Netgear UTM5EW-100NAS Reference Manual

Netgear UTM5EW-100NAS Manual

Get Netgear UTM5EW-100NAS PDF manuals and user guides View all Netgear UTM5EW-100NAS manuals
Add to My Manuals
Save this manual to your list of manuals

Netgear UTM5EW-100NAS manual content summary:

  • Netgear UTM5EW-100NAS | Reference Manual - Page 1
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 202-10482-02 January 2010 v1.0
  • Netgear UTM5EW-100NAS | Reference Manual - Page 2
    and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this approved by NETGEAR could void the user's authority to operate the equipment. EU Regulatory Compliance Statement The ProSecure Unified Threat
  • Netgear UTM5EW-100NAS | Reference Manual - Page 3
    radio interference in such residential areas. When used near a radio or TV receiver, it may become the cause of radio interference. Read instructions for correct handling. Additional Copyrights AES Copyright (c) 2001, Dr. Brian Gladman, [email protected], Worcester, UK. All rights reserved. TERMS
  • Netgear UTM5EW-100NAS | Reference Manual - Page 4
    LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  • Netgear UTM5EW-100NAS | Reference Manual - Page 5
    Publication Details Model Number: Publication Date: Product Family: Product Name: Home or Business Product: Language: Publication Part Number: Publication Version Number UTM January 2010 UTM ProSecure Unified Threat Management (UTM) Appliance Business English 202-10482-02 1.0 v v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 6
    vi v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 7
    How to Print This Manual xviii Revision History ...xviii Chapter 1 Introduction What Is the ProSecure Unified Threat Management (UTM) Appliance 1-1 Key Features and Capabilities 1-2 Dual-WAN Port Models for Increased Reliability or Outbound Load Balancing 1-3 Advanced VPN Support for Both IPsec
  • Netgear UTM5EW-100NAS | Reference Manual - Page 8
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Step 3 of 10: System Date and Time 2-14 Setup Wizard Step 4 of 10: Services 2-16 Setup Wizard Step 5 of 10: Email Security 2-18 Setup Wizard Step 6 with NETGEAR 2-26 What to Do Next ...2-28 Chapter 3 Manually Configuring
  • Netgear UTM5EW-100NAS | Reference Manual - Page 9
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Secondary WAN Addresses 3-17 Configuring Dynamic Administrator Tips ...5-2 Using Rules to Block or Allow Specific Kinds of Traffic 5-3 Services-Based Rules 5-3 Order of Precedence for Rules 5-11 Setting LAN WAN Rules
  • Netgear UTM5EW-100NAS | Reference Manual - Page 10
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Managing the Application Level Gateway for SIP Sessions 5-31 Creating Services, QoS Profiles, and Bandwidth Profiles 5-32 Adding Customized Services 5-32 Creating Quality of Service VPN Wizard for Client and Gateway Configurations 7-3
  • Netgear UTM5EW-100NAS | Reference Manual - Page 11
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Creating Gateway-to-Gateway VPN Tunnels with the Wizard 7-4 Creating a Client to Gateway VPN Tunnel 7-9 Testing the Connections and Viewing Status Information 7-17 Testing the VPN Connection 7-17 NETGEAR VPN Client Status and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 12
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Viewing the UTM SSL VPN Connection Status 8-16 Viewing the UTM SSL VPN Log 8-16 Manually Configuring and Editing SSL Connections 8-17 Creating the Portal Layout 8-18 Configuring Domains, Groups, and Users 8-22 Configuring
  • Netgear UTM5EW-100NAS | Reference Manual - Page 13
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Updating the Scan Signatures and Scan Engine Firmware 10-21 Configuring Date and Time Service Viewing Active VPN Users 11-24 Viewing VPN Tunnel 11-48 Chapter 12 Troubleshooting and Using Online Support Basic Functioning ...12-2
  • Netgear UTM5EW-100NAS | Reference Manual - Page 14
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Troubleshooting the ISP Connection 12-5 Troubleshooting a TCP/IP Network Using 12-9 Problems with Date and Time 12-10 Using Online Support 12-10 Enabling Remote Troubleshooting 12-10 Sending Suspicious Files to NETGEAR for
  • Netgear UTM5EW-100NAS | Reference Manual - Page 15
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Firewall Restart ...C-4 IPsec Restart ...C-4 WAN Status ...C-5 Two-Factor Authentication D-1 What is Two-Factor Authentication D-2 NETGEAR Two-Factor Authentication Solutions D-2 Appendix E Related Documents Index xv v1.0,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 16
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual xvi v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 17
    About This Manual The NETGEAR® ProSecure™ Unified Threat Management (UTM) Appliance Reference Manual describes how to install, configure, and troubleshoot a ProSecure Unified Threat Management (UTM) Appliance. The information in this manual is intended for readers with intermediate computer and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 18
    UTM according to these specifications: Product Version ProSecure Unified Threat Management (UTM) Appliance Manual Publication Date January 2010 For more information about network, Internet, firewall, and VPN technologies, click the links to the NETGEAR Website in Appendix E, "Related Documents
  • Netgear UTM5EW-100NAS | Reference Manual - Page 19
    for the UTM" on page 1-14. What Is the ProSecure Unified Threat Management (UTM) Appliance? The ProSecure Unified Threat Management (UTM) Appliance, hereafter referred to as scan engine that uses NETGEAR Stream Scanning technology to protect your network from denial of service (DoS) attacks, unwanted
  • Netgear UTM5EW-100NAS | Reference Manual - Page 20
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Key Features and Capabilities The UTM provides the following network resources. • Advanced IPsec VPN and SSL VPN support. • Depending on the model, bundled with a 1-user license of the NETGEAR ProSafe VPN Client software (VPN01L). •
  • Netgear UTM5EW-100NAS | Reference Manual - Page 21
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Dual-WAN Port Models VPN with broad protocol support for secure connection to other IPsec gateways and clients. - Depending on the model, bundled with a 1-user license of the NETGEAR ProSafe VPN Client software (VPN01L). • SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 22
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual A Powerful, True Firewall Unlike simple Internet sharing NAT have the following capabilities: • DoS protection. Automatically detects and thwarts denial of service (DoS) attacks such as Ping of Death and SYN Flood. • Secure firewall
  • Netgear UTM5EW-100NAS | Reference Manual - Page 23
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Objectionable traffic protection. The UTM prevents objectionable content from reaching your computers. You can control access to the Internet content by screening for Web services, Web addresses, and keywords within Web addresses
  • Netgear UTM5EW-100NAS | Reference Manual - Page 24
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Extensive Protocol Support The UTM supports the Transmission Control Protocol/ of ISP account. • IPsec VPN Wizard. The UTM includes the NETGEAR IPSec VPN Wizard to easily configure IPsec VPN tunnels according to the recommendations
  • Netgear UTM5EW-100NAS | Reference Manual - Page 25
    . For performance specifications and sizing guidelines, see NETGEAR's marketing documentation at http://prosecure.netgear.com. Table 1-1. Differences Between the UTM Models Feature UTM5 IPsec VPN tunnels Number of supported site-to-site IPsec VPN tunnels 5 (from which the model derives its
  • Netgear UTM5EW-100NAS | Reference Manual - Page 26
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 1-1. Differences Between the UTM Models (continued) Feature USB ports Console ports (RS232) Flash Memory/RAM Deployment VLAN Support Dual-WAN auto-rollover mode Dual-WAN load balancing mode Single-WAN mode UTM5 1 1 2 GB/
  • Netgear UTM5EW-100NAS | Reference Manual - Page 27
    UTM model). • ProSecure Unified Threat Management UTM Installation Guide. • Resource CD, including: - Application Notes and other helpful information. - ProSafe VPN Client Software (VPN01L) (depends on the UTM model) • Service Registration Card with License Key(s). • Warranty and Support Information
  • Netgear UTM5EW-100NAS | Reference Manual - Page 28
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Hardware Features The front panel ports and LEDs, rear panel ports, and bottom label of the UTM are described below. Front Panel Viewed from left
  • Netgear UTM5EW-100NAS | Reference Manual - Page 29
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: Figure 1-2 shows a dual-WAN port model (the UTM25). Single-WAN port models contain the left WAN port that is shown in Figure 1-2 but no
  • Netgear UTM5EW-100NAS | Reference Manual - Page 30
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 1-2. LED Descriptions (continued) Object Activity Active LED (dual-WAN port models only) Off On (Green) Description The WAN port is either not enabled or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 31
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 1-4 shows the product label for the UTM5. Figure 1-4 Figure 1-5 shows the product label for the UTM10. Figure 1-5 Introduction v1.0, January 2010 1-13
  • Netgear UTM5EW-100NAS | Reference Manual - Page 32
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 1-6 shows the product label for the UTM25. Figure 1-6 Choosing a Location for the UTM The UTM is suitable for use in an office environment where
  • Netgear UTM5EW-100NAS | Reference Manual - Page 33
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Temperature operating limits are not likely to be exceeded. Install the unit in a clean, airconditioned environment. For information about the recommended operating temperatures for the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 34
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 1-16 v1.0, January 2010 Introduction
  • Netgear UTM5EW-100NAS | Reference Manual - Page 35
    restart your network according to the instructions in the installation guide. See the ProSecure Unified Threat Management UTM Installation Guide for complete steps. A PDF of the Installation Guide is on the NETGEAR website at http://prosecure.netgear.com or http://kb.netgear.com/app/home. 2. Log in
  • Netgear UTM5EW-100NAS | Reference Manual - Page 36
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Web Management Interface, SSL VPN users should choose a browser that supports JavaScript, Java, cookies, SSL Enter https://192.168.1.1 in the address field. The NETGEAR Configuration Manager Login screen displays in the browser (see
  • Netgear UTM5EW-100NAS | Reference Manual - Page 37
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 2-1 Note: The first time that you can import the UTM's root certificate by clicking the hyperlink at the he bottom of the NETGEAR Configuration Manager Login screen. 3. In the User field, type admin. Use lower case letters.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 38
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. Click Login. The Web Management Interface appears, displaying the System Status screen. (Figure 2-2 on page 2-4 shows the top part of a dual-WAN port model screen.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 39
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Understanding the Web Management Interface Menu Layout Figure 2-3 shows the menu at the top of a dual-WAN port model's Web Management Interface (in this example,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 40
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The bottom of each screen provides action buttons. The nature of the screen determines which action buttons are shown. Figure 2-4 shows an example. Figure 2-4 Any
  • Netgear UTM5EW-100NAS | Reference Manual - Page 41
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Down. Move down the selected entry in the Chapter 3, "Manually Configuring Internet and WAN Settings." To start the Setup Wizard: 1. Select Wizards from the main navigation menu. The "Welcome to the Netgear Configuration Wizard"
  • Netgear UTM5EW-100NAS | Reference Manual - Page 42
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 1 of 10: LAN Settings Figure 2-7 Enter the settings as explained in Table 2-1 on page 2-9, then click Next to go the following screen.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 43
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-1. Setup Wizard Step 1: LAN Settings on your network is the DHCP server for the default VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio button
  • Netgear UTM5EW-100NAS | Reference Manual - Page 44
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual of the VLAN profile are used only for SSL VPN and UTM authentication, but not for Web and e-mail example, to search the Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net port The port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 45
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-1. Setup Wizard Step 1: LAN Settings ( by default. Note: When you deselect the Enable DNS Proxy radio button, the UTM still services DNS requests that are sent to its LAN IP address unless you disable DNS Proxy in the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 46
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: Click the Auto Detect action button at the bottom of the menu. The auto-detect process probes the WAN port for a range of connection methods and suggests one that your ISP is most likely to support. Note: After you have
  • Netgear UTM5EW-100NAS | Reference Manual - Page 47
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-2. Setup Wizard Step 2: WAN Settings (continued) Setting Description (or Subfield and Description) Austria (PPTP) (continued) Other (PPPoE) Idle Timeout Select the Keep Connected radio
  • Netgear UTM5EW-100NAS | Reference Manual - Page 48
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-2. Setup Wizard Step 2: WAN Settings (continued) For more information about these settings, see "Configuring Date and Time Service" on page 10-24. 2-14 Using the Setup Wizard to Provision the UTM in Your Network
  • Netgear UTM5EW-100NAS | Reference Manual - Page 49
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Adjust for If daylight savings time is supported in your region, select the Automatically Daylight or Server 2 field blank, both fields are set to the default Netgear NTP servers. Note: A list of public NTP servers is available
  • Netgear UTM5EW-100NAS | Reference Manual - Page 50
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 4 of 10: Services Figure 2-10 Enter the settings as explained in Table 2-4 on page 2-17, then click Next to go the following screen. Note: After you have completed
  • Netgear UTM5EW-100NAS | Reference Manual - Page 51
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-4. Setup Wizard Step 4: Services Settings Setting Email SMTP enable HTTPS scanning, select the corresponding checkbox. You can change the standard service port (port 443) or add another port in the corresponding Ports to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 52
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 5 of 10: Email Security Figure 2-11 Enter the settings as explained in Table 2-5, then click Next to go the following screen. Note:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 53
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-5. Setup Wizard Step 5: Email Security Settings (continued) Setting Description (or Subfield and Description) IMAP From the IMAP pull-down menu, specify one of the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 54
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: After you have completed the steps in the Setup Wizard, you can make changes to the Web security settings by selecting Application Security > HTTP/
  • Netgear UTM5EW-100NAS | Reference Manual - Page 55
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 7 of 10: Web Categories to Be Blocked Figure 2-13 Using the Setup Wizard to Provision the UTM in Your Network v1.0, January 2010 2-21
  • Netgear UTM5EW-100NAS | Reference Manual - Page 56
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Enter the settings as explained in Table 2-7, then click Next to go the following screen. Note: After you have completed the steps in the Setup
  • Netgear UTM5EW-100NAS | Reference Manual - Page 57
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 8 of 10: Email Notification Figure 2-14 name of the sender for e-mail identification purposes. For example, enter [email protected]. The IP address and port number or Internet name and port number of
  • Netgear UTM5EW-100NAS | Reference Manual - Page 58
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setup Wizard Step 9 of 10: Signatures & Engine Figure 2-15 Enter the settings as explained in Table 2-9 on page 2-25, then click Next to go the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 59
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 2-9. Setup Wizard Step 9: Signatures & the following radio buttons: • Default update server. Files are updated from the default NETGEAR update server. • Server address. Files are updated from the server that you specify:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 60
    malware information file. Registering the UTM with NETGEAR To receive threat management component updates and technical support, you must register your UTM with NETGEAR. The support registration key is provided with the product package (see "Service Registration Card with License Keys" on page
  • Netgear UTM5EW-100NAS | Reference Manual - Page 61
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: Activating the service licenses initiates their If your UTM is connected to the Internet, you can activate the service licenses: 1. Select Support > Registration. The Registration screen displays. Figure 2-17 2. Enter the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 62
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. Repeat step 2 and step 4 for additional license keys. The UTM activates the licenses and registers the unit with the NETGEAR and services that VPN Wizard for Client and Gateway Configurations" on page 7-3. • "Using the SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 63
    Chapter 3 Manually Configuring Internet and WAN Settings Note: The initial Internet configuration of the UTM is described in Chapter 2, "Using the Setup Wizard to Provision the UTM
  • Netgear UTM5EW-100NAS | Reference Manual - Page 64
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Configure dynamic DNS on the WAN ports (optional). Configure options: • Automatic detection and configuration of the network connection. • Manual configuration of the network connection. Each option is detailed in the sections
  • Netgear UTM5EW-100NAS | Reference Manual - Page 65
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 3-1 2. Click the Auto Detect action button at the bottom of the menu. The auto-detect process probes the WAN port for a range of connection methods and suggests one that your ISP is most likely to support. (Figure 3-2 shows
  • Netgear UTM5EW-100NAS | Reference Manual - Page 66
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The auto-detect process will return see "Configuring the WAN Mode (Required for Dual-WAN Port Models Only)" on page 3-9 and "Troubleshooting the ISP Connection" on page 12-5. 3. To verify the connection, click the WAN Status option
  • Netgear UTM5EW-100NAS | Reference Manual - Page 67
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The WAN Status window should show a valid IP address and gateway. If the configuration was not successful, skip ahead to "Manually Configuring the Internet Connection" on this page , or see "Troubleshooting the ISP Connection" on
  • Netgear UTM5EW-100NAS | Reference Manual - Page 68
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To manually configure the WAN1 ISP (dual-WAN port models) or WAN ISP (single-WAN port models) settings: 1. On a dual-WAN port model, select Network Configuration > WAN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 69
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. If your connection is PPTP or PPPoE, your ISP requires an initial login. Enter the if your ISP charges you based on the period that you have logged in. Manually Configuring Internet and WAN Settings 3-7 v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 70
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 6. Configure the Internet (IP) Address settings as explained in Table 3-3. Click the Current IP Address link to see the currently assigned IP address. Figure 3-6 Table 3-3.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 71
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 3-4. DNS Server Settings Setting Description (or Subfield and Description) Get Automatically from ISP Use These DNS Servers If your ISP has not assigned any
  • Netgear UTM5EW-100NAS | Reference Manual - Page 72
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual If you want to use a redundant ISP link for backup purposes, select the WAN port that must act as the primary link for this mode.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 73
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Classical Routing (All Models) In classical routing mode for this mode and configure the WAN failure detection method on the WAN Mode screen to support auto-rollover. When the UTM is configured in auto-rollover mode, it uses the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 74
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure the dual-WAN ports for auto-rollover mode: 1. Select Network Config > that the backup WAN port is configured before enabling AutoRollover mode. 3-12 Manually Configuring Internet and WAN Settings v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 75
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 3-5. Auto-Rollover Mode Settings (Dual-WAN Port Models Only) (continued) Setting Description (or Subfield and Description) WAN Failure Detection Method Select one of the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 76
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: The default time to roll over after the the low speed link. • Continuity of source IP address for secure connections. Some services, particularly HTTPS, cease to respond when a client's source IP address changes shortly
  • Netgear UTM5EW-100NAS | Reference Manual - Page 77
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 3-9 a. Figure 3-9 shows one example in the and Description) Add Protocol Binding Service From the pull-down menu, select a service or application to be covered by this rule. If the service or application does not appear
  • Netgear UTM5EW-100NAS | Reference Manual - Page 78
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 3-6. Protocol Binding Settings (Dual-WAN Port Models Only) (continued) Setting Description (or Subfield and Description) Source Network (continued) Destination Network Group 1-Group 8 If this
  • Netgear UTM5EW-100NAS | Reference Manual - Page 79
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Secondary WAN Addresses A single WAN of the following inbound firewall rule screens: - Add LAN WAN Inbound Service screen - Add DMZ WAN Inbound Service screen • In the NAT IP pull-down menus of the following outbound
  • Netgear UTM5EW-100NAS | Reference Manual - Page 80
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To add a secondary WAN address to a WAN port: 1. Select Network Config > WAN Settings from that you want to add to the List of Secondary WAN addresses table. 3-18 Manually Configuring Internet and WAN Settings v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 81
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Dynamic DNS Dynamic DNS (DDNS) is an Internet service that and the address can change frequently-hence, the need for a commercial DDNS service, which allows you to register an extension to its domain, and restores DNS
  • Netgear UTM5EW-100NAS | Reference Manual - Page 82
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 3-11 The WAN Mode section on match the configured WAN Mode are accessible on screen. 3. Select the submenu tab for your DDNS service provider: • Dynamic DNS submenu tab (which is shown in Figure 3-11) for DynDNS.org or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 83
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Click the Information option arrow in the upper right corner of a DNS screen for registration information. Figure 3-12: 5. Access the Web site of the DDNS service provider and register for an account (for example, for dyndns.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 84
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 7. Click Apply to save your configuration. Configuring Advanced WAN Options The advanced options include configuration of the maximum transmission unit (MTU) size, port speed, UTM's
  • Netgear UTM5EW-100NAS | Reference Manual - Page 85
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the default information settings as provides the WAN connection. If you cannot establish an Internet connection, you might need to manually select the port speed. If you know the Ethernet port speed of the modem or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 86
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 3-8. Advanced WAN Settings (continued) Setting Description (or Subfield and Description) Use this MAC Address Select the Use this MAC Address radio button to manually might restart, or services such as HTTP and NETGEAR
  • Netgear UTM5EW-100NAS | Reference Manual - Page 87
    Chapter 4 LAN Configuration Note: The initial LAN configuration of the UTM's default VLAN 1 is described in Chapter 2, "Using the Setup Wizard to Provision the UTM in Your Network." This chapter describes how to configure the advanced LAN features of your UTM. This chapter contains the following
  • Netgear UTM5EW-100NAS | Reference Manual - Page 88
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual VLANs have a number of advantages: • can be used to restrict access to each VLAN. Managing the UTM's Port-Based VLANs The UTM supports port-based VLANs. Port-based VLANs help to confine broadcast traffic to the LAN ports. Even
  • Netgear UTM5EW-100NAS | Reference Manual - Page 89
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual When you create a VLAN profile, assign LAN ports to the VLAN, and enable the VLAN, the LAN ports that are member of the VLAN can
  • Netgear UTM5EW-100NAS | Reference Manual - Page 90
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual For each VLAN profile, the following fields are displayed in the VLAN Profiles table: • Checkbox. Allows you to select the VLAN profile in the table. •
  • Netgear UTM5EW-100NAS | Reference Manual - Page 91
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The UTM delivers the following settings to Agent makes it possible for DHCP broadcast messages to be sent over routers that do not support forwarding of these types of messages. The DHCP Relay Agent is therefore the routing protocol
  • Netgear UTM5EW-100NAS | Reference Manual - Page 92
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual LDAP Server A Lightweight Directory Access Protocol (LDAP) server allows a user to query and modify directory services that run over TCP/IP. For example, clients can query email addresses, contact information, and other service
  • Netgear UTM5EW-100NAS | Reference Manual - Page 93
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Either select an entry from the VLAN Profiles table by clicking the corresponding Edit table button or add a new VLAN profile by clicking the Add
  • Netgear UTM5EW-100NAS | Reference Manual - Page 94
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table 4-1. Table device on your network is the DHCP server for the VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio
  • Netgear UTM5EW-100NAS | Reference Manual - Page 95
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-1. VLAN Profile Settings (continued) Setting LDAP settings that you specify as part of the VLAN profile are used only for SSL VPN and UTM authentication, but not for Web and e-mail security. LDAP Server The IP address
  • Netgear UTM5EW-100NAS | Reference Manual - Page 96
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual example, to search the Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net The port the Enable DNS Proxy radio button, the UTM still services DNS requests that are sent to its LAN IP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 97
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Multi-Home LAN IPs on the Default VLAN If you have computers using different IP networks in the LAN, (for example, 172.16.2.0 or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 98
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. In the Add Secondary LAN IPs section cannot be configured in the DHCP server. The hosts on the secondary subnets must be manually configured with the IP addresses, gateway IP address and DNS server IP addresses. Managing Groups
  • Netgear UTM5EW-100NAS | Reference Manual - Page 99
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Some advantages of the Network Database are: • changing their IP address. Managing the Network Database You can view the Network Database, manually add or remove database entries, and edit database entries. To view the Network
  • Netgear UTM5EW-100NAS | Reference Manual - Page 100
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 4-5 The Known PCs and Devices table the PC or device. For computers that do not support the NetBIOS protocol, the name is displayed as "Unknown" (you can edit the entry manually to add a meaningful name). If the PC or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 101
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Adding PCs or Devices to the Network Database To add PCs or devices manually to the Network Database: 1. In the Add Known PCs and Devices section of the LAN Groups screen (see Figure 4-5 on page 4-14), enter the settings
  • Netgear UTM5EW-100NAS | Reference Manual - Page 102
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Editing PCs or Devices in the Network Database To edit PCs or devices manually in the Network Database: 1. In the Known PCs and Devices table of the LAN Groups screen (see Figure 4-5 on page 4-14), click the Edit table
  • Netgear UTM5EW-100NAS | Reference Manual - Page 103
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Click the Edit Group Names option arrow at the right of the LAN submenu tabs. The Network Database Group Names screen displays. (Figure 4-7 shows some
  • Netgear UTM5EW-100NAS | Reference Manual - Page 104
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To reserve an IP address, select Reserved UTM (the rightmost LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet without compromising security on your LAN. By default, the DMZ port and both
  • Netgear UTM5EW-100NAS | Reference Manual - Page 105
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To enable and configure the DMZ port: 1. Select Network Config > DMZ Setup from the menu. The DMZ Setup screen displays. Figure 4-8 2. Enter the settings as
  • Netgear UTM5EW-100NAS | Reference Manual - Page 106
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-3. DMZ Setup Settings Setting Description ( device on your network is the DHCP server for the VLAN, or if you will manually configure the network settings of all of your computers, select the Disable DHCP Server radio
  • Netgear UTM5EW-100NAS | Reference Manual - Page 107
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-3. DMZ Setup Settings (continued dc (for domain) For example, to search the in Netgear.net domain for all last names of Johnson, you would enter: cn=Johnson,dc=Netgear,dc=net port The port number for the LDAP server. The
  • Netgear UTM5EW-100NAS | Reference Manual - Page 108
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-3. DMZ Setup Settings ( for DNS address name resolution. This setting is enabled by default. Note: The UTM still services DNS requests sent to its LAN IP address unless you disable DNS Proxy in the firewall settings
  • Netgear UTM5EW-100NAS | Reference Manual - Page 109
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Static Routes To add a static route to the Static Route table: 1. Select Network Config > Routing from the menu. The Routing screen displays. Figure 4-9 2. Click
  • Netgear UTM5EW-100NAS | Reference Manual - Page 110
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table 4-4. Table 4-4. Static Route Settings Setting Description (or Subfield and Description) Route Name The route name for the static
  • Netgear UTM5EW-100NAS | Reference Manual - Page 111
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To enable and configure RIP: 1. Select Network Configuration > Routing from the menu. 2. Click the RIP Configuration option arrow at the right of the Routing submenu
  • Netgear UTM5EW-100NAS | Reference Manual - Page 112
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-5. RIP Configuration Settings routing that does not include subnet information. This is the most commonly supported version. • RIP-2. Routing that supports subnet information. Both RIP-2B and RIP-2M send the routing data
  • Netgear UTM5EW-100NAS | Reference Manual - Page 113
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 4-5. RIP Configuration Settings (continued) Setting Authentication for RIP-2B/2M required? (continued) Description (or Subfield and Description) Not Valid Before The beginning of the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 114
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4-28 v1.0, January 2010 LAN Configuration
  • Netgear UTM5EW-100NAS | Reference Manual - Page 115
    this page. • "Using Rules to Block or Allow Specific Kinds of Traffic" on page 5-3. • "Configuring Other Firewall Features" on page 5-27 • "Creating Services, QoS Profiles, and Bandwidth Profiles" on page 5-32. • "Setting a Schedule to Block or Allow Specific Traffic" on page 5-41 • "Enabling Source
  • Netgear UTM5EW-100NAS | Reference Manual - Page 116
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Administrator Tips Consider the following operational items: 1. As an option, you can enable remote management if you have to manage distant sites from a central location (see "Configuring VPN ) - Services (see "Services-Based Rules
  • Netgear UTM5EW-100NAS | Reference Manual - Page 117
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Using Rules to Block or Allow Number of Maximum Number of Outbound Rules Inbound Rules Supported Rules 300 300 600 50 50 100 50 50 100 400 400 800 Services-Based Rules The rules to block traffic are based on
  • Netgear UTM5EW-100NAS | Reference Manual - Page 118
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Quality of Service (QoS) priorities. Each service has its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change the QoS priority, which changes
  • Netgear UTM5EW-100NAS | Reference Manual - Page 119
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-2. Outbound Rules Overview Setting Service Action (Filter) Select Schedule LAN Users WAN Users DMZ Users Description (or Subfield and Description) The service or application to be covered by this rule. If the service or
  • Netgear UTM5EW-100NAS | Reference Manual - Page 120
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-2. Outbound Rules Overview (continued) Setting QoS Profile Bandwidth Profile Log NAT IP Description (or Subfield and Description) The priority assigned to IP packets of this service. The priorities are defined by "Type
  • Netgear UTM5EW-100NAS | Reference Manual - Page 121
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Whether or not DHCP is enabled, how the PCs traffic that would otherwise be blocked by the firewall. Note: The UTM always blocks denial of service (DoS) attacks. A DoS attack does not attempt to steal data or damage your PCs, but
  • Netgear UTM5EW-100NAS | Reference Manual - Page 122
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Table 5-3. Inbound Rules Overview Setting Description (or Subfield and Description) Service The service or application to be covered by this rule. If the service or application does not appear in the list, you must define it
  • Netgear UTM5EW-100NAS | Reference Manual - Page 123
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-3. Inbound Rules Overview (continued) DMZ WAN rules. The priority assigned to IP packets of this service. The priorities are defined by "Type of Service (ToS) in the Internet Protocol Suite" standards, RFC 1349. The
  • Netgear UTM5EW-100NAS | Reference Manual - Page 124
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-3. Inbound Rules Overview (continued) check for servers and might suspend your account if it discovers any active services at your location. If you are unsure, see the Acceptable Use Policy of your ISP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 125
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Order of Precedence for Rules As you example, you should place the most strict rules at the top (those with the most specific services or addresses). The Up and Down table buttons in the Action column allows you to relocate a
  • Netgear UTM5EW-100NAS | Reference Manual - Page 126
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setting LAN WAN Rules The default "Block Always" to block all outbound traffic, which then allows you to enable only specific services to pass through the UTM. To change the default outbound policy: 1. Select Network Security
  • Netgear UTM5EW-100NAS | Reference Manual - Page 127
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To make changes to an existing outbound or inbound service rule, in the Action column to the right advanced administrators only! Incorrect configuration might cause serious problems. Firewall Protection v1.0, January 2010 5-13
  • Netgear UTM5EW-100NAS | Reference Manual - Page 128
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To create a new outbound LAN WAN service rule: 1. In the LAN WAN Rules screen, click the Add table button under the Outbound Services table. The Add LAN WAN Outbound Service screen displays. Figure 5-3 2. Enter the settings as
  • Netgear UTM5EW-100NAS | Reference Manual - Page 129
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To create a new inbound LAN WAN service rule: 1. In the LAN WAN Rules screen, click the Add table button under the Inbound Services table. The Add LAN WAN Inbound Service screen displays. Figure 5-4 2. Enter the settings as
  • Netgear UTM5EW-100NAS | Reference Manual - Page 130
    (UTM) Appliance Reference Manual To access the DMZ WAN Rules screen: 1. Select Network Security > Firewall from the menu. The Firewall submenu tabs appear. 2. Click the DMZ WAN Rules submenu tab. The DMZ WAN Rules screen displays. (Figure 5-5 shows a rule in the Outbound Services table as an example
  • Netgear UTM5EW-100NAS | Reference Manual - Page 131
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click one of the following table buttons: • Disable. policy. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day. An outbound rule
  • Netgear UTM5EW-100NAS | Reference Manual - Page 132
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual DMZ WAN Inbound Services Rules The Inbound Services table lists all existing rules for inbound traffic. If you have not defined any rules, no rules are listed. By default, all inbound traffic (from
  • Netgear UTM5EW-100NAS | Reference Manual - Page 133
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setting LAN DMZ Rules The LAN DMZ tab. The LAN DMZ Rules screen displays. Figure 5-8 To make changes to an existing outbound or inbound service rule: In the Action column to the right of to the rule, click on of the following table
  • Netgear UTM5EW-100NAS | Reference Manual - Page 134
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Up. Moves the rule up one position in default outbound policy. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day. An outbound rule may
  • Netgear UTM5EW-100NAS | Reference Manual - Page 135
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 5-2 on page 5-5. 3. Click Apply. The new rule is now added to the Outbound Services table. The rule is automatically enabled. LAN DMZ Inbound Services Rules The Inbound Services table
  • Netgear UTM5EW-100NAS | Reference Manual - Page 136
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Inbound Rules Examples LAN WAN Inbound Rule: Hosting A Local Public Web Server If you host a public Web server on your local network, you can define a
  • Netgear UTM5EW-100NAS | Reference Manual - Page 137
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-12 LAN WAN or DMZ WAN Inbound Rule: Setting Up One-to-One NAT Mapping In this example, we will configure multi-NAT to support multiple public IP addresses on one WAN interface. By creating an inbound rule, we will
  • Netgear UTM5EW-100NAS | Reference Manual - Page 138
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Tip: If you arrange with your tab. 3. Click the Add table button under the Inbound Services table. The Add LAN WAN Inbound Service screen displays. Figure 5-13 4. From the Service pull-down menu, select HTTP for a Web server. 5.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 139
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual to save your settings. Your is now added to the Inbound Services table of the LAN WAN Rules screen. To test the 5-14 on page 5-26.. Warning: For security, NETGEAR strongly recommends that you avoid creating an exposed host.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 140
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 1. Select Any and Allow Always (or Allow by Schedule). 2. Place the rule below all other inbound rules. Figure 5-14 Outbound Rules Example Outbound rules let
  • Netgear UTM5EW-100NAS | Reference Manual - Page 141
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-15 Configuring Other Firewall Features You can configure attack checks, set session limits, and manage the Application Level Gateway (ALG) for SIP sessions. Attack
  • Netgear UTM5EW-100NAS | Reference Manual - Page 142
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the Attack Checks submenu tab. The Attack to protect the UTM from a SYN flood attack. A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 143
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual checkbox is deselected. A UDP flood is a form of denial of service attack that can be initiated when one device sends a large number enable the VPN Pass through feature. To enable the VPN tunnel to pass the VPN traffic without any
  • Netgear UTM5EW-100NAS | Reference Manual - Page 144
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setting Session Limits Session limits allows you to specify the total number of sessions that are allowed, per user, over an IP connection across the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 145
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-5. Session Limit Settings Setting use the Session Initiation Protocol (SIP) across the firewall and provides support for multiple SIP clients. ALG support for SIP is disabled by default. To enable ALG for SIP:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 146
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-18 3. Select the Enable SIP checkbox. 4. Click Apply to save your settings. Creating Services, QoS Profiles, and Bandwidth Profiles When you create inbound and outbound firewall rules, you use firewall objects such as
  • Netgear UTM5EW-100NAS | Reference Manual - Page 147
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other players' moves. When a computer on the Internet sends a request for service to a server computer, the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 148
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. In the Add Customer Service section of the screen, enter the settings as explained in Table 5-6. Table 5-6. Services Settings Setting Name Type ICMP Type Start Port Finish Port Description (or Subfield and Description) A
  • Netgear UTM5EW-100NAS | Reference Manual - Page 149
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Modify the settings that you wish to change (see Table 5-6 on page 5-34). 3. Click Apply to save your changes. The modified service is displayed in the Custom Services table. Creating Quality of Service (QoS) Profiles A quality
  • Netgear UTM5EW-100NAS | Reference Manual - Page 150
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To create a QoS profile: 1. Select Network Security > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the QoS Profiles submenu tab. The QoS Profiles screen
  • Netgear UTM5EW-100NAS | Reference Manual - Page 151
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: This document assumes that you are ToS byte of an IP header. • DSCP. A method that sets the Differentiated Services Code Point (DSCP) in the Differentiated Services (DS) field (which is the same as the ToS byte) of an IP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 152
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Click Apply to save your changes. > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the Bandwidth Profiles submenu tab. The Bandwidth Profiles screen displays
  • Netgear UTM5EW-100NAS | Reference Manual - Page 153
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-23 The screen displays the List of Bandwidth Profiles table with the user-defined profiles. 3. Under the List of Bandwidth Profiles table, click the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 154
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-8. Bandwidth Profile Settings Setting Description (or Subfield and Description) Profile Name Minimum Bandwidth Maximum Bandwidth Type A descriptive name of the bandwidth profile for identification
  • Netgear UTM5EW-100NAS | Reference Manual - Page 155
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setting a Schedule to Block or Allow Specific Security > Firewall Objects from the menu. The Firewall Objects submenu tabs appear, with the Services screen in view. 2. Click the Schedule 1 submenu tab. The Schedule 1 screen displays
  • Netgear UTM5EW-100NAS | Reference Manual - Page 156
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Specific Times. The schedule is active only Addresses table. Note: For additional ways of restricting outbound traffic, see "Outbound Rules (Service Blocking)" on page 5-4. To enable MAC filtering and add MAC addresses to be
  • Netgear UTM5EW-100NAS | Reference Manual - Page 157
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-26 2. In the MAC Filtering Enable section, select the Yes radio button. 3. In the same section, select one of the following options from the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 158
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Setting up IP/MAC Bindings IP/MAC Binding allows you to bind an IP address to a MAC address and vice-versa. Some PCs or devices
  • Netgear UTM5EW-100NAS | Reference Manual - Page 159
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 5-27 3. Enter the settings as explained in Table 5-9. Table 5-9. IP/MAC Binding Settings Setting Description (or Subfield and Description) Email IP/MAC Violations Do
  • Netgear UTM5EW-100NAS | Reference Manual - Page 160
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-9. IP/MAC Binding Settings (continued) Setting IP Address Log Dropped Packets Description (or Subfield and Description) The IP address of the PC or device
  • Netgear UTM5EW-100NAS | Reference Manual - Page 161
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note these restrictions on port triggering: • Only one PC can use a port triggering application at any time. • After a PC has finished using a port triggering application,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 162
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-10. Port Triggering Settings Setting Description (or Subfield and Description) Name A descriptive name of the rule for identification and management purposes. Enable From the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 163
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Using the Intrusion Prevention System The Intrusion Prevention System (IPS) of the UTM monitors all network traffic to detect, in realtime, network attacks and port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 164
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: Traffic that passes on the UTM's VLANs and on the secondary IP addresses that you have configured on the LAN Multi-homing screen (see "
  • Netgear UTM5EW-100NAS | Reference Manual - Page 165
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 5-31 Firewall Protection v1.0, January 2010 5-51
  • Netgear UTM5EW-100NAS | Reference Manual - Page 166
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 5-11. IPS: Less Familiar Attack Names overflow attacks against specific Web services. These Web services include IMail Web Calendaring, ZixForum, ScozNet, ScozNews, and other services. Detect the behavior about visiting
  • Netgear UTM5EW-100NAS | Reference Manual - Page 167
    access policies that are based on the time-of-day, Web addresses, and Web address keywords. You can also block Internet access by applications and services, such as instant messaging and peer to peer file sharing clients. Note: Traffic that passes on the UTM's VLANs and on the secondary IP addresses
  • Netgear UTM5EW-100NAS | Reference Manual - Page 168
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Default E-mail and Web Scan Settings For most network Yahoo Messenger Allowed Allowed Allowed Allowed Peer-to-Peer (P2P) Services BitTorrent eDonkey Gnutella Allowed Allowed Allowed Web Objects Embedded Objects (ActiveX
  • Netgear UTM5EW-100NAS | Reference Manual - Page 169
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-1. Default E-mail and Web Scan Settings (continued) Scan Type Default Scan Setting Default Action (if applicable) Education Allowed with the exception of School Cheating.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 170
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Customizing E-mail Protocol Scan Settings To configure the e-mail protocols and ports to scan: 1. Select Application Security > Services from the menu. The Services screen displays (Figure 6-1 shows the upper part of the Services
  • Netgear UTM5EW-100NAS | Reference Manual - Page 171
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Customizing E-mail Anti-Virus and Notification Settings Whether or not the UTM detects an e-mail virus, you can configure it to take a variety of actions (
  • Netgear UTM5EW-100NAS | Reference Manual - Page 172
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 6-2. Table 6-2. E-mail Anti-Virus and Notification Settings Setting Description (or Subfield and Description) Action SMTP POP3 IMAP From
  • Netgear UTM5EW-100NAS | Reference Manual - Page 173
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-2. E-mail Anti-Virus and Notification Settings (continued) Setting Description (or Subfield and Description) Append Safe Stamp (SMTP and POP3) For SMTP and POP3 e-mail
  • Netgear UTM5EW-100NAS | Reference Manual - Page 174
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-2. E-mail Anti-Virus and Notification Settings (continued) Setting Subject Message Description (or Subfield and Description) The default subject line for the notification e-mail is "
  • Netgear UTM5EW-100NAS | Reference Manual - Page 175
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure e-mail content filtering: 1. Select Application Security > Email Filters from the menu. The Email Filters screen displays. Figure 6-3 Content Filtering and Optimizing Scans 6-9 v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 176
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 6-3. Table 6-3. E-mail Filter Settings Setting Description (or Subfield and Description) Filter by Subject Keywords Keywords Action Enter keywords
  • Netgear UTM5EW-100NAS | Reference Manual - Page 177
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-3. E-mail Filter Settings (continued) Setting default, the File Extension field lists the most common file extensions. You can manually add or delete extensions. Use commas to separate different extensions. You can enter
  • Netgear UTM5EW-100NAS | Reference Manual - Page 178
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Real-time blacklist. E-mails from known spam sources that are collected by blacklist providers are blocked. 4. Distributed Spam Analysis. E-mails that are detected as spam by the NETGEAR Spam Classification Center are either
  • Netgear UTM5EW-100NAS | Reference Manual - Page 179
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure the whitelist and blacklist: 1. Select Application Security > Anti-Spam from the menu. The Anti-Spam submenu tabs appear, with the Whitelist/Blacklist screen
  • Netgear UTM5EW-100NAS | Reference Manual - Page 180
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 6-3. Table 6-4. Whitelist/Blacklist Settings Setting Description (or Subfield and Description) Sender IP Address Whitelist Enter the source IP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 181
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual blacklist providers and are made available to the public in the form of real-time blacklists (RBLs). By accessing these RBLs, the UTM can block
  • Netgear UTM5EW-100NAS | Reference Manual - Page 182
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the Add table button in Note: Unlike other scans, you do not need to configure the spam score because the NETGEAR Spam Classification Center performs the scoring automatically as long as the UTM is connected to the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 183
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 6-6 3. Enter the settings as explained in Table 6-5. Table 6-5. Distributed Spam Analysis Settings Setting Description (or Subfield and Description) Distributed Spam Analysis SMTP POP3 Select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 184
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-5. Distributed Spam Analysis Settings ( Action SPAM to mail header pull-down menu (see above), select this checkbox to add the "X-NETGEAR-SPAM" tag to the e-mail header. The default setting is to add the default tag
  • Netgear UTM5EW-100NAS | Reference Manual - Page 185
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Web and Services Protection The UTM lets you configure the following settings to protect the network's Internet and Web services communication: • The Web protocols, instant messaging services, and peer-to-peer services
  • Netgear UTM5EW-100NAS | Reference Manual - Page 186
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 6-7 2. Enter the settings as explained in Table 6-5. Select the HTTP checkbox to enable Hypertext Transfer Protocol (HTTP) scanning. This service is enabled by default and uses default port 80. Select the HTTPS checkbox
  • Netgear UTM5EW-100NAS | Reference Manual - Page 187
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-6. Web Protocol, Instant Messaging, and Peer-to-Peer Settings (continued) Setting Description (or Subfield and Description) Note: If a protocol uses a port other than the standard service port (for example, port 80 for
  • Netgear UTM5EW-100NAS | Reference Manual - Page 188
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 6-8 2. Enter the settings as explained in Table 6-2. Table 6-7. Malware Scan Settings Setting Description (or Subfield and Description) Action HTTP and HTTPS Action From the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 189
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-7. Malware Scan Settings (continued) detected malware threat is replaced with the following text, which you can customize: NETGEAR ProSecure UTM has detected and stopped malicious code embedded in this web site or web mail
  • Netgear UTM5EW-100NAS | Reference Manual - Page 190
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Several types of Web content a period (.) is specified as the keyword, all Internet browsing access is blocked. Note: Wildcards (*) are supported. For example, if "www.net*.com" is specified, any URL that begins with "www.net" is
  • Netgear UTM5EW-100NAS | Reference Manual - Page 191
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: You can bypass any type of The Content Filtering screen displays. Because of the large size of this screen, it is presented in this manual in three figures (Figure 6-9 on this page, Figure 6-10 on page 6-26, and Figure 6-11
  • Netgear UTM5EW-100NAS | Reference Manual - Page 192
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 6-10 [Content Filtering, screen 2 of 3] 6-26 Content Filtering and Optimizing Scans v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 193
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 6-11 [Content Filtering, screen 3 of 3] 3. Enter the settings as explained in Table 6-8 on page 6-28. Content Filtering and Optimizing Scans v1.0, January 2010 6-27
  • Netgear UTM5EW-100NAS | Reference Manual - Page 194
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-8. Content Filtering Settings Setting By default, the File Extension field lists the most common file extensions. You can manually add or delete extensions. Use commas to separate different extensions. You can enter
  • Netgear UTM5EW-100NAS | Reference Manual - Page 195
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-8. Content Filtering Settings (continued) Setting Description (or Subfield and Description) Select the Web Categories You Wish to Block Select the Enable Blocking checkbox to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 196
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-8. Content Filtering Settings (continued) Setting Description (or Subfield and Description) Web Category Lookup URL Submit to NETGEAR Enter a URL to find out if it has been categorized, and if so, in which category.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 197
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure Web URL filtering: 1. Select Application Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs appear, with the Malware Scan screen in
  • Netgear UTM5EW-100NAS | Reference Manual - Page 198
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual URLs on the whitelist are not scanned. Note: Wildcards (*) are supported. For example, if you enter "www.net*.com" in the the URLs, click the Export table button and follow the instructions of your browser. Type or copy a URL in the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 199
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual URLs on the whitelist are not scanned. Note: Wildcards (*) are supported. For example, if you enter "www.net*.com" in the URLs, click the Export table button and follow the instructions of your browser. Add URL Type or copy a URL
  • Netgear UTM5EW-100NAS | Reference Manual - Page 200
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual HTTPS Scan Settings HTTPS traffic is encrypted traffic that cannot be scanned otherwise the data stream would not be secure. However, the UTM can scan
  • Netgear UTM5EW-100NAS | Reference Manual - Page 201
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual If one of these is not satisfied, a security alert message appears in the browser window (see Figure 6-14). Figure 6-14 However, even when a certificate is
  • Netgear UTM5EW-100NAS | Reference Manual - Page 202
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure the HTTPS scan settings: 1. Select Application Security > HTTP/HTTPS from the menu. The HTTP/HTTPS submenu tabs appear, with the Malware Scan screen
  • Netgear UTM5EW-100NAS | Reference Manual - Page 203
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-10. HTTPS Settings Setting port in the Ports to Scan field for the HTTPS service on the Services screen (see "Customizing Web Protocol Scan Settings and Services" on page 6-19). HTTPS 3rd Party Website Certificate
  • Netgear UTM5EW-100NAS | Reference Manual - Page 204
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note that certain sites contain elements from different HTTPS hosts. As an example, assume that the https://example.com site contains HTTPS elements from the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 205
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table Delete table button. Export To export the hosts, click the Export table button and follow the instructions of your browser. Add Host Type or copy a trusted host in the Add Host field.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 206
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To configure the FTP scan settings: 1. Select Application Security > FTP from the menu. The FTP screen displays. Figure 6-17 2. Enter the settings as explained in
  • Netgear UTM5EW-100NAS | Reference Manual - Page 207
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 6-12. FTP Scan Settings (continued) By default, the File Extension field lists the most common file extensions. You can manually add or delete extensions. Use commas to separate different extensions. You can enter a
  • Netgear UTM5EW-100NAS | Reference Manual - Page 208
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To set Web access exception rules: 1. Select Application Security > Block/Accept Exceptions from the menu. The Block/Accept Exceptions screen displays. This screen shows the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 209
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table 6-13. Table 6-13. Add and Edit Block Scanning Exception Settings Setting Description (or Subfield and Description) Action From
  • Netgear UTM5EW-100NAS | Reference Manual - Page 210
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Modify the settings that you wish to change (see Table 6-13 on page 6-43). 3. Click Apply to save your changes. The modified exception rule is
  • Netgear UTM5EW-100NAS | Reference Manual - Page 211
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 6-20 2. In the Add Scanning Exclusions section of the screen, specify an exclusion rule as explained in Table 6-14. Table 6-14. Add Scanning Exclusion
  • Netgear UTM5EW-100NAS | Reference Manual - Page 212
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 6-46 Content Filtering and Optimizing Scans v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 213
    IP Addresses to Remote Users (Mode Config)" on page 7-43. • "Configuring Keepalives and Dead Peer Detection" on page 7-55. • "Configuring NetBIOS Bridging with IPsec VPN" on page 7-59. Considerations for Dual WAN Port Systems (Dual-WAN Port Models Only) On the dual-WAN port models only, if both of
  • Netgear UTM5EW-100NAS | Reference Manual - Page 214
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual See "Virtual Private Networks (VPNs)" on page B-9 for more information about the IP addressing requirements for VPNs in the dual WAN modes. For information about how to select and configure a dynamic DNS service for resolving
  • Netgear UTM5EW-100NAS | Reference Manual - Page 215
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-1. IP Addressing for VPNs in Dual WAN Port Systems Configuration and WAN IP address Rollover Modea VPN "Gateway-to-Gateway" Fixed Dynamic VPN "Telecommuter" Fixed (client-to-gateway through a Dynamic NAT router)
  • Netgear UTM5EW-100NAS | Reference Manual - Page 216
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Creating Gateway-to-Gateway VPN Tunnels with the Wizard Figure 7-3 To set up a gateway-to-gateway VPN tunnel using the VPN Wizard. 1. Select VPN > IPsec VPN from the menu. The IPsec VPN submenu tabs appear, with the IKE Policies
  • Netgear UTM5EW-100NAS | Reference Manual - Page 217
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-4 To view the wizard default settings, click the VPN Wizard Default Values option arrow at the top right of the screen. A popup window appears (see Figure 7-5 on page 7-6) displaying the wizard default values. After
  • Netgear UTM5EW-100NAS | Reference Manual - Page 218
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-5 3. Select the radio buttons and complete the fields and as explained Table 7-2. Table 7-2. (IPsec) VPN Wizard Settings for a Gateway-to-Gateway Tunnel Setting Description (or Subfield and Description) About VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 219
    be defined as either FQDNs or IP addresses. A combination of an IP address and a FQDN is not supported. . Tip: To assure tunnels stay active, after completing the wizard, manually edit the VPN policy to enable keepalive which periodically sends ping packets to the host on the peer side of the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 220
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Click Apply to save your settings. The IPsec VPN policy is now added to the List of VPN Policies table on the VPN Policies screen. By default, the VPN policy is enabled. Figure 7-6 5. Configure a VPN policy on the remote
  • Netgear UTM5EW-100NAS | Reference Manual - Page 221
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: When using FQDNs, if the dynamic DNS service is slow to update their servers when your DHCP WAN address changes, the VPN tunnel will fail because the FQDNs do not resolve to your new address. If you have the option to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 222
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-9 To display the wizard default settings, click the VPN Wizard Default Values option arrow at the top right of the screen. A popup window appears (see Figure 7-5 on page 7-6), displaying the wizard default values. After
  • Netgear UTM5EW-100NAS | Reference Manual - Page 223
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Select the radio buttons and complete the fields and as explained Table 7-3. Table 7-3. (IPsec) VPN Wizard Settings for a Client-to-Gateway Tunnel Setting Description (or Subfield and Description) About VPN Wizard This VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 224
    Management (UTM) Appliance Reference Manual 4. Click Apply to save your settings. The IPsec VPN policy is now added to the List of VPN Policies table on the VPN Policies screen. By default, the VPN policy is enabled. Figure 7-10 Note: When using FQDNs, if the dynamic DNS service is slow to update
  • Netgear UTM5EW-100NAS | Reference Manual - Page 225
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-11 2. In the upper left of the Policy Editor window, click the New Connection icon (the first icon on the left) to open a new
  • Netgear UTM5EW-100NAS | Reference Manual - Page 226
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table menu, select Domain Name. Then, below, enter the local FQDN that you entered on the UTM's VPN Wizard screen (see Figure 7-9 on page 7-10). In this example, the domain name is utm_local
  • Netgear UTM5EW-100NAS | Reference Manual - Page 227
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. In the left frame, click My Identity. The screen window appears. Pre-Shared Key Enter the same pre-shared key that you specified on the UTM's VPN Wizard screen (see Figure 7-9 on page 7-10). In this example, the pre-shared key
  • Netgear UTM5EW-100NAS | Reference Manual - Page 228
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-5. Security Policy Editor: My Identity Settings (continued) Setting ID Type Secure Interface Configuration Internet Interface Description (or Subfield and Description) From the pull-down
  • Netgear UTM5EW-100NAS | Reference Manual - Page 229
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 9. Enter the NETGEAR ProSafe VPN Client and the UTM provide VPN connection and status information. This information is useful for verifying the status of a connection and troubleshooting problems with a connection. Testing the VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 230
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-15 In the example that is shown in Figure 7-15, you should receive the message "Successfully connected to My Connections\UTM_SJ" within 30 seconds. The VPN client icon in the system tray should say On: NETGEAR VPN Client
  • Netgear UTM5EW-100NAS | Reference Manual - Page 231
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-16 • Right-click the VPN Client icon in the system tray and select Connection Monitor. Figure 7-17 Virtual Private Networking Using IPsec Connections v1.0, January 2010 7-19
  • Netgear UTM5EW-100NAS | Reference Manual - Page 232
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The VPN client system tray icon provides a variety of status indications, which are listed below. Table 7-7. Status Indications for the VPN Client System Tray Icon System Tray Icon Status The client policy is deactivated. The
  • Netgear UTM5EW-100NAS | Reference Manual - Page 233
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Active IPsec SAs table lists each active or click the Disconnect table button to terminate the connection. Viewing the UTM IPsec VPN Log To query the IPsec VPN log: 1. Select Monitoring > Logs & Reports from the menu. The Logs
  • Netgear UTM5EW-100NAS | Reference Manual - Page 234
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-19 Managing IPsec VPN Policies After you have used the VPN Wizard to set up a VPN tunnel, a VPN policy and an IKE policy are stored in separate policy tables. The name that you selected as the VPN tunnel connection name
  • Netgear UTM5EW-100NAS | Reference Manual - Page 235
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Managing IKE Policies The Internet Key Exchange (IKE) protocol performs negotiations between the two VPN gateways, and provides automatic management of the keys that are used for IPsec connections. It is important to remember that
  • Netgear UTM5EW-100NAS | Reference Manual - Page 236
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 7-20 Each policy contains the data automatically created with the same name that you select for the VPN policy. Note: The name is not supplied to the remote VPN endpoint. The exchange mode: Main or Aggressive. The IKE/
  • Netgear UTM5EW-100NAS | Reference Manual - Page 237
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To add or edit an IKE policy, see "Manually Adding or Editing an IKE Policy on this page. Note: You cannot delete or edit an IKE policy for which the VPN policy is active. You first must disable or delete the VPN policy before you
  • Netgear UTM5EW-100NAS | Reference Manual - Page 238
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 7-21 7-26 Virtual Private Networking Using IPsec Connections v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 239
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Complete the fields, select the radio buttons endpoint. From the pull-down menu, select the exchange more between the UTM and the remote VPN endpoint: • Main. This mode is slower than the Aggressive mode but more secure. •
  • Netgear UTM5EW-100NAS | Reference Manual - Page 240
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-10. Add IKE Policy Settings (continued) Item • FQDN. The Internet address for the UTM. • User FQDN. The e-mail address for a local VPN client or the UTM. • DER ASN1 DN. A distinguished name (DN) that identifies the UTM in
  • Netgear UTM5EW-100NAS | Reference Manual - Page 241
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-10. Add IKE Policy Settings (continued) Item Description (or Subfield and Description) Authentication Algorithm From the pull-down menu, select one of the following two algorithms to use in the VPN header for the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 242
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-10. Add IKE Policy Settings ( the List of IKE Policies table. To edit an IKE policy: 1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE Policies screen in view (see Figure 7-20
  • Netgear UTM5EW-100NAS | Reference Manual - Page 243
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE Policies table. Managing VPN Policies You can create two types of VPN policies. When you use the VPN Wizard to create a VPN policy, only
  • Netgear UTM5EW-100NAS | Reference Manual - Page 244
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the VPN Policies submenu tab. The VPN Policies screen displays. (Figure 7-22 shows some examples.) Figure 7-22 Each policy contains the data that are explained in Table 7-11. These fields are explained
  • Netgear UTM5EW-100NAS | Reference Manual - Page 245
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To delete one or more VPN polices: 1. Select the checkbox to the left of the policy that you want to delete or click the Select All table button to select all VPN policies. 2. Click the Delete table button. To enable or disable one
  • Netgear UTM5EW-100NAS | Reference Manual - Page 246
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 7-23 7-34 Virtual Private Networking Using IPsec Connections v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 247
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Complete the fields, select the radio buttons and checkboxes, and make your selections from the pull-down menus as explained Table 7-12. Table 7-12. Add VPN Policy Settings Item Description (or Subfield and Description)
  • Netgear UTM5EW-100NAS | Reference Manual - Page 248
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item Description (or Subfield and Description) Traffic Selection Local IP Remote IP From the pull-down menu, select the address or addresses that are part of the VPN tunnel on
  • Netgear UTM5EW-100NAS | Reference Manual - Page 249
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item Description (or Subfield and Description) Integrity Algorithm Key-In Key-Out From the pull-down menu, select one of the following two algorithms to be used in the VPN header
  • Netgear UTM5EW-100NAS | Reference Manual - Page 250
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-12. Add VPN Policy Settings (continued) Item PFS Key Group Select IKE Policy Description (or Subfield and Description) Select this checkbox to enable Perfect Forward Secrecy (PFS), and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 251
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual You can enable XAUTH when you manually add or edit an IKE policy. Two types of XAUTH are available: • Edge Device. The UTM is used as a VPN concentrator on which one or more gateway tunnels terminate. You must specify the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 252
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual setting. • Edge Device. The UTM functions as a VPN concentrator on which one or more gateway tunnels terminate. The 9-9. RADIUS Client Configuration Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for
  • Netgear UTM5EW-100NAS | Reference Manual - Page 253
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual server in the network when a user requests access to network resources. During the establishment of a VPN connection, the VPN gateway can interrupt the process with an XAUTH request. At that point, the remote user must provide
  • Netgear UTM5EW-100NAS | Reference Manual - Page 254
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Complete the fields and select the radio buttons as explained Table 7-14. Table 7-14. RADIUS Client Settings Item Description (or Subfield and Description) Primary RADIUS
  • Netgear UTM5EW-100NAS | Reference Manual - Page 255
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: You select the RADIUS authentication protocol (PAP or CHAP) on the Edit IKE Policy screen or Add IKE Policy screen (see "Configuring XAUTH for VPN Clients" on page 7-39). Assigning IP Addresses to Remote Users (Mode Config)
  • Netgear UTM5EW-100NAS | Reference Manual - Page 256
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the Mode Config submenu tab. The Mode Config screen displays. Figure 7-25 As an example, the screen shows two Mode Config records with the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 257
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 7-26 4. Complete the fields, select the pool addresses in the First Pool fields to enable the UTM to allocate these to remote VPN clients. The Second Pool and Third Pool fields are options. To specify any client pool
  • Netgear UTM5EW-100NAS | Reference Manual - Page 258
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-15. Add Mode Config Record Hash algorithm that produces a 128-bit digest. Local IP Address The local IP address to which remote VPN clients have access. Typically, this is the UTM's LAN subnet, such as 192.168.1.0. Note:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 259
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. Click Apply to save your settings. The new Mode Config record is added to the List of Mode Config Records table. Continue the Mode Config configuration procedure by configuring an IKE policy. 6. Select VPN > IPSec VPN from the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 260
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 8. On the Add IKE Policy screen, complete for identification and management purposes. Note: The name is not supplied to the remote VPN endpoint. Responder is automatically selected when you select the Mode Config record (see above
  • Netgear UTM5EW-100NAS | Reference Manual - Page 261
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual the SHA-1 algorithm to be used in the VPN header for the authentication process. Authentication Method (8 hours). However, for a Mode Config configuration, NETGEAR recommends 3600 seconds (1 hour). Enable Dead Peer Detection
  • Netgear UTM5EW-100NAS | Reference Manual - Page 262
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-16. Add IKE Policy Settings VPN Client for Mode Config Operation From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection for Mode Config operation: 1. Right-click on the VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 263
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. In the upper left of the Policy Editor window and Description) Select the Secure radio button. If you want to connect manually only, select the Only Connect Manually checkbox. From the pull-down menu, select IP Subnet. Enter the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 264
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-17. Security Policy Editor: Remote Party, Mode Then, below, enter the IP address of the WAN interface that you selected on the UTM's VPN Wizard screen (see Figure 7-9 on page 7-10). In this example, the WAN IP address is
  • Netgear UTM5EW-100NAS | Reference Manual - Page 265
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 5. In the left frame, click My Identity. The screen window appears. Pre-Shared Key Enter the same pre-shared key that you specified on the UTM's VPN Wizard screen (see Figure 7-9 on page 7-10). In this example, the pre-shared key
  • Netgear UTM5EW-100NAS | Reference Manual - Page 266
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 7-18. Security Policy Editor: My Identity, Mode Config Settings (continued) Setting ID Type Secure Interface Configuration Internet Interface Description (or Subfield and Description) From
  • Netgear UTM5EW-100NAS | Reference Manual - Page 267
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 9. Enter the settings as explained in Table 7-19. to function, the peer VPN device on the other end of the tunnel must also support DPD. Keepalive, though less reliable than DPD, does not require any support from the peer device
  • Netgear UTM5EW-100NAS | Reference Manual - Page 268
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Keepalives The Keepalive feature maintains the IPSec SA by sending periodic ping requests to a host across the tunnel and monitoring the replies. To configure the Keepalive feature on a configured VPN policy: 1. Select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 269
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Enter the settings as explained in exchanging periodic messages with the remote VPN peer. To configure DPD on a configured IKE policy: 1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE
  • Netgear UTM5EW-100NAS | Reference Manual - Page 270
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. In the IKE SA Parameters section of the screen, locate the DPD fields. Figure 7-32 4. Select the radio button and complete the fields as explained
  • Netgear UTM5EW-100NAS | Reference Manual - Page 271
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring NetBIOS Bridging with IPsec VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for several basic network services such as naming and neighborhood device discovery. Because VPN routers do not
  • Netgear UTM5EW-100NAS | Reference Manual - Page 272
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 7-60 Virtual Private Networking Using IPsec Connections v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 273
    support for up to 13 dedicated SSL VPN tunnels VPN Wizard for Client Configurations" on page 8-2. • "Manually Configuring and Editing SSL Connections" on page 8-17. Understanding the SSL VPN Portal Options The UTM's SSL VPN portal can provide two levels of SSL service to the remote user: • SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 274
    you to save the SSL VPN policy. To edit policies or to manually configure policies, see "Manually Configuring and Editing SSL Connections" on page 8-17." To start the SSL VPN Wizard: 1. Select Wizards from the main navigation menu. The "Welcome to the Netgear Configuration Wizard" screen displays
  • Netgear UTM5EW-100NAS | Reference Manual - Page 275
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The following sections explain the five configuration screens of the SSL VPN Wizard. On the sixth screen, you can save your SSL VPN policy. The tables in the following sections explain the buttons and fields of the SSL VPN Wizard
  • Netgear UTM5EW-100NAS | Reference Manual - Page 276
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: If you leave the Portal Layout Name field blank, the SSL VPN Wizard uses the default portal layout SSL-VPN. You must enter a name other than SSL VPN in the Portal Layout Name field so the SSL VPN Customer Support" Banner
  • Netgear UTM5EW-100NAS | Reference Manual - Page 277
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-1. SSL VPN ="must-revalidate"> Note: NETGEAR strongly recommends enabling HTTP meta support ActiveX. SSL VPN Portal Pages to Display VPN services. Note: Any pages that are not selected are not visible from the SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 278
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note that Figure 8-3 contains some examples. Enter the settings as explained in Table 8-2, then click Next to go the following screen. Note: If you leave the Domain Name field blank, the SSL VPN Authentication Service (MIAS
  • Netgear UTM5EW-100NAS | Reference Manual - Page 279
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-2. SSL VPN Wizard Step 2: Domain Settings (continued) Setting Description (or Subfield and Description) Portal The portal that you selected on the first SSL VPN Wizard screen.You cannot change the portal on this screen
  • Netgear UTM5EW-100NAS | Reference Manual - Page 280
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: After you have completed the steps in the SSL VPN Wizard, you can make changes to the user settings by selecting Users > Users. For more information about user settings, see "Configuring User Accounts" on page 9-9.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 281
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual SSL VPN Wizard Step 4 of 6: Client IP Address Range and Routes Figure 8-5 Note that Figure 8-5 contains some examples. Enter the settings as explained in Table 8-4 on page 8-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 282
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-4. SSL VPN Wizard Step 4: Client IP Address Range and Routes Settings Item Description (or Subfield and Description) Client IP Address Range Enable Full Tunnel Support Select this checkbox to enable full tunnel
  • Netgear UTM5EW-100NAS | Reference Manual - Page 283
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual SSL VPN Wizard Step 5 of 6: Port Forwarding Figure 8-6 Note that is already in use in the TCP Port NumberAction field, otherwise the SSL VPN Wizard will fail and the UTM will reboot to recover its configuration. Note: After you have
  • Netgear UTM5EW-100NAS | Reference Manual - Page 284
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-5. SSL VPN Wizard Step 5: Port Forwarding Settings (continued) Item Description (or Subfield and Description) TCP Port NumberAction The TCP port number of the application that is accessed through the SSL VPN tunnel.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 285
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual SSL VPN Wizard Step 6 of 6: Verify and Save Your Settings Figure 8-7 Virtual Private Networking Using SSL Connections v1.0, January 2010 8-13
  • Netgear UTM5EW-100NAS | Reference Manual - Page 286
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual the top of the screen, and the "Welcome to the Netgear Configuration Wizard" screen displays again (see Figure 8-1 on ). When you click on the user portal link, the SSL VPN default portal opens (see Figure 8-9 on page 8-15.) This
  • Netgear UTM5EW-100NAS | Reference Manual - Page 287
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 8-8 4. Enter the user name and password that you just created with the help of the SSL VPN Wizard 5. Click Login. The default User Portal screen displays. Figure 8-9 Virtual Private Networking Using SSL Connections v1.0,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 288
    access to the network services that you defined in "SSL VPN Wizard Step 5 of 6: Port Forwarding" on page 8-11. • Change Password. Allows the user to change their password. • Support. Provides access to the NETGEAR Web site. Viewing the UTM SSL VPN Connection Status To review the status of current
  • Netgear UTM5EW-100NAS | Reference Manual - Page 289
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. From the Log Type pull-down menu, select SSL VPN. The SSL VPN logs display. Figure 8-11 Manually Configuring and Editing SSL Connections To manually configure and activate SSL connections, perform the following six basic steps
  • Netgear UTM5EW-100NAS | Reference Manual - Page 290
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual When you define the SSL VPN policies that determine network resource access for your SSL VPN way to communicate remote access instructions, support information, technical contact information, or VPN-related news updates to remote
  • Netgear UTM5EW-100NAS | Reference Manual - Page 291
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Portal layouts are applied by selecting right of the desired portal layout. To create a new SSL VPN portal layout: 1. Select VPN > SSL VPN from the menu. The SSL VPN submenu tabs appear, with the Policies screen in view. 2. Click
  • Netgear UTM5EW-100NAS | Reference Manual - Page 292
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The List of Layouts table displays the following fields: • Layout Name. The descriptive name of the portal. • Description. The banner message that is displayed at
  • Netgear UTM5EW-100NAS | Reference Manual - Page 293
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual of the SSL VPN portal URL. Note: Custom portals are window. For example, "Company Customer Support Banner Title The banner title of a banner control" content="mustrevalidate"> Note: NETGEAR strongly recommends enabling HTTP meta
  • Netgear UTM5EW-100NAS | Reference Manual - Page 294
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-6. Add Portal Layout Settings (continued) Item Description (or Subfield and Description) ActiveX web cache cleaner Select this checkbox to enable ActiveX cache control to be loaded when users log in to the SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 295
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Adding Servers and Port Numbers To configure port to remote users. To add a server and a port number: 1. Select VPN > SSL VPN from the menu. The SSL VPN s submenu tabs appear, with the Policies screen in view. 2. Click the Port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 296
    Manual Table 8-7. Port Forwarding Applications/TCP Port Numbers TCP Application Port Number FTP Data (usually not needed) FTP Control Protocol SSH Telnet SMTP (send mail) HTTP (web) POP3 (receive mail) NTP (network time protocol) Citrix Terminal Services VPN > SSL VPN from the menu. The SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 297
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. In the Add New Host Name for Port you want to enable full tunnel or split tunnel support based on your bandwidth: - A full tunnel sends all of the client's traffic across the VPN tunnel. - A split tunnel sends only traffic that
  • Netgear UTM5EW-100NAS | Reference Manual - Page 298
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • If you enable split tunnel support and you assign an entirely different subnet to the VPN tunnel clients than the subnet that is used by the local network, you must add a client route to ensure that a VPN tunnel client connects
  • Netgear UTM5EW-100NAS | Reference Manual - Page 299
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Select the checkbox and complete the fields as explained Table 8-8. Table 8-8. Client IP Address Range Settings Item Description (or Subfield and Description) Client IP Address Range Enable Full Tunnel Support SSL VPN Client
  • Netgear UTM5EW-100NAS | Reference Manual - Page 300
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To add an SSL VPN tunnel client route: 1. Select VPN > SSL VPN from the menu. The SSL VPN s submenu tabs appear, with the Policies screen in view. 2. Click the SSL VPN Client submenu tab. The SSL VPN , and services. By NETGEAR
  • Netgear UTM5EW-100NAS | Reference Manual - Page 301
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Adding New Network Resources To define a network resource: 1. Select VPN > SSL VPN from the menu. The SSL VPN s submenu tabs appear, with the Policies screen in view. 2. Click the Resources submenu tab. The Resources screen
  • Netgear UTM5EW-100NAS | Reference Manual - Page 302
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Editing Network Resources to Specify Addresses 1. Select VPN > SSL VPN from the menu. The SSL VPN first Resources screen. The SSL service that is assigned to the resource. You cannot modify the service after you have assigned it to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 303
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-9. Add Resource Addresses Settings (continued) Item IP addresses, address ranges, or all IP addresses and to different SSL VPN services. A specific hierarchy is invoked over which policies take precedence. The UTM
  • Netgear UTM5EW-100NAS | Reference Manual - Page 304
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Policy 1: A Deny rule has been configured to block all services to the IP address range 10.0.0.0 - 10.0.0.255. • policies, follow these steps: 1. Select VPN > SSL VPN from the menu. The SSL VPN s submenu tabs appear, with the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 305
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 8-18 2. Make your selection from the following view (see Figure 8-18, which shows some examples). 2. Under the List of SSL VPN Policies table, click the Add table button. The Add Policy screen displays (see Figure 8-19
  • Netgear UTM5EW-100NAS | Reference Manual - Page 306
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Figure 8-19 3. Select the radio buttons, Description) Policy For Select one of the following radio buttons to specify the type of SSL VPN policy: • Global. The new policy is global and excludes all groups and users. • Group
  • Netgear UTM5EW-100NAS | Reference Manual - Page 307
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-10. Add Policy Settings (continued) Item Description (or Subfield and Description) Add SSL VPN Policies Apply Policy For Select one of the following radio buttons to specify how the policy is applied: • Network
  • Netgear UTM5EW-100NAS | Reference Manual - Page 308
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 8-10. Add Policy Settings (continued) Item Description (or Subfield and Description) Apply IP Network Policy For (continued) All Addresses Policy Name A descriptive name of the SSL VPN policy for identification and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 309
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Click Apply to save your settings. The policy is added to the List of SSL VPN Policies table on the Policies screen. The new policy goes into effect immediately. Note: In addition to configuring SSL VPN user policies, ensure
  • Netgear UTM5EW-100NAS | Reference Manual - Page 310
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 8-38 Virtual Private Networking Using SSL Connections v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 311
    for SSL connections, the portal layout that is presented. Note: IPsec VPN users always belong to the default domain (geardomain) and are not assigned to groups. Except in the case of IPsec VPN users, when you create a user account, you must specify a group.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 312
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual protocols and methods that the UTM supports. Table 9-1.Authentication Protocols and Methods authentication method that functions with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft
  • Netgear UTM5EW-100NAS | Reference Manual - Page 313
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 9-1.Authentication Protocols and Methods Authentication Protocol or is a standard for querying and updating a directory. Because LDAP supports a multilevel hierarchy (for example, groups or organizational units), this
  • Netgear UTM5EW-100NAS | Reference Manual - Page 314
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Under the List of Domains table, click the Add table button. The Add Domain screen displays. Figure 9-2 3. Enter the settings as explained in Table 9-2. Table 9-2.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 315
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table • MIAS-CHAP. Microsoft Internet Authentication Service (MIAS) CHAP. Complete the Authentication Note: A combination of local and external authentication is supported. Warning: If you disable local authentication, make sure
  • Netgear UTM5EW-100NAS | Reference Manual - Page 316
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 6. If you change local authentication, click Apply in to groups. Note: Groups that are defined in the User menu are used for setting SSL VPN policies. These groups should not be confused with LAN groups that are defined on the LAN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 317
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Creating and Deleting Groups To create a VPN group: 1. Select Users in the List of Groups table. Figure 9-3 The List of Groups table displays the VPN groups with the following fields: • Checkbox. Allows you to select the group in
  • Netgear UTM5EW-100NAS | Reference Manual - Page 318
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 9-3. (VPN) Group Settings Setting Description the group was created (see "Configuring Domains" on page 9-2). Editing Groups To edit a VPN group: 1. Select Users > Groups from the menu. The Groups screen displays (see
  • Netgear UTM5EW-100NAS | Reference Manual - Page 319
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 9-4 3. Modify the idle timeout period in access). • SSL VPN User. A user who can only log in to the SSL VPN portal. • IPSEC VPN User. A user who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 320
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To create an individual user account: 1. Select Users > Users from the menu. The Users screen displays. Figure 9-5 shows the UTM's default users-admin and guest-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 321
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 9-6 3. Enter the settings as explained in Table 9-4. ). • SSL VPN User. User who can only log in to the SSL VPN portal. • IPSEC VPN User. User who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 322
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. Click Apply to save your settings. The user is added to the List of Users table. To delete one or more users: 1. In the List
  • Netgear UTM5EW-100NAS | Reference Manual - Page 323
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: For security reasons, the Deny Login from WAN Interface checkbox is selected by default for guests and administrators. The Disable Login checkbox is disabled (
  • Netgear UTM5EW-100NAS | Reference Manual - Page 324
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 4. In the Defined Addresses Status section of the screen, select one of the following radio buttons: • Deny Login from Defined Addresses. Deny logging in from
  • Netgear UTM5EW-100NAS | Reference Manual - Page 325
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Click the by Client Browser submenu tab. The by Client Browser screen displays. Figure 9-9 shows a browser in the Defined Browsers table as an example. Figure 9-9 4.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 326
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 7. Click the Add table button. The browser is added to the Defined Browsers table. 8. Repeat step 6 and step 7 for any other browsers that you want
  • Netgear UTM5EW-100NAS | Reference Manual - Page 327
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Enter the settings as explained in Table 9-6. access). • SSL VPN User. User who can only log in to the SSL VPN portal. • IPSEC VPN User. User who can only make an IPsec VPN connection via a NETGEAR ProSafe VPN Client, and only
  • Netgear UTM5EW-100NAS | Reference Manual - Page 328
    NETGEAR. This certificate can be downloaded from the UTM login screen for browser import. However, NETGEAR VPN > Certificates from the menu. Because of the large size of this screen, and because of the way the information is presented, the Certificates screen is divided and presented in this manual
  • Netgear UTM5EW-100NAS | Reference Manual - Page 329
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Certificates screen contains four tables that are on page 9-25). Managing CA Certificates To view and upload trusted certificates: Select VPN > Certificates from the menu. The Certificates screen displays. Figure 9-11 shows
  • Netgear UTM5EW-100NAS | Reference Manual - Page 330
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Trusted Certificates (CA Certificates) table lists the digital certificates of CAs and contains the following fields: • CA Identity (Subject Name). The organization or person
  • Netgear UTM5EW-100NAS | Reference Manual - Page 331
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual When a security alert is generated, the user file, obtain a digital certificate from a CA, and upload it to the UTM: 1. Select VPN > Certificates from the menu. The Certificates screen displays. Figure 9-13 on page 9-22 shows the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 332
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 9-13 [Certificates, screen 2 of 3] 2. In the Generate Self Certificate Request section of the screen, enter the settings as explained in Table 9-7. Table 9-7. Generate Self
  • Netgear UTM5EW-100NAS | Reference Manual - Page 333
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 9-7. Generate Self Certificate Request Settings (continued) Setting Hash Algorithm Signature Algorithm Signature Key Length Optional Fields Description (or Subfield and Description) From the pull-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 334
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 9-14 5. Copy the contents of CERTIFICATE REQUEST---" and "---END CERTIFICATE REQUEST"). d. Submit the CA form. If no problems ensue, the digital certificate is issued by the CA. 7. Download the digital certificate file
  • Netgear UTM5EW-100NAS | Reference Manual - Page 335
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 10. Click Browse and navigate to the digital certificate file from the CA that you just stored on your computer. 11. Click the Upload table
  • Netgear UTM5EW-100NAS | Reference Manual - Page 336
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To view the currently-loaded CRLs and upload a new CRL: 1. Select VPN > Certificates from the menu. The Certificates screen displays. Figure 9-15 shows the bottom section of the screen with Certificate Revocation Lists (CRL) table.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 337
    , the WAN side bandwidth capacity is much lower when DSL or cable modems are used to connect to the Internet. At 1.5 Mbps, the WAN ports support the following traffic rates: • Load balancing mode (dual-WAN port models only): 3 Mbps (two WAN ports at 1.5 Mbps each) v1.0, January 2010 10
  • Netgear UTM5EW-100NAS | Reference Manual - Page 338
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual (also referred to as service blocking) • DMZ WAN outbound rules (also referred to as service blocking) • Content filtering only! Incorrect configuration might cause serious problems. Each rule lets you specify the desired
  • Netgear UTM5EW-100NAS | Reference Manual - Page 339
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • ALLOW by schedule, otherwise block The section below summarizes the various criteria that you can apply to outbound rules in order to reduce traffic. For more information about outbound rules, see "Outbound Rules (Service
  • Netgear UTM5EW-100NAS | Reference Manual - Page 340
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • QoS Profile. You can define QoS profiles and then apply them to outbound rules to regulate the priority of traffic. To define QoS profiles, see "Creating Quality of Service (QoS) Profiles" on page 5-35. • Bandwidth Profile. You
  • Netgear UTM5EW-100NAS | Reference Manual - Page 341
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual - URL blocking. You can specify up to 200 URLs that are blocked by the UTM. For more information, see "Configuring Web URL Filtering" on page 6-30. - Web services blocking. You can block Web services such as instant messaging and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 342
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual administrators only! Incorrect configuration might cause serious problems. Each rule lets you specify the desired Services. You can specify the services or applications to be covered by an inbound rule. If the desired service
  • Netgear UTM5EW-100NAS | Reference Manual - Page 343
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual - Address range. The rule is applied to a range to regulate the priority of traffic. To define QoS profiles, see "Creating Quality of Service (QoS) Profiles" on page 5-35. • Bandwidth Profile. You can define bandwidth profiles
  • Netgear UTM5EW-100NAS | Reference Manual - Page 344
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual e-mail server) and provide public access to them. The fourth LAN port on the UTM (the rightmost LAN port) can be dedicated as a hardware DMZ port to safely provide services to the Internet without compromising security on your LAN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 345
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual For more information about QoS profiles, see "Creating Quality of Service (QoS) Profiles" on passwords for the Web Management Interface are both password. NETGEAR recommends that you change these passwords to more secure passwords
  • Netgear UTM5EW-100NAS | Reference Manual - Page 346
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To modify the administrator user account settings, including the password: 1. Select Users > Users from the menu. The Users screen displays. Figure 10-1 shows the UTM's
  • Netgear UTM5EW-100NAS | Reference Manual - Page 347
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. Select the Check to Edit Password checkbox. The password fields become active. 4. Enter the old password, enter the new password, and then confirm the new
  • Netgear UTM5EW-100NAS | Reference Manual - Page 348
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Remote Management Access An administrator can configure, upgrade, and check the status of the UTM over the Internet via a Secure Sockets Layer (SSL) VPN misuse it in many ways, NETGEAR highly recommends that you change
  • Netgear UTM5EW-100NAS | Reference Manual - Page 349
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual User Login Policies" on page 9-12 for instructions on restricting administrator access by IP address. Note management, all SSL VPN user connections are also disabled. Tip: If you are using a dynamic DNS service such as TZO, you
  • Netgear UTM5EW-100NAS | Reference Manual - Page 350
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Using an SNMP Manager Simple Network Management Protocol (SNMP) forms part of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF).
  • Netgear UTM5EW-100NAS | Reference Manual - Page 351
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 10-1. Table 10-1. SNMP Settings Setting Description (or Subfield and Description) Settings Do You Want to Enable SNMP?
  • Netgear UTM5EW-100NAS | Reference Manual - Page 352
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Backup & Restore Settings screen lets you: • • Network settings. IP address, subnet mask, gateway, and so on. • Scan settings. Services to scan, primary and secondary actions, and so on. • Update settings. Update source, update
  • Netgear UTM5EW-100NAS | Reference Manual - Page 353
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Select Save file, and then click OK. 3. Open the folder where you have saved the backup file, and then verify that it has been saved
  • Netgear UTM5EW-100NAS | Reference Manual - Page 354
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual button, the UTM settings are erased. All firewall rules, VPN policies, LAN/ WAN settings, and other settings are lost. can automatically detect any new firmware version from NETGEAR. The firmware upgrade process for the UTM consists
  • Netgear UTM5EW-100NAS | Reference Manual - Page 355
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Viewing the Available Firmware Versions To view the current version of the firmware that your UTM is running and the other available firmware versions: 1. Select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 356
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 3. To see which other firmware versions are available, click Query under the Firmware Download section to allow the UTM to connect to the NETGEAR update server. The Firmware Download section shows the available firmware versions,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 357
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Rebooting Without Changing the Firmware To reboot the UTM without changing the firmware: 1. In the Firmware Reboot section of the Firmware screen (see Figure 10-6
  • Netgear UTM5EW-100NAS | Reference Manual - Page 358
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 10-7 The Info section shows the following information fields for the scan engine firmware and pattern file: • Current Version. The version of the files. •
  • Netgear UTM5EW-100NAS | Reference Manual - Page 359
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Automatic Update and Frequency of the following radio buttons: • Default update server. Files are updated from the default NETGEAR update server. • Server address. Files are updated from the server that you specify:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 360
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Date and Time Service Configure date, time and NTP server designations on the System Date & Time screen. Network Time Protocol (NTP) is a protocol that is used to synchronize computer
  • Netgear UTM5EW-100NAS | Reference Manual - Page 361
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 10-3. System Date & Time Settings (continued) Setting Description (or Subfield and Description) Automatically Adjust for If daylight savings time is supported fields are set to the default Netgear NTP servers. Note: A list
  • Netgear UTM5EW-100NAS | Reference Manual - Page 362
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 10-26 v1.0, January 2010 Network and System Management
  • Netgear UTM5EW-100NAS | Reference Manual - Page 363
    rollover, WAN traffic limits reached, login failures, and attacks. You can also view status information about the firewall, WAN ports, LAN ports, active VPN users and tunnels, and more. In addition, the diagnostics utilities are described. Note: All log and report functions that are part of the Logs
  • Netgear UTM5EW-100NAS | Reference Manual - Page 364
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Internet Traffic Statistics section in the lower part of the screen displays statistics on Internet traffic via the WAN port. If you have not
  • Netgear UTM5EW-100NAS | Reference Manual - Page 365
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-1. WAN Traffic Meter Settings Setting Description (or Subfield and Description) Enable Traffic Meter Do you want to Select one of the following radio
  • Netgear UTM5EW-100NAS | Reference Manual - Page 366
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-1. WAN Traffic Meter Settings (continued) Setting Description (or Subfield and Description) When Limit is reached Block traffic Send e-mail alert Select one of
  • Netgear UTM5EW-100NAS | Reference Manual - Page 367
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring Logging, Alerts, and Event Notifications By default, the UTM logs security-related events such as accepted and dropped packets on different segments of your LAN, denied incoming and outgoing service requests, hacker
  • Netgear UTM5EW-100NAS | Reference Manual - Page 368
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 11-2. name of the sender for e-mail identification purposes. For example, enter [email protected]. The IP address and port number or Internet name and port number of
  • Netgear UTM5EW-100NAS | Reference Manual - Page 369
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-4 Monitoring System Access and Performance v1.0, January 2010 11-7
  • Netgear UTM5EW-100NAS | Reference Manual - Page 370
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Enter the settings as explained in Table 11-2. Table 11-3. E-mail and Syslog Settings Setting Description (or Subfield and Description) System Logs Option Select the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 371
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-3. E-mail and Syslog Settings (continued) Setting Description (or Subfield and Description) Enable Select Logs to (continued) Send (continued) Format Size • IPS Logs. All IPS events. • SSL VPN Logs. All SSL VPN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 372
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-3. E-mail and Syslog Settings ( , or Intrusion Prevention System (IPS) (outbreak) attack occurs. Five types of alerts are supported: • Update Failure Alert. Sent when an attempt to update any component such as a pattern
  • Netgear UTM5EW-100NAS | Reference Manual - Page 373
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-5 3. Enter the settings as explained in Table 11-4. Table 11-4. Alerts Settings Setting Description (or Subfield and Description) Enable Update Failure Alerts Enable
  • Netgear UTM5EW-100NAS | Reference Manual - Page 374
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-4. Alerts Settings (continued) Setting Description (or Subfield and Description) Enable Malware Alerts (continued) Subject Enter the subject line for the e-mail alert. The
  • Netgear UTM5EW-100NAS | Reference Manual - Page 375
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Configuring and Activating Firewall Logs . Note: Enabling firewall logs might generate a significant volume of log messages. NETGEAR recommends that you enable firewall logs for debugging purposes only. To configure and activate
  • Netgear UTM5EW-100NAS | Reference Manual - Page 376
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-5. Firewall Logs Settings Setting security scanning status with detected network threats, detected network traffic, and service statistics for the six supported protocols (HTTP, HTTPS, FTP, SMTP, POP3, and IMAP).
  • Netgear UTM5EW-100NAS | Reference Manual - Page 377
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-7 [Dashboard, screen 1 of 3] Monitoring System Access and Performance v1.0, January 2010 11-15
  • Netgear UTM5EW-100NAS | Reference Manual - Page 378
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To clear the statistics, click Clear Statistics. To • Peer to Peer blocked (to configure, see "Customizing Web Protocol Scan Settings and Services" on page 6-19). Network Displays the total number of: • IPS attack signatures
  • Netgear UTM5EW-100NAS | Reference Manual - Page 379
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-6. Dashboard: Total Threats, Threats (Counts), and Total Traffic (Bytes) Information (continued) Item Description (or Subfield and Description) Threats (Counts) This is a graphic that
  • Netgear UTM5EW-100NAS | Reference Manual - Page 380
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-7 explains the fields of the Most Recent 5 and Top 5 sections of the Dashboard screen. Table 11-7. Dashboard: Most Recent 5 and Top 5 Information Category
  • Netgear UTM5EW-100NAS | Reference Manual - Page 381
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-9 [Dashboard, screen 3 of 3] Table 11-8 explains the fields of the Service Statistics section of the Dashboard screen. Table 11-8. Dashboard: Service Statistics Information Item Description (or Subfield and Description
  • Netgear UTM5EW-100NAS | Reference Manual - Page 382
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Viewing Status Screens The UTM provides real-time information in a variety of status screens that are described in the following sections: • "Viewing System Status" on this page. • "Viewing Active VPN Users" on page 11-24. • "
  • Netgear UTM5EW-100NAS | Reference Manual - Page 383
    (UTM) Appliance Reference Manual Figure 11-10 [System Status, screen 1 of 3] Table 11-9 explains the fields of the Status and System Information sections of the System Status screen. Table 11-9. System Status: Status and System Information Setting Status System Services Description (or Subfield
  • Netgear UTM5EW-100NAS | Reference Manual - Page 384
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-9. System Status: Status and System Information (continued) Setting Description (or Subfield and Description) System Information States system up time since last reboot. Firmware
  • Netgear UTM5EW-100NAS | Reference Manual - Page 385
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-10. System Status: WAN Configuration and LAN Port Information Setting Description (or Subfield and Description) WAN1 Configuration/WAN2 Configuration (Dual-WAN Port Models)
  • Netgear UTM5EW-100NAS | Reference Manual - Page 386
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-11. System Status: Interface Viewing VPN Tunnel Connection Status To review the status of current IPsec VPN tunnels: 1. Select Monitoring > Active Users & VPNs from the main menu. The Active Users & VPN submenu tabs
  • Netgear UTM5EW-100NAS | Reference Manual - Page 387
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the IPSec VPN Connection Status submenu tab. The IPSec VPN Connection Status To review the status of current SSL VPN tunnels: 1. Select Monitoring > Active Users & VPNs from the main menu. The Active Users & VPN submenu
  • Netgear UTM5EW-100NAS | Reference Manual - Page 388
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the SSL VPN Connection Status submenu tab. The SSL VPN Connection Status screen displays. Figure 11-15 The active user's user name, group, and IP address are listed in the table with a timestamp indicating the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 389
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 2. Click the Status option arrow at the top right of the Port Triggering screen.The Port Triggering Status screen appears in a popup window. Figure 11-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 390
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-18 2. Click the WAN Status option arrow at the top right of the WAN1 ISP Settings screen (dualWAN port models) or WAN1 ISP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 391
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The Connection Status screen displays the port models) or WAN ISP Settings screen (single-WAN port models) (see "Manually Configuring the Internet Connection" on page 3-5). The DHCP server that was automatically detected
  • Netgear UTM5EW-100NAS | Reference Manual - Page 392
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-20 2. Click the LAN Groups submenu tab. The LAN Groups screen displays (Figure 11-21 shows some examples in the Known PCs and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 393
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual that do not support the NetBIOS protocol, the name is displayed as "Unknown" (you can edit the entry manually to add a UTM rediscovers the devices. Viewing the DHCP Log To review the most recent entries in the DHCP log: 1. Select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 394
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-22 Querying Logs and Generating Reports The extensive logging and reporting functions of the UTM let you perform the following tasks that help
  • Netgear UTM5EW-100NAS | Reference Manual - Page 395
    ) Appliance Reference Manual • System Logs. The system event logs that you have specified on the Email and Syslog screen (see "Configuring and Activating System, E-mail, and Syslog Logs" on page 11-6). However, by default, many more types of events are logged in the system logs. • Service Logs. All
  • Netgear UTM5EW-100NAS | Reference Manual - Page 396
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-23 3. Enter the settings as explained in Table 11-15. Table 11-15. Logs Query Settings Setting Log Type Description (or Subfield and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 397
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-15. Logs Query Settings (continued) Setting Log Type (continued) View All Search Criteria Description (or Subfield and Description) • Service ). • IPSEC VPN. All IPsec VPN events. • SSL VPN. All SSL VPN events. Select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 398
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-15. Logs Query Settings (continued) Setting Search Criteria (continued) Description (or Subfield and Description) Client IP The client IP address that is queried.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 399
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual INFO, and DEBUG. This field is available only for the Service log. URL The URL that is queried. This field is to a computer. Note: The system, firewall, IPsec VPN, and SSL VPN logs cannot be queried or downloaded. When you select
  • Netgear UTM5EW-100NAS | Reference Manual - Page 400
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Example: Using Logs to Identify Infected are always recorded. Note: After the UTM reboots, traffic logs are lost. Therefore, NETGEAR recommends that you connect the UTM to a syslog server to save the traffic logs externally
  • Netgear UTM5EW-100NAS | Reference Manual - Page 401
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Scheduling and Generating Reports The UTM lets you schedule and generate three types of reports: • Email Reports. For each protocol (SMTP, POP3, and IMAP), the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 402
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual - The following application incident are shown per day, both in tables and graphics: • Number of instant messaging application violations, top 10 violating instant messaging applications
  • Netgear UTM5EW-100NAS | Reference Manual - Page 403
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure 11-24 3. Enter the settings as explained in Table 11-16. Table 11-16. Generate Report Settings Setting Description (or Subfield and Description) Time
  • Netgear UTM5EW-100NAS | Reference Manual - Page 404
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Scheduling Reports To schedule automatic generation and e-mailing of reports: 1. Select Monitoring > Logs & Reports from the menu. The Logs & Reports submenu tabs appear, with the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 405
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table 11-17. Schedule Report Settings (continued) . To facilitate the explanation of the tools, the Diagnostics screen is divided and presented in this manual in three figures (Figure 11-26 on page 11-44, Figure 11-27 on page 11-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 406
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Using the Network Diagnostic Tools This that you want to ping. 3. If the specified address is reached through a VPN tunnel, select the Ping through VPN tunnel checkbox. 4. Click the Ping button. The results of the ping are displayed
  • Netgear UTM5EW-100NAS | Reference Manual - Page 407
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Tracing a Route A traceroute lists all routers between the Routing Table Displaying the internal routing table can assist NETGEAR Technical Support to diagnose routing problems. To display the routing table: 1. Locate the Network
  • Netgear UTM5EW-100NAS | Reference Manual - Page 408
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Using the Realtime Traffic Diagnostics Tool This section file has been downloaded successfully. 8. Send the file to NETGEAR Technical Support for analysis. 11-46 Monitoring System Access and Performance v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 409
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Gathering Important Log Information and Generating a Network Statistics Report When you request support, NETGEAR Technical Support might ask you to collect the debug logs and other information from your UTM. This section discusses
  • Netgear UTM5EW-100NAS | Reference Manual - Page 410
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To generate the Network Statistic Report: 1. Locate the Network Statistics Report section on the Diagnostics screen. 2. Click Generate Network Statistics. The network statistics report is
  • Netgear UTM5EW-100NAS | Reference Manual - Page 411
    Chapter 12 Troubleshooting and Using Online Support This chapter provides troubleshooting tips and information for the UTM. After each problem description, instructions are provided to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the UTM
  • Netgear UTM5EW-100NAS | Reference Manual - Page 412
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Basic Functioning After you turn on power to the UTM, 12-9. If the error persists, you might have a hardware problem and should contact NETGEAR Technical Support. 12-2 Troubleshooting and Using Online Support v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 413
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual LAN or WAN Port LEDs Not On If either the LAN LEDs or WAN LEDs do not light address is in this range, check the connection from the PC to the UTM and reboot your PC. Troubleshooting and Using Online Support v1.0, January 2010 12-3
  • Netgear UTM5EW-100NAS | Reference Manual - Page 414
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • If your UTM's IP address has been changed and you Settings screen of the single-WAN port models (see "Manually Configuring the Internet Connection" on page 3-5). 12-4 Troubleshooting and Using Online Support v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 415
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • 1. Launch your browser and navigate to an external site such as www.netgear.com 2. Access the Web Management Interface of the UTM's configuration at your UTM. Troubleshooting and Using Online Support v1.0, January 2010 12-5
  • Netgear UTM5EW-100NAS | Reference Manual - Page 416
    the addresses of one or two DNS servers for your use. You may configure your PC manually with DNS addresses, as explained in your operating system documentation. • Your PC might not have the UTM configured as its TCP/IP gateway. 12-6 Troubleshooting and Using Online Support v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 417
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Troubleshooting of the following problems: • Wrong physical connections - Make sure that the LAN port LED is on. If the LED is off, follow the instructions in "LAN or Troubleshooting and Using Online Support v1.0, January 2010 12-7
  • Netgear UTM5EW-100NAS | Reference Manual - Page 418
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Testing the Path from Your PC to a Remote Device After verifying that the LAN path the single-WAN port models (see "Configuring Advanced WAN Options" on page 3-22). 12-8 Troubleshooting and Using Online Support v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 419
    rules, VPN policies, LAN/ WAN settings, and other settings are lost. Back up your settings if you intend on using them. Note: After rebooting with factory default settings, the UTM's password is password and the LAN IP address is 192.168.1.1. Troubleshooting and Using Online Support v1.0, January
  • Netgear UTM5EW-100NAS | Reference Manual - Page 420
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Problems with Date and Time The System Date & Time screen displays the current date and time of day (see "Configuring Date and Time Service" on page 10-24). The UTM uses the Network Time Protocol (NTP) to obtain the current time
  • Netgear UTM5EW-100NAS | Reference Manual - Page 421
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To initiate the support tunnel: 1. Select Support > Online Support from the menu The Online Support screen displays. Figure 12-2 2. In the Support Key field, enter the support key that was given to you by NETGEAR 3. Click Connect.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 422
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual To submit a file to NETGEAR for analysis: 1. Select Support > Malware Analysis from the menu The Online Support screen displays. Figure 12-3 2. Enter the settings as explained in Table 12-1. Table 12-1. Malware Analysis Settings
  • Netgear UTM5EW-100NAS | Reference Manual - Page 423
    Appendix A Default Settings and Technical Specifications You can use the Reset button located on the rear panel to reset all settings to their factory defaults. This is called a hard reset (for more information, see "Reverting to Factory Default Settings" on page 10-18). • To perform a hard reset,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 424
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table A-1. UTM Default Configuration Settings (continued) Feature Default behavior (continued) DHCP server DHCP starting IP address DHCP starting IP address Enabled 192.168.1.2 192.168.1.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 425
    The number of supported site-to-site IPsec VPN tunnels depends on the model (see Table 1-1 on page 1-7). IPsec encryption algorithm DES, 3DES, AES-128, AES-192, AES-256 IPsec authentication algorithm SHA-1, MD5 IPsec key exchange IKE, Manual Key, Pre-Shared Key, PKI, X.500 Default Settings
  • Netgear UTM5EW-100NAS | Reference Manual - Page 426
    Web-based configuration and status monitoring Number of concurrent users supported The number of supported dedicated SSL VPN tunnels depends on the model (see NETGEAR's marketing documentation at http://prosecure.netgear.com). SSL versions SSL encryption algorithm SSLv3, TLS1.0 DES, 3DES
  • Netgear UTM5EW-100NAS | Reference Manual - Page 427
    "What to Consider Before You Begin" on this page. • "Overview of the Planning Process" on page B-5. • "Inbound Traffic" on page B-7. • "Virtual Private Networks (VPNs)" on page B-9. What to Consider Before You Begin The UTM is a powerful and versatile solution for your networking needs. To make the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 428
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Protocol binding - For auto-rollover mode, protocol binding does not apply. - For load balancing mode, decide which protocols should be bound to a specific WAN port. - You can also add your own service reset. NETGEAR strongly
  • Netgear UTM5EW-100NAS | Reference Manual - Page 429
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual . Instructions for connecting the UTM are in the ProSecure Unified Threat Management UTM Installation Guide. , your must use a Java-enabled Web browser that supports HTTP uploads such as Microsoft Internet Explorer 6 or higher
  • Netgear UTM5EW-100NAS | Reference Manual - Page 430
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • ISP Domain Name Server (DNS) addresses • you connect using a login name and password, then fill in the following: Login Name Password Service Name • Fixed or Static IP Address: If you have a static IP address, record the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 431
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual , you can use the following examples as a guide: - If your main e-mail account with your service provider for their IP addresses. Dynamic DSN Service protocol binding) • Virtual private networks (VPNs) The two WAN ports can be
  • Netgear UTM5EW-100NAS | Reference Manual - Page 432
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual (or reestablish) the VPN tunnel. Note: When the UTM's WAN port rolls over, the VPN tunnel collapses and must Figure B-2 Features such as multiple exposed hosts are not supported in auto-rollover mode because the IP addresses of each
  • Netgear UTM5EW-100NAS | Reference Manual - Page 433
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual traffic is a response to one of your local computers or a service for which you have configured an inbound rule. Instead of discarding this feature is supported and enabled. Network Planning for Dual WAN Ports (Dual-WAN Port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 434
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual In the single WAN case, the WAN's Internet the public can send incoming traffic to the multiple exposed hosts when this feature is supported and enabled. Inbound Traffic: Dual WAN Ports for Improved Reliability In a dual-WAN port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 435
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure B-6 Virtual Private Networks (VPNs) When implementing virtual private network (VPN) tunnels, a mechanism must be used for determining the IP addresses of the tunnel end points. The addressing of the firewall's dual WAN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 436
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual For a single WAN gateway configuration, use a is different from a single-WAN port gateway configuration when you specify the IP address of the VPN tunnel endpoint. Only one WAN port is active at a time and when it rolls over, the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 437
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual VPN Road Warrior (Client-to-Gateway) The following situations exemplify the requirements for a remote PC client with no firewall to establish a VPN tunnel with a gateway VPN firewall such as an UTM: • Single gateway WAN port •
  • Netgear UTM5EW-100NAS | Reference Manual - Page 438
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure B-10 The IP addresses of the WAN ports active port (port WAN2 in Figure B-11) and the remote PC client must re-establish the VPN tunnel. The gateway WAN port must act as the responder. Figure B-11 The purpose of the FQDN
  • Netgear UTM5EW-100NAS | Reference Manual - Page 439
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual VPN Road Warrior: Dual Gateway WAN Ports for Load Balancing In a dual-WAN port load balancing gateway configuration, the remote PC initiates the VPN either gateway WAN port can initiate the VPN tunnel with the other gateway WAN port
  • Netgear UTM5EW-100NAS | Reference Manual - Page 440
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Figure B-13 The IP address of the gateway WAN ports can be either fixed or dynamic. If an IP address is dynamic, you must use a FQDN. If an IP address is fixed, an FQDN is optional. VPN Gateway-to-Gateway: Dual Gateway WAN Ports
  • Netgear UTM5EW-100NAS | Reference Manual - Page 441
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual After a rollover of a gateway WAN port, the previously inactive gateway WAN port becomes the active port (port WAN_A2 in Figure B-15) and one of the gateways must re-establish the VPN tunnel. Figure B-15 The purpose of the FQDNs
  • Netgear UTM5EW-100NAS | Reference Manual - Page 442
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual VPN Telecommuter (Client-to-Gateway Through a NAT single WAN port gateway configuration, the remote PC client at the NAT router initiates the VPN tunnel because the IP address of the remote NAT router is not known in advance.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 443
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability In a dual-WAN port auto-rollover gateway configuration, the remote PC client initiates the VPN remote PC must re-establish the VPN tunnel. The gateway WAN port must
  • Netgear UTM5EW-100NAS | Reference Manual - Page 444
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The purpose of the FQDN is to toggle Balancing In a dual-WAN port load balancing gateway configuration, the remote PC client initiates the VPN tunnel with the appropriate gateway WAN port (that is, port WAN1 or WAN2 as necessary to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 445
    Appendix C System Logs and Error Messages This appendix explains provides examples and explanations of system logs and error message. When applicable, a recommended action is provided. This appendix contains the following sections: • "System Log Messages" on page C-2. • "Content Filtering and
  • Netgear UTM5EW-100NAS | Reference Manual - Page 446
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual System Log Messages This section describes log messages that belong to one of the following categories: • Logs that are generated by traffic that is meant
  • Netgear UTM5EW-100NAS | Reference Manual - Page 447
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Service Logs This section describes log messages generated during firmware updates and other service-related events. Table C-4. System Logs: Service [UTM] [ntpdate] Synchronized time with time-f.netgear.com Nov 28 12:31:16 [UTM]
  • Netgear UTM5EW-100NAS | Reference Manual - Page 448
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Login/Logout This section describes logs that are generated by the administrative interfaces of the device. Table C-6. System Logs: Login/Logout Message Explanation Recommended Action
  • Netgear UTM5EW-100NAS | Reference Manual - Page 449
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual WAN Status This section describes the logs that are generated by the WAN component. If there are two ISP links for Internet connectivity, the router
  • Netgear UTM5EW-100NAS | Reference Manual - Page 450
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual System Logs: WAN Status, Auto Rollover (continued) Explanation Recommended Action The logs suggest that the fail-over was detected after five attempts instead of three.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 451
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual PPP Logs This section describes the WAN PPP connection logs. The PPP type can be configured through the Web Management Interface (see "Manually Configuring the Internet Connection" on page 3-5). • PPPoE Idle-Timeout Logs Table C-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 452
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • PPTP Idle-Timeout Logs Table C-11. System Logs: WAN Status, PPTP Idle-Timeout Message 1 Message 2 Message 3 Message 4 Message 5 Message 6 Message 7 Message 8 Message 9 Nov 29 11:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 453
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Traffic Metering Logs This section describes logs that are generated when the traffic meter has reached a limit. Table C-13. System Logs: Traffic Metering Message Explanation
  • Netgear UTM5EW-100NAS | Reference Manual - Page 454
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Multicast/Broadcast Logs This section describes logs that are generated when the UTM processes multicast and broadcast packets. Table C-16. System Logs: Multicast/Broadcast Message
  • Netgear UTM5EW-100NAS | Reference Manual - Page 455
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table C-17. System Logs: Invalid Packets (continued) Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation Recommended Action Message Explanation
  • Netgear UTM5EW-100NAS | Reference Manual - Page 456
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table C-17. System Logs: Invalid Packets (continued) Explanation Recommended Action Error returned from helper routine. None Content Filtering and Security Logs This section describes the
  • Netgear UTM5EW-100NAS | Reference Manual - Page 457
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Table C-18. Content Filtering and Security Logs: Web Filtering and Content Filtering Message Explanation Recommended Action Message Explanation Recommended Action 2009-08-01 00:00:
  • Netgear UTM5EW-100NAS | Reference Manual - Page 458
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Traffic Logs This section describes logs that 35.166 [email protected] [email protected] [MALWARE INFECTED]Fw: cleanvirus Virus logs for all services. The message shows the date and time, protocol, virus name, action that is taken,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 459
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual IPS Logs This section describes logs that are generated when traffic matches IPS rules. Table C-23. Content Filtering and Security Logs: IPS Message Explanation Recommended
  • Netgear UTM5EW-100NAS | Reference Manual - Page 460
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Routing Logs This section explains the logging messages for each network segment such as LAN to WAN for debugging purposes. These logs might generate a significant
  • Netgear UTM5EW-100NAS | Reference Manual - Page 461
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual WAN to LAN Logs This section describes logs that are generated when the UTM processes WAN to LAN traffic. Table C-29. Routing Logs: WAN to
  • Netgear UTM5EW-100NAS | Reference Manual - Page 462
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual C-18 v1.0, January 2010 System Logs and Error Messages
  • Netgear UTM5EW-100NAS | Reference Manual - Page 463
    a firewall to protect the networks. As part the new maintenance firmware release, NETGEAR has implemented a more robust authentication system known as Two-Factor Authentication (2FA or T-FA) on its SSL and IPSec VPN firewall product line to help address the fast-growing network security issues. What
  • Netgear UTM5EW-100NAS | Reference Manual - Page 464
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual • Quick to deploy and manage. The WiKID solution integrates seamlessly with the NETGEAR SSL and VPN firewall products. • Proven regulatory compliance. Two-Factor Authentication has been used as a mandatory authentication process
  • Netgear UTM5EW-100NAS | Reference Manual - Page 465
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual The request-response architecture is capable of self-service initialization by end-users, dramatically reducing implementation and maintenance costs. Here is an example of how WiKID works. 1. The user launches the WiKID token
  • Netgear UTM5EW-100NAS | Reference Manual - Page 466
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual Note: The one-time passcode is time synchronized to the authentication server so that the OTP can only be used once and must be used
  • Netgear UTM5EW-100NAS | Reference Manual - Page 467
    .com/reference/enu/tcpip/index.htm http://documentation.netgear.com/reference/enu/wireless/index.htm http://documentation.netgear.com/reference/enu/wsdhcp/index.htm http://documentation.netgear.com/reference/enu/vpn/index.htm http://documentation.netgear.com/reference/enu/glossary/index.htm Related
  • Netgear UTM5EW-100NAS | Reference Manual - Page 468
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual E-2 Related Documents v1.0, January 2010
  • Netgear UTM5EW-100NAS | Reference Manual - Page 469
    , remote management 10-12 action buttons (Web Management Interface) 2-6 activating, service licenses 1-8, 2-27 Active Directory 8-6, 9-2, 9-5 Active LED (dual-WAN ) 1-12 ActiveX 6-24, 6-28 ActiveX web cache cleaner, SSL VPN 8-5, 8-22 address reservation 4-17 Address Resolution Protocol. See ARP (
  • Netgear UTM5EW-100NAS | Reference Manual - Page 470
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual B backing up, configuration file 10-16 bandwidth action 2-6 help 2-7 table 2-6 C CA 7-31 cache control, SSL VPN 8-5, 8-21 card, service registration 1-8 categories, Web content 2-22 category 5 cable B-3 Certificate Authority
  • Netgear UTM5EW-100NAS | Reference Manual - Page 471
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual services, firewall 5-32 D Data Encryption Standard. See DES. database, local user 8-6, 9-4 date settings 2-15, 10-24 troubleshooting filtering settings 6-2 factory 10-18, 12-9 IPsec VPN Wizard 7-5 login time-out 2-4 MTU 3-23 password
  • Netgear UTM5EW-100NAS | Reference Manual - Page 472
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual DMZ DHCP address pool 4-20 DNS documentation, online 12-12 documents, reference E-1 domain name PPPoE 2-13, 3-7 PPTP 2-12, 3-7 SSL VPN 8-6 domain name server, See DNS domains, for authentication 9-2, 9-10 DoS 1-4, 5-7, 5-28, 5-29,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 473
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual F factory default settings reverting to 10-18 service supported 5-3 order of precedence 5-11 outbound. See outbound rules. port forwarding 5-3, 5-6 service blocking 5-3, 5-4 service LAN 4-14, 4-16 VPN policies 9-6 guests, user
  • Netgear UTM5EW-100NAS | Reference Manual - Page 474
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual HTTP 10-7 VPN tunnels 10-8 initial configuration, Setup Wizard 2-7 initial connection 2-1 Installation Guide 2-1 Internet Message Access Protocol. See IMAP. Internet Service Provider. See ISP. Intrusion Prevention System. See
  • Netgear UTM5EW-100NAS | Reference Manual - Page 475
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual IP header 5-37 IP precedence 5-37 IP LEDs explanation of 1-10, 1-11 front panel 1-11 troubleshooting 12-2, 12-3 licenses expiration dates 11-22 key 1-8 ProSafe VPN Client software 1-2 Lightweight Directory Access Protocol, See LDAP
  • Netgear UTM5EW-100NAS | Reference Manual - Page 476
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual 9-5 MIAS-PAP 8-6, 9-5 Microsoft Internet Authentication Service. See MIAS. mIRC 2-17, 6-21 misclassification -to-one 3-10, 5-23 NetBIOS, VPN tunnels 7-35, 7-59 NETGEAR registration server 1-9 network configuration requirements B-3
  • Netgear UTM5EW-100NAS | Reference Manual - Page 477
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual planning, dual WAN ports (dual-WAN port models) B-1 protocols, supported 1-2 resources, SSL VPN 5-11 overview 5-4 reducing traffic 10-2 service blocking 5-4 settings 5-5 outbreak IPS, retry interval 3-13 troubleshooting TCP/IP 12
  • Netgear UTM5EW-100NAS | Reference Manual - Page 478
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual IPsec VPN automatically generated (auto) 7-31 groups, configuring 9-6 managing 7-22 manually generated (manual) 7-31 SSL VPN managing 8-31 settings 8-34 policy hierarchy 8-31 pools, ModeConfig 7-45 POP3 action, infected e-mail 2-
  • Netgear UTM5EW-100NAS | Reference Manual - Page 479
    reference documents E-1 registering with NETGEAR 2-26 registration information 1-9 regulatory compliance A-3 relay gateway 2-10, 4-9, 4-21 Remote Authentication Dial In User Service. See RADIUS. remote management access 10-12 troubleshooting 10-13 remote troubleshooting, enabling 12-10 remote users
  • Netgear UTM5EW-100NAS | Reference Manual - Page 480
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual scan engine firmware 10-21 scan exceptions Hash Algorithm 1. See SHA-1. Secure Sockets Layer. See SSL (VPN). security log messages C-12 overview 1-5 services settings, using the Setup Wizard 2-16 security association. See SA.
  • Netgear UTM5EW-100NAS | Reference Manual - Page 481
    24 table 4-23 statistics, service and traffic 11-19 status screens 11-20 stealth mode 5-28 Stream Scanning technology overview 1-4 streaming, HTTP and HTTPS traffic 2-20, 6-22 submenu tabs (Web Management Interface) 2-5 support, online 12-10 suspicious files, sending to NETGEAR 12-11 SYN flood 5-28
  • Netgear UTM5EW-100NAS | Reference Manual - Page 482
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual tabs, submenu (Web Management Interface) 2-5 TCP flood, blocking 5-28 TCP time-out 5-31 TCP/IP network, troubleshooting trial period, service licenses 2-27 troubleshooting basic functioning 12 8-15 users active VPN users 11-24
  • Netgear UTM5EW-100NAS | Reference Manual - Page 483
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual V videoconferencing DMZ port 4-18 from restricted address 5-22 virtual LAN. See VLAN. Virtual Private Network Consortium. See VPNC. virtual private network. See VPN (tunnel). virus database 10-21 logs. See malware, logs,
  • Netgear UTM5EW-100NAS | Reference Manual - Page 484
    ProSecure Unified Threat Management (UTM) Appliance Reference Manual W WAN aliases 3-17 auto-rollover mode (dual-WAN port models) configuring 3-11 DDNS 3-19 description 3-9 settings 3-12 VPN statistics 11-16 Web Management Interface description 2-5 troubleshooting 12-3 Web protection. See HTTP, See
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
  • 457
  • 458
  • 459
  • 460
  • 461
  • 462
  • 463
  • 464
  • 465
  • 466
  • 467
  • 468
  • 469
  • 470
  • 471
  • 472
  • 473
  • 474
  • 475
  • 476
  • 477
  • 478
  • 479
  • 480
  • 481
  • 482
  • 483
  • 484
202-10482-02
January 2010
v1.0
NETGEAR
, Inc.
350 East Plumeria Drive
San Jose, CA 95134
ProSecure Unified Threat
Management (UTM)
Appliance Reference Manual