NETGEAR STM150EW3-100NAS manual Using the Realtime Traffic Diagnostic Tools

Page 83

ProSecure Web/Email Security Threat Management Appliance STM150 Reference Manual

Use PING to check the connection between the STM150 and a specific IP address. Enter the IP address or host name, and then click PING. The PING results appear at the bottom of the page.

To perform DNS lookup, enter the domain name, and then click DNS Lookup. The page refreshes, and then the DNS lookup results (domain name and IP addresses) appear at the bottom of the page.

Click Restart or Shutdown to restart or shutdown the system, which terminates all sessions.

Using the Realtime Traffic Diagnostic Tools

1.In Protocol, select the protocols that you want to analyze. You can select a single or a combination of protocols.

2.In Source IP address, enter the origin of traffic that you want to analyze.

3.In Destination IP address, enter the target host for which the traffic is intended.

4.Click Start. You will be prompted to save the downloaded traffic capture to your PC.

5.Select a location to save the file and click OK. A file download will begin.

6.Once you are done, click Stop. The file download will now be complete.

7.Open the file in a network traffic analyzer tool such as Wireshark.

Gathering Important Log Information

When you request support, NETGEAR Technical Support may ask you to collect the debug logs and other information from your STM150 appliance. Use the Gather Important Log Information section to export information that can help NETGEAR troubleshoot the appliance.

To collect information about your STM150

1.On the Diagnostics page, click Download Now under the Gather Important Log Information section. A pop-up message appears, prompting you to confirm that you want to download the information file from the STM150. The default file name is importantlog.gpg

2.Select a download location for the file, and then click OK. Your browser downloads the information file to the location you specified.

3.When download is complete, browse to the download location you specified and verify that the file has been downloaded successfully.

Monitoring System Performance

5-7

v1.1, March 2009

Image 83

Contents NETGEAR, Inc Bestätigung des Herstellers/Importeurs TrademarksStatement of Conditions EU Regulatory Compliance StatementAdditional Copyrights Voluntary Control Council for Interference Vcci StatementMD5 Zlib Product and Publication DetailsV1.1, March Contents Chapter Performing System Management Tasks Chapter Monitoring System Performance Page Conventions, Formats, and Scope About This ManualManual Part Publication Version Description Number Date Revision HistoryChapter Introduction About Stream Scanning Key Features and CapabilitiesWhat Can You Do with an STM150? Front Panel Features Service Registration Card with License KeysRear Panel Features Choosing a Location for the STM150 Default IP Address, Login Name, and Password LocationUsing the Rack Mounting Kit V1.1, March Choosing a Deployment Scenario Provisioning Threat Management ServicesGateway Deployment Server Group Segmented LAN Deployment Use the Installation Guide to Perform Initial ConfigurationLogging In to the STM150 V1.1, March Click Register Registering the STM150Web Security Use the Setup Wizard to Complete the ConfigurationSetup Wizard Options Email SecurityWeb Categories Verifying the STM150 InstallationUpdate Settings Email Notification ServerWhat to Do Next Testing ConnectivityTesting Http Scanning Performing System Management Tasks Modifying System SettingsConfiguring Network Settings V1.1, March Enabling Session Limits and Timeouts To enter a scanning exclusion rule On the menu, click Global Settings Scanning ExclusionsScanning Exclusions To set the system time Setting the System TimeOn the menu, click Administration Time Zone To specify a notification server Specifying the Notification ServerCustomizing Email Alerts Click Save ChangesTo enable system administrator email alerts On the menu, click Administration Snmp Configuring Snmp SettingsTo configure the Snmp settings To define Snmp Traps Supported MIB BrowsersDefining Trusted Snmp Hosts Backing Up the STM150 Configuration Backing Up and Restoring ConfigurationsTo restore the STM150 settings To Back Up the STM150 SettingsRestoring a Configuration Restarting the STM150 Resetting to Factory DefaultsEnabling Remote Management Configuring Scheduled Updates Administering Software UpdatesOn the menu, go to Administration Software Update To configure scheduled updatesPerforming a Manual Update Applying a Software Update that Requires a Reboot Administering Admin Login Timeouts and Passwords V1.1, March V1.1, March Chapter Customizing Scans Default Scan SettingsCustomizing Email Scanning Settings Insert Warning into Email Subject Line Smtp End User Email Notification SettingsEmail Security Anti-Virus Notification Settings on the menu Replace Infected Attachment with Warning Message Send Warning Email When Malware Is FoundAppend Safe Stamp Smtp & POP3 Email Content Filtering Filter by File Type Filter by Password-protected AttachmentsFilter by Subject Keywords File ExtensionProtecting Against Email Spam Setting Up the Whitelist and BlacklistEmail Security Anti-Spam Whitelist and Blacklist To define the sender whitelist. On the menu, go toTo define the recipient whitelist. On the menu, go to Configuring the Real-time BlacklistTo add a new provider Configuring Distributed Spam AnalysisTo configure distributed spam analysis Customizing Web Scanning Settings Configuring Web Malware Scans Configuring Web Content Filtering V1.1, March V1.1, March White List Configuring Web URL FilteringBlacklist Https Third Party Website Certificate Handling Https Scan SettingsHttp Tunneling STM150 CA Certificate Show This Message When an SSL Connection Attempt FailsV1.1, March Web Security Https Scan Certificate Management Certificate ManagementUntrusted Certificates To import a new certificate used for Https scansTrusted Certificate Authorities Web Security Http and Https Trusted Hosts To add hosts to the Host Access Control ListTrusted Hosts Web Security FTP Configuring FTP ScanTo delete hosts from the Host Access Control List V1.1, March Chapter Monitoring System Performance Viewing the System Status Using Statistics and Web Usage Data V1.1, March Monitoring Security Monitoring Diagnostics Running DiagnosticsUsing the Network Diagnostic Tools To collect information about your STM150 Using the Realtime Traffic Diagnostic ToolsGathering Important Log Information Working with Logs Using Reports to Optimize Protection and PerformanceGenerate Network Statistics Report Sending Logs Querying LogsLog Management Using Logs to Identify Infected ClientsOn the menu, click Logs & Reports Scheduled Report Working with ReportsSend Reports by Email Support Online Support Using Online SupportEnabling Remote Troubleshooting Go to Support Hot Fixes To install a hot fixWorking with Hot Fixes On the menu, go to Support Malware Analysis Sending Suspicious Files to Netgear for AnalysisTable A-1. STM150 Default Configuration Settings Appendix a Default Settings and Technical SpecificationsSTM150 specifications are listed in the table below Document Link Appendix B Related DocumentsV1.1, March Index N