An integrated hardware / software appliance for complete protection of a medium business' Web and email traffic. Modern Web 2.0 & cloud computing threats are mitigated through anti-malware / virus / phishing / spam / spyware technologies. A range of appliances is available for medium businesses with between 30 – 600 users
The NETGEAR® ProSecure™ STM series of gateway security appliances uses a patent-pending Stream Scanning architecture to deliver best-of-breed business security. ProSecure™ employs millions of signatures to protect against known threats, and in-the-cloud zero-hour protection technology to proactively discover and block any suspected threats that have not yet been identified. Likewise, the NETGEAR® in-the-cloud Distributed Spam Analysis architecture shields networks from spam, phishing attacks, and other Email-borne threats.
Other solutions significantly dilute the efficacy of their offering by either utilizing open source or cutting essential features and services from their enterprise products to fit an SMB price point. But through its patent-pending Stream Scanning architecture, NETGEAR® provides complete enterprise-grade solutions, including advanced scanning technologies such as its comprehensive anti-malware engine, in-the-cloud Distributed Spam Analysis, and a proactive behavioral defense system that eliminates the gap between a vulnerability being exploited and the time it is fixed.
With NETGEAR® ProSecure™ STM, subscriptions are simple with no per-user licensing. ProSecure™ Web and Email subscriptions each contain comprehensive protection for an unlimited number of users.
There are three models in the NETGEAR® ProSecure™ STM series of gateway security appliances. A single ProSecure™ STM can protect against Web- and Email-borne threats, both inbound and outbound. Each STM can support up to hundreds of users, with a maximum HTTP throughput rate of up to 239 Mbps and up to 960,000 Emails per hour.
 STM Models |
 STM 150 |
 STM 300 |
 STM 600 |
|---|---|---|---|
| Sizing Guidelines | |||
| Customer Type | Small Networks | Medium-sized Networks | Medium-sized Networks |
| Recomended Number of Concurrent Users | 20-150 | Up to 300 | Up to 600 |
| Concurrent Scanned HTTP Connections | 1,000 | 2,000 | 4,000 |
| HTTP Throughput (MB/s) | 43 | 148 | 239 |
| SMTP Throughput (emails/hour) | 139,000 | 420,000 | 960,000 |
| Content Security | |||
| Network Anti-malware Applications | |||
| Web (HTTP, HTTPS, FTP) |  |
|
|
| Email (SMTP, POP3, IMAP) | |
|
|
| Stream Scanning | |
|
|
| Inbound and Outbound Inspection | |
|
|
| Zero Hour Protection | |
|
|
| Automatic Signature Updates | Hourly | Hourly | Hourly |
| Distributed Spam Analysis | |
|
|
| Email Quarantine | * |
|
|
| URL Content Filtering with 64 Categories | |
|
|
| Number of Users | Unlimited | Unlimited | Unlimited |
| Deployment | |||
| Plug and Play | |
|
|
| Inline Transparent Bridge | |
|
|
| VLAN Support | |
|
|
| Fail-open | |
|
|
| Hardware | |||
| Total Gigabit RJ45 Ports | 5 | 3 | 5 |
| Gigabit RJ45 Ports with Failure Bypass | 0 | 2 | 4 |
| Dedicated Management VLAN Ports RJ45 | 0 | 1 | 1 |
| Administration Console Port | RS232 | RS232 | RS232 |
| Form Factor | 1U | 1U | 1U |
| Dimensions: H x L x W (inches) | 1.7 x 10.2 x 17.3 | 1.75 x 19.7 x 16.8 | 1.75 x 19.7 x 16.8 |
| Dimensions: H x L x W (mm) | 43.5 x 258 x 440 | 44.4 x 500 x 426 | 44.4 x 500 x 426 |
| Weight (lb) | 8.1 | 18.1 | 18.1 |
| Weight (kg) | 3.68 | 8.2 | 8.2 |
The following screenshots illustrate the Web user interface of the NETGEAR® ProSecure™ STM series of gateway security appliances.
Configure the STM network settings, interface speed/duplex mode, and MTU.
Configure user session limit and session timeout parameters.
Identify which IPs are to be excluded from security scans. By default, the STM will scan all Web and Email traffic not specifically listed here.
Enter account settings for Email notifications. The STM will utilize this information for sending any necessary security alerts.
The Setup Wizard will guide the Administrator through the remainder of the setup process.
Enter network settings for the STM.
Set the system time and local time zone.
Configure essential Email scanning parameters, including which services and corresponding ports the STM will scan and what action it will take when malware is detected.
Configure essential Web scanning parameters, including which services and corresponding ports the STM will scan and what action it will take when malware is detected.
Enter account settings for Email notifications.
Configure update settings for the STM. Updates to the software, scan engine, pattern file, and OS are performed online and automatically.
Configure the STM to block URLs from the selected categories. The content filter consists of 64 different categories with a real-time "in the cloud" database of tens of millions of the most relevant URLs.
This last screen confirms all settings from the previous 8 steps. Clicking "Apply" at the bottom of the screen finalizes these settings and reboots the STM appliance.
Determine which Email services and corresponding ports the STM will scan.
Determine what action the STM will take when malware is detected.
Configure the STM to alert users and/or senders regarding the security status of their Email. Custom alerts can be sent when malware is found, when it is not found, or when a scan has been skipped. Infected attachments can also be replaced with a customized warning message.
Configure the STM to filter Email based on keywords in the subject line, or by the file type, name, or password status of attachments. Also tells the STM what action to take when an Email meets any of these pre-determined parameters. Emails and/or attachments can be logged, or blocked and logged.
Configure white lists and black lists for Email, based on the recipient's IP address, domain, or Email address. Email can also be white listed based on the recipient's domain or Email address.
Provides the capability to quickly enable or add real-time blacklists to the STM.
Tell the STM what action to take when it finds known or suspected spam. If the STM is behind a proxy server, the login credentials can be entered on this page.
Determine which Web services and corresponding ports the STM will scan.
Configure the STM for HTTP and HTTPS malware scanning including what action the STM will take when malware is detected and how to handle files that are larger than the scan exception threshold. A custom notification message will be shown in the browser when malware is detected.
Configure the STM to block URLs from the selected categories. The content filter consists of 64 different categories with a real-time "in the cloud" database of tens of millions of the most relevant URLs. Filtering can be designed to be continuously enforced, or only during certain scheduled days/times. URLs can be submitted to check for classification.
Configure URL white lists and black lists.
Configure HTTPS scan settings.
Catalogs all certificates for the STM and tells it what Web sites to allow without a corresponding certificate.
Configure the STM to bypass the HTTPS scanning of specific trusted hosts.
Configure the STM for FTP-based malware handling, including what action the STM will take when infections are found, how to handle messages that are larger than the scan exception threshold, and what file extensions should be blocked.
Configure the STM for remote management, including ACLs. Access to the STM Web management interface can be restricted based on IP address.
Configure the STM for integration with third party SNMP network monitoring tools.
Enable settings to be backed up or restored - to factory defaults, or from a specified file.
Configure update settings for the STM. Updates to the software, scan engine, pattern file, and OS are performed online and automatically.
Enables Administrator and Guest passwords to be changed.Manage STM Web management interface accounts.
Set the system time and local time zone.
Provides information on the overall status of the STM, including current version and most recent update of all software elements, as well as serial numbers and license keys. Network addresses and interfaces information is also shown.
Shows current system resource usage and network traffic status.
Enables customized reports on Web usage for a specified date range.
Shows the current protection status of the network, as well as statistics on malware, files, URLs, and spam the STM has blocked at the gateway.
Enables diagnostic tools, including ping or trace an IP address, DNS lookup, restarting or shutting down the STM, or generating logs or network usage reports for troubleshooting purposes.
Tells the STM which logs to generate, when, and how frequently. Also tells the STM whether to send the logs via Email or syslog.
Tells the STM which activities trigger alerts and determines the construct of the malware alert message.
Enable log files to be generated for a specified set of criteria.
Enable the generation of Email, Web, or system reports for a specified date range.
Tells the STM which reports to generate on a regular basis, when and how frequently to generate them, and where to send them.
Enable a secure online support connection with the ProSecure™ Support Team.
Install hot fixes for the STM.
Send a suspicious file or suspected malicious Email to the ProSecure™ malware labs for analysis.
Register and manage the Web protection, Email protection, and Support & Maintenance licenses for the STM.
NETGEAR® ProSecure™ STM appliances manage an organization's Internet usage and protects these organizations from Internet borne malware, spam, viruses, and inappropriate web surfing. With the NETGEAR® ProSecure™ STM appliance sitting between the organization and the Internet, it is critical that the STM appliance is sized appropriately and matches the performance needs of the organization.
There are no industry-standard metrics for determining the model to select, as every organization is unique and displays different Internet usage characteristics. As such, NETGEAR® uses several specifications to evaluate the applicability of an STM appliance:
A starting point is to estimate the throughput your organization requires between its internal network and the Internet. As the STM appliance sits between your internal network and the Internet, this throughput number is the total amount of traffic that can be passed with the STM in place.
The number of concurrent clients represents the maximum number of currently active clients that can simultaneously access the Internet through the STM. NETGEAR® STM Appliances' Concurrent Client rating is a number that is measured assuming that each active client is currently engaging in an "average" web browsing session with multiple connections to multiple websites.
In general, your organization's concurrent client count should be less than the total number of users in your organization. For instance, if your organization has 1000 users, perhaps only 800 of those users have Internet access via a computer. Moreover, on the average, perhaps only 75% of those users are in the office at any point in time (75% x 800 = 600 users). Lastly, you may perhaps estimate that only 50% of those users (50% x 600 = 300 users) are actually on the Internet browsing web traffic at a given time.
Users who are actively browsing the Internet can typically be estimated to have 5 active HTTP connections at any point in time with a 60% rate of concurrency (yielding 3 connections). This number accommodates averaged situations where some users are heavily browsing the web or using Internet bandwidth intensive applications. Note that the peak number of connections can exceed these estimates if there is extraordinarily heavy usage of Internet bandwidth or connection intensive applications such as Peer 2 Peer applications are being used.
The rate at which users send and receive Emails varies widely in organizations, and is also dependent on the amount of spam an organization is receiving. For instance, if users, on the average, send and receive 30 legitimate emails per hour and 70% of Email traffic is SPAM, then each user will contribute 100 Emails per hour to the overall system load. A 200 user organization could then be expected to experience an Email load of 200,000 messages per hour.
| STM Model Capacity | STM150 | STM300 | STM600 |
|---|---|---|---|
| Throughput (Mb/s) | 43 | 149 | 239 |
| Concurrent Clients | 145 | 333 | 600 |
| Concurrently Scanned HTTP Connections | 1000 | 2000 | 4000 |
| SMTP Throughput (emails / hour) | 139,000 | 420,000 | 960,000 |
When sizing an STM for an organization, throughput, concurrent clients, concurrent connections, and Emails processing capability should all be assessed against the characteristics of the organization. In the examples below, we have outlined potential sample organizations and the recommended STM appliances for each organization.
| Organization Characteristics | Suggested STM Model |
|---|---|
| 10 Mbps Throughput 100 concurrent clients 300 concurrently scanned HTTP connections 100,000 Emails / hour |
STM150 |
| 40 Mbps Throughput 250 concurrent clients 800 concurrently scanned HTTP connections 300,000 Emails / hour |
STM300 |
| 120 Mbps Throughput 500 concurrent clients 1600 concurrently scanned HTTP connections 700,000 Emails / hour |
STM600 |
The NETGEAR® ProSecure™ STM gateway security appliance is an inline transparent bridge that can easily be deployed to any point on the network without requiring network reconfiguration or additional hardware.
The following are the most common deployment scenarios for the STM appliance. Depending on your network environment and the areas that you want to protect, you can choose one or a combination of these deployment scenarios.
In a typical gateway deployment scenario, a single STM appliance is installed at the gateway between the firewall and the LAN core switch to protect the network against all Web and Email threats entering and leaving the gateway. In this type of deployment, all STMs scan both Web and Email traffic.
Note: In a gateway deployment, it is recommended to install the STM behind the firewall to employ the firewall's functionality in stopping DoS attacks (which may often be non Web or Email traffic related).
Figure 1 Gateway Deployment
In a server group deployment, one STM appliance is installed at the gateway and another in front of the server group. This type of deployment helps split the network load and provides the mail server with dedicated protection against email-borne malware and spam. In this type of deployment the STM installed at the gateway scans only Web traffic while the STM in front of the server group scans only Email traffic.
Figure 2 Server Group Deployment
In a segmented LAN deployment, one STM appliance is installed in front of each network segment. This type of deployment helps split the network load and protects network segments from Web and Email threats coming in through the gateway or originating from other segments. In this type of deployment, all STMs scan both Web and Email traffic.
Figure 3 Segmented LAN Deployment
Enterprise-class security architecture to protect business networks from viruses, worms, spyware, trojans, rootkits, keyloggers, and unauthorized Web surfing – without impacting productivity.
Firewall functionality that deploys an array of network security technologies such as stateful packet inspection (SPI), Intrusion prevention (IPS), and denial-of-service (DoS) protection.
A Distributed Spam Analysis architecture that uses an in-the-cloud approach to stop up-to-the-minute spam outbreaks. Patent-pending Stream Scanning architecture ensures email is malware free.
The ProSecure UTM series offers the best of both worlds by offering two types of virtual private network (VPN) tunnels, Secure Sockets Layer (SSL) and IP security (IPsec), for optimal secure connection to your network.
Call: 01344 458200 or Request More Info ›
The PowerShift Program puts a world of resources at your fingertips.
Login Page:
http://www.netgear-powershift.co.uk/
Apply to be a Partner:
http://www.netgear-powershift.co.uk/signup.php
NETGEAR® ProSecure™ security appliances employ a best-of-breed security architecture that provides up to 200x the virus and malware coverage over other solutions at speeds up to 5x faster using patent-pending Stream Scanning technology.
ProSecure™ STM Series: For Medium Sized Businesses – Enterprise Strength Spam, Virus, & Web Filter Security
ProSecure™ UTM Series: For Small Businesses – Comprehensive All-in-One Gateway Security – Without Compromise
Call: 01344 458200
Copyright © 2008 NETGEAR® | www.netgear.co.uk
