu tabs appear, with the - Netgear UTM25-100NAS | Reference Manual - Page 401
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table 11-17. Schedule Report Settings (continued) . To facilitate the explanation of the tools, the Diagnostics screen is divided and presented in this manual in three figures (Figure 11-26 on page 11-44, Figure 11-27 on page 11- - Netgear UTM25-100NAS | Reference Manual - Page 402
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using the Network Diagnostic Tools This section discusses the Network Diagnostics section and the Perform a DNS Lookup section of the Diagnostics screen. Figure 11-26 [ - Netgear UTM25-100NAS | Reference Manual - Page 403
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Tracing a Route A traceroute lists all routers between the Routing Table Displaying the internal routing table can assist NETGEAR Technical Support to diagnose routing problems. To display the routing table: 1. Locate the Network - Netgear UTM25-100NAS | Reference Manual - Page 404
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Using the Realtime Traffic Diagnostics Tool This section file has been downloaded successfully. 8. Send the file to NETGEAR Technical Support for analysis. 11-46 Monitoring System Access and Performance v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 405
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Gathering Important Log Information and Generating a Network Statistics Report When you request support, NETGEAR Technical Support might ask you to collect the debug logs and other information from your UTM. This section discusses - Netgear UTM25-100NAS | Reference Manual - Page 406
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual To generate the Network Statistic Report: 1. Locate the Network Statistics Report section on the Diagnostics screen. 2. Click Generate Network Statistics. The network statistics report is - Netgear UTM25-100NAS | Reference Manual - Page 407
Chapter 12 Troubleshooting and Using Online Support This chapter provides troubleshooting tips and information for the UTM. After each problem description, instructions are provided to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the UTM - Netgear UTM25-100NAS | Reference Manual - Page 408
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Basic Functioning After you turn on power to the UTM, 12-8. If the error persists, you might have a hardware problem and should contact NETGEAR Technical Support. 12-2 Troubleshooting and Using Online Support v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 409
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual LAN or WAN Port LEDs Not On If either the LAN LEDs or WAN LEDs do not light is in this range, check the connection from the PC to the UTM and reboot your PC. Troubleshooting and Using Online Support v1.0, September 2009 12-3 - Netgear UTM25-100NAS | Reference Manual - Page 410
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • If your UTM's IP address has been screen of the UTM25, or on the WAN ISP Settings screen of the UTM10 (see "Manually Configuring the Internet Connection" on page 3-5). 12-4 Troubleshooting and Using Online Support v1.0, September - Netgear UTM25-100NAS | Reference Manual - Page 411
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • 1. Launch your browser and navigate to an external site such as www.netgear.com 2. Access the Web Management Interface of the UTM's configuration at your UTM. Troubleshooting and Using Online Support v1.0, September 2009 12-5 - Netgear UTM25-100NAS | Reference Manual - Page 412
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If your UTM is still unable to obtain an IP address from the ISP, the problem the UTM25, (see "Manually Configuring the screen of the UTM25, or in the (such as www.netgear.com) to numeric Troubleshooting a TCP/IP network is made - Netgear UTM25-100NAS | Reference Manual - Page 413
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual of the following problems: • Wrong physical connections - Make sure that the LAN port LED is on. If the LED is off, follow the instructions in "LAN or 's DNS server. Troubleshooting and Using Online Support v1.0, September 2009 12-7 - Netgear UTM25-100NAS | Reference Manual - Page 414
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If the path is functioning correctly, replies as in the previous section are > Backup & Restore Settings from the menu (see Figure 12-1 on page 12-9). 12-8 Troubleshooting and Using Online Support v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 415
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure 12 .168.1.1. Problems with Date and Time The System Date & Time screen displays the current date and time of day (see "Configuring Date and Time Service" on Troubleshooting and Using Online Support v1.0, September 2009 12-9 - Netgear UTM25-100NAS | Reference Manual - Page 416
UTM25 Reference Manual • Time is off by one hour. Cause: The UTM does not automatically sense Daylight Savings Time. Check the Time Zone menu, and select or deselect the checkbox marked "Adjust for Daylight Savings Time". Using Online Support The UTM includes online support tools that allow NETGEAR - Netgear UTM25-100NAS | Reference Manual - Page 417
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual If NETGEAR Technical Support cannot access the UTM remotely, they might ask you to save a log file to your computer and then e-mail it to NETGEAR that is relevant. Troubleshooting and Using Online Support v1.0, September 2009 12-11 - Netgear UTM25-100NAS | Reference Manual - Page 418
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual 3. Click Submit. Accessing the Knowledge Base and Documentation To access NETGEAR's Knowledge Base for the UTM, select Support > Knowledge Base from the menu. To access NETGEAR's documentation library for your UTM model, select - Netgear UTM25-100NAS | Reference Manual - Page 419
Appendix A Default Settings and Technical Specifications You can use the reset button located on the rear panel to reset all settings to their factory defaults. This is called a hard reset (for more information, see "Reverting to Factory Default Settings" on page 10-18). • To perform a hard reset, - Netgear UTM25-100NAS | Reference Manual - Page 420
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table A-1. UTM Default Configuration Settings (continued) Feature Default behavior (continued) DHCP server DHCP starting IP address DHCP starting IP address Enabled 192.168.1.2 192.168.1. - Netgear UTM25-100NAS | Reference Manual - Page 421
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table A-2. UTM Physical and Technical Specifications Web-based configuration and status monitoring Number of concurrent users supported 10 (UTM10) or 25 (UTM25) site-to-site IPsec VPN tunnels IPsec encryption algorithm DES - Netgear UTM25-100NAS | Reference Manual - Page 422
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table A-3. UTM IPsec VPN Specifications (continued) Setting IPsec authentication types IPsec certificates supported Specification Local User database, RADIUS PAP, RADIUS CHAP CA digital certificate, Self digital certificate - Netgear UTM25-100NAS | Reference Manual - Page 423
Only) This appendix describes the factors to consider when planning a network using a firewall such as the UTM25 that has dual WAN ports. This appendix does not apply to the UTM10. This appendix contains the following sections: • "What to Consider Before You Begin" - Netgear UTM25-100NAS | Reference Manual - Page 424
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Protocol binding - For auto-rollover mode, protocol binding does not apply. - For load balancing mode, decide which protocols should be bound to a specific WAN port. - You can also add your own service reset. NETGEAR strongly - Netgear UTM25-100NAS | Reference Manual - Page 425
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Instructions for connecting the UTM are in the ProSecure Unified Threat Management UTM10 or UTM25 Installation Guide. your must use a Java-enabled Web browser that supports HTTP uploads such as Microsoft Internet Explorer 5.1 or - Netgear UTM25-100NAS | Reference Manual - Page 426
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Where Do I Get The Internet Configuration you connect using a login name and password, then fill in the following: Login Name Password Service Name • Fixed or Static IP Address: If you have a static IP address, record the - Netgear UTM25-100NAS | Reference Manual - Page 427
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual host or domain names, you can use the following examples as a guide: - If your main e-mail account with your ISP is aaa@ a dynamic DNS service provider for their IP addresses. Dynamic DSN Service Provider FQDN: Overview - Netgear UTM25-100NAS | Reference Manual - Page 428
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual These various types of traffic and auto- of each WAN port is fixed. Figure B-2 Features such as multiple exposed hosts are not supported in auto-rollover mode because the IP addresses of each WAN port must be in the identical - Netgear UTM25-100NAS | Reference Manual - Page 429
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual traffic is a response to one of your local computers or a service for which you have configured an inbound rule. Instead of discarding supported and enabled. Network Planning for Dual WAN Ports (UTM25 Only) B-7 v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 430
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual In the single WAN case, the WAN's Internet the public can send incoming traffic to the multiple exposed hosts when this feature is supported and enabled. Inbound Traffic: Dual WAN Ports for Improved Reliability In a dual-WAN port - Netgear UTM25-100NAS | Reference Manual - Page 431
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure B-6 Virtual Private Networks (VPNs) When implementing virtual private network (VPN) tunnels, a after a rollover using the new WAN IP address. Network Planning for Dual WAN Ports (UTM25 Only) B-9 v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 432
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual For a single WAN gateway configuration, use a FQDN when the IP address is dynamic and either an FQDN are optional when the IP address is static. Figure B-8 B-10 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 433
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual VPN Road Warrior (Client-to-Gateway) The following situations exemplify the requirements for a remote PC The gateway WAN port must act as a responder. Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 B-11 - Netgear UTM25-100NAS | Reference Manual - Page 434
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure B-10 The IP addresses of the WAN ports can be either fixed or dynamic, but you must gateway IP address to establish or re-establish a VPN tunnel. B-12 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 435
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual VPN Road Warrior: Dual Gateway WAN Ports for Load Balancing In a dual-WAN port load balancing gateway are known in advance (see Figure B-13 on page B-14). Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 B-13 - Netgear UTM25-100NAS | Reference Manual - Page 436
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Figure B-13 The IP address of the gateway WAN ports can be either fixed or dynamic. If an IP IP address of the active WAN ports is not known in advance). B-14 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 437
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual After a rollover of a gateway WAN port, the previously inactive gateway WAN port becomes the active port ( . If an IP address is fixed, an FQDN is optional. Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 B-15 - Netgear UTM25-100NAS | Reference Manual - Page 438
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual VPN Telecommuter (Client-to-Gateway Through a NAT Router) Note: The telecommuter case presumes the home If the IP address is fixed, a FQDN is optional. B-16 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 439
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability In a dual-WAN port auto-rollover gateway WAN port must act as the responder. Figure B-19 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 B-17 - Netgear UTM25-100NAS | Reference Manual - Page 440
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The purpose of the FQDN is to toggle the domain name of the gateway between the IP addresses of use a FQDN. If an IP address is fixed, an FQDN is optional. B-18 Network Planning for Dual WAN Ports (UTM25 Only) v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 441
Appendix C System Logs and Error Messages This appendix explains provides examples and explanations of system logs and error message. When applicable, a recommended action is provided. This appendix contains the following sections: • "System Log Messages" on page C-2. • "Content Filtering and - Netgear UTM25-100NAS | Reference Manual - Page 442
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual System Log Messages This section describes log messages that belong to one of the following categories: • Logs that are generated by traffic that is meant - Netgear UTM25-100NAS | Reference Manual - Page 443
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Service Logs This section describes log messages generated during firmware updates and other service-related events. Table C-4. System Logs: Service [UTM] [ntpdate] Synchronized time with time-f.netgear.com Nov 28 12:31:16 [UTM] - Netgear UTM25-100NAS | Reference Manual - Page 444
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Login/Logout This section describes logs that are generated by the administrative interfaces of the device. Table C-6. System Logs: Login/Logout Message Explanation Recommended Action - Netgear UTM25-100NAS | Reference Manual - Page 445
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual WAN Status This section describes the logs that are generated by the WAN component. If there are two ISP links for Internet connectivity, the router - Netgear UTM25-100NAS | Reference Manual - Page 446
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual System Logs: WAN Status, Auto Rollover (continued) Explanation Recommended Action The logs suggest that the fail-over was detected after five attempts instead of three. - Netgear UTM25-100NAS | Reference Manual - Page 447
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual PPP Logs This section describes the WAN PPP connection logs. The PPP type can be configured through the Web Management Interface (see "Manually Configuring the Internet Connection" on page 3-5). • PPPoE Idle-Timeout Logs Table C- - Netgear UTM25-100NAS | Reference Manual - Page 448
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • PPTP Idle-Timeout Logs Table C-11. System Logs: WAN Status, PPTP Idle-Timeout Message 1 Message 2 Message 3 Message 4 Message 5 Message 6 Message 7 Message 8 Message 9 Nov 29 11: - Netgear UTM25-100NAS | Reference Manual - Page 449
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Traffic Metering Logs This section describes logs that are generated when the traffic meter has reached a limit. Table C-13. System Logs: Traffic Metering Message Explanation - Netgear UTM25-100NAS | Reference Manual - Page 450
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Multicast/Broadcast Logs This section describes logs that are generated when the UTM processes multicast and broadcast packets. Table C-16. System Logs: Multicast/Broadcast Message - Netgear UTM25-100NAS | Reference Manual - Page 451
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table C-17. System Logs: Invalid Packets (continued) Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation - Netgear UTM25-100NAS | Reference Manual - Page 452
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table C-17. System Logs: Invalid Packets (continued) Explanation Recommended Action Error returned from helper routine. None Content Filtering and Security Logs This section describes the - Netgear UTM25-100NAS | Reference Manual - Page 453
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Table C-18. Content Filtering and Security Logs: Web Filtering and Content Filtering Message Explanation Recommended Action Message Explanation Recommended Action 2009-08-01 00:00: - Netgear UTM25-100NAS | Reference Manual - Page 454
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Traffic Logs This section describes logs that 35.166 [email protected] [email protected] [MALWARE INFECTED]Fw: cleanvirus Virus logs for all services. The message shows the date and time, protocol, virus name, action that is taken, - Netgear UTM25-100NAS | Reference Manual - Page 455
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual IPS Logs This section describes logs that are generated when traffic matches IPS rules. Table C-23. Content Filtering and Security Logs: IPS Message Explanation Recommended - Netgear UTM25-100NAS | Reference Manual - Page 456
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Routing Logs This section explains the logging messages for each network segment such as LAN to WAN for debugging purposes. These logs might generate a significant - Netgear UTM25-100NAS | Reference Manual - Page 457
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual WAN to LAN Logs This section describes logs that are generated when the UTM processes WAN to LAN traffic. Table C-29. Routing Logs: WAN to - Netgear UTM25-100NAS | Reference Manual - Page 458
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual C-18 v1.0, September 2009 System Logs and Error Messages - Netgear UTM25-100NAS | Reference Manual - Page 459
has also recognized the need to provide more than just a firewall to protect the networks. As part the new maintenance firmware release, NETGEAR has implemented a more robust authentication system known as Two-Factor Authentication (2FA or T-FA) on its SSL and IPSec VPN firewall product line to - Netgear UTM25-100NAS | Reference Manual - Page 460
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual • Quick to deploy and manage. The WiKID solution integrates seamlessly with the NETGEAR SSL and VPN firewall products. • Proven regulatory compliance. Two-Factor Authentication has been used as a mandatory authentication process for - Netgear UTM25-100NAS | Reference Manual - Page 461
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual The request-response architecture is capable of self-service initialization by end-users, dramatically reducing implementation and maintenance costs. Here is an example of how WiKID works. 1. The user launches the WiKID token - Netgear UTM25-100NAS | Reference Manual - Page 462
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Note: The one-time passcode is time synchronized to the authentication server so that the OTP can only be used once and must be used - Netgear UTM25-100NAS | Reference Manual - Page 463
documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link Using Microsoft Vista and http://documentation.netgear.com/reference/enu/winzerocfg/ Windows XP to Manage vistaxpconfig.pdf Wireless Network Connections TCP/IP - Netgear UTM25-100NAS | Reference Manual - Page 464
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual E-2 Related Documents v1.0, September 2009 - Netgear UTM25-100NAS | Reference Manual - Page 465
A AAA 7-39 AC input 1-12 access, remote management 10-12 action buttons (Web Management Interface) 2-6 activating, service licenses 1-8, 2-27 Active Directory 8-6, 9-2, 9-5 Active LED (UTM25 only) 1-11 ActiveX 6-24, 6-28 ActiveX web cache cleaner, SSL VPN 8-5, 8-22 address reservation 4-17 Address - Netgear UTM25-100NAS | Reference Manual - Page 466
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual B backing up, configuration file 10-16 bandwidth type 5-38 BitTorrent 2-17, 6-21 blacklist e-mails 6-12 URLs 6-32 blocking applications (services) 6-21 e-mails 6-14 file extensions 6-8, 6-24, 6-28 file names 6-8 Instant Messaging - Netgear UTM25-100NAS | Reference Manual - Page 467
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual configuration file backing up 10-16 1-5, 12-3 CSR 9-21 custom services, firewall 5-30 D Data Encryption Standard. See DES. database, local user 8-6, 9-4 date settings 2-15, 10-24 troubleshooting 12-9 daylight savings time 2-15, - Netgear UTM25-100NAS | Reference Manual - Page 468
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual DMZ DHCP address pool 4-20 DNS servers 4- edge device 7-38, 7-39 eDonkey 2-17, 6-21 EICAR 2-26 e-mail notification server configuring manually 11-5 settings, using the Setup Wizard 2-23 SMTP server 2-23 e-mails audio and video files - Netgear UTM25-100NAS | Reference Manual - Page 469
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual F factory default settings reverting to 10-18 service licenses, automatic retrieval 2-29 failover attempts DNS lookup 3-13 pinging 3-13 failover protection.. See auto-rollover mode (UTM25). failure detection method (UTM25) 3-9, 3- - Netgear UTM25-100NAS | Reference Manual - Page 470
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Setup Wizard 2-7 initial connection 2-1 Installation Guide 2-1 installation, verifying 2-26 Instant Messaging blocked ). Internet Message Access Protocol. See IMAP. Internet Service Provider. See ISP. Intrusion Prevention System. See - Netgear UTM25-100NAS | Reference Manual - Page 471
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual IP/MAC binding 5-42 IPS alerts 11-10 attacks DHCP 2-10, 4-10, 4-21 VLANs 4-6 LEDs explanation of 1-10 front panel 1-10 troubleshooting 12-2, 12-3 licenses expiration dates 11-22 key 1-8 ProSafe VPN Client software 1-2 Lightweight - Netgear UTM25-100NAS | Reference Manual - Page 472
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Internet Authentication Service. See MIAS NETGEAR registration server 1-8 network configuration requirements B-3 database 4-12, 4-13, 11-31 diagnostic tools 11-43, 11-44 planning, dual WAN ports (UTM25) B-1 protocols, supported - Netgear UTM25-100NAS | Reference Manual - Page 473
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Network Access Server. See NAS. Network Address Translation. See NAT. Network Time Protocol. See NTP. newsgroups 6-24 NT Domain 8-6, 9-2, 9-5 NTP servers, settings 2-15, 10-25 troubleshooting traffic 10-2 service blocking 5-4 - Netgear UTM25-100NAS | Reference Manual - Page 474
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual manually generated (manual) 7-30 SSL VPN managing 8-31 settings attacks 5-20 protocol binding (UTM25) 3-14, 3-15 protocols compatibilities A-2 e-mails 6-4 RIP 1-6 service numbers 5-31 supported 1-2 traffic volume by protocol - Netgear UTM25-100NAS | Reference Manual - Page 475
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual quality of service. See QoS. question mark icon (Web Management Interface) 2-7 R rack mounting kit 1-14 RADIUS backup server 7-41 description 9-2 NAS 7-41 primary server 7-41 RADIUS-CHAP 7-29, 7- - Netgear UTM25-100NAS | Reference Manual - Page 476
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual scanning exclusions 6-44 size exceptions 6-6, 6-23, 6-41 expiration dates 11-22 trial period 2-27 service logs 11-9, 11-33, 11-35 service numbers, common protocols 5-31 service registration card 1-8 Session Initiation Protocol. See - Netgear UTM25-100NAS | Reference Manual - Page 477
24 table 4-23 statistics, service and traffic 11-19 status screens 11-20 stealth mode 5-21 Stream Scanning technology overview 1-4 streaming, HTTP and HTTPS traffic 2-20, 6-22 submenu tabs (Web Management Interface) 2-5 support, online 12-10 suspicious files, sending to NETGEAR 12-11 SYN flood 5-21 - Netgear UTM25-100NAS | Reference Manual - Page 478
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual technical specifications A-2 Test LED 1-10, 12-2 testing connectivity 2-26 HTTP scanning 2-26 time daylight savings, troubleshooting 12-10 settings 2-15, 10-24 troubleshooting 12-9 time-out error, troubleshooting of Service. See - Netgear UTM25-100NAS | Reference Manual - Page 479
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual Virtual Private Network Consortium. See VPNC. virtual private network. See VPN (tunnel). virus database 10-21 logs. See malware, logs, protection 6-5, 6-21 signature files 10- - Netgear UTM25-100NAS | Reference Manual - Page 480
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual DDNS 3-19 description 3-9 settings 3-12 VPN IPsec 7-1 bandwidth capacity 10-1 classical routing 3-10 connection speed and type 3-24 failure detection method (UTM25 Interface description 2-5 troubleshooting 12-3 Web protection
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
-
333
-
334
-
335
-
336
-
337
-
338
-
339
-
340
-
341
-
342
-
343
-
344
-
345
-
346
-
347
-
348
-
349
-
350
-
351
-
352
-
353
-
354
-
355
-
356
-
357
-
358
-
359
-
360
-
361
-
362
-
363
-
364
-
365
-
366
-
367
-
368
-
369
-
370
-
371
-
372
-
373
-
374
-
375
-
376
-
377
-
378
-
379
-
380
-
381
-
382
-
383
-
384
-
385
-
386
-
387
-
388
-
389
-
390
-
391
-
392
-
393
-
394
-
395
-
396
-
397
-
398
-
399
-
400
-
401
-
402
-
403
-
404
-
405
-
406
-
407
-
408
-
409
-
410
-
411
-
412
-
413
-
414
-
415
-
416
-
417
-
418
-
419
-
420
-
421
-
422
-
423
-
424
-
425
-
426
-
427
-
428
-
429
-
430
-
431
-
432
-
433
-
434
-
435
-
436
-
437
-
438
-
439
-
440
-
441
-
442
-
443
-
444
-
445
-
446
-
447
-
448
-
449
-
450
-
451
-
452
-
453
-
454
-
455
-
456
-
457
-
458
-
459
-
460
-
461
-
462
-
463
-
464
-
465
-
466
-
467
-
468
-
469
-
470
-
471
-
472
-
473
-
474
-
475
-
476
-
477
-
478
-
479
-
480
 |
 |
202-10482-01
September 2009
v1.0
NETGEAR
, Inc.
350 East Plumeria Drive
San Jose, CA 95134
ProSecure Unified Threat
Management UTM10 or
UTM25 Reference Manual