Manuals / NETGEAR / Computer Equipment / Switch

NETGEAR STM150EW3-100NAS manual V1.1, March

Models: STM150EW3-100NAS

1 95

Download 95 pages 14.37 Kb

Page 71

ProSecure Web/Email Security Threat Management Appliance STM150 Reference Manual

Due to the nature of HTTPS scanning and how the certificates are handled, the end user will see Security Alerts in their web browser as shown in the following figure. This is because the client (browser) will get a certificate from the STM150 instead of directly from the server.

Figure 4-13

During SSL authentication, the client authenticates three items:

•Is the certificate trusted?

•Has the certificate expired?

•Does the name on the certificate match that of the Web site?

If one of these is NOT satisfied, a security alert appears in the browser window.

If HTTPS scan is enabled, an alert message appears when a user connected to the STM150 visits an HTTPS site. Note that this is not a bug in the STM150 – it is a result of HTTPS scanning and the way SSL works. The STM150 generated certificate has the same name and expiration date of the original certificate sent by the server. However, since the certificate was generated by the STM150 and not a trusted certificate authority, the browser will notify the user that the certificate is not valid. To prevent these popups, you must add NETGEAR as a trusted root CA in your browser.

If client authentication is required, the STM150 may not be able to scan the HTTPS traffic in some cases due to the nature of SSL. SSL has two parts – client and server authentication. Server authentication occurs with every HTTPS request, but client authentication is NOT mandatory, and rarely occurs. As a result, whether the request is from the STM150 or the real client is of less importance.

Customizing Scans

4-21

v1.1, March 2009

Image 71

NETGEAR STM150EW3-100NAS manual V1.1, March

Contents

NETGEAR, Inc Bestätigung des Herstellers/Importeurs TrademarksStatement of Conditions EU Regulatory Compliance StatementAdditional Copyrights Voluntary Control Council for Interference Vcci StatementMD5 Zlib Product and Publication DetailsV1.1, March Contents Chapter Performing System Management Tasks Chapter Monitoring System Performance Page Conventions, Formats, and Scope About This ManualManual Part Publication Version Description Number Date Revision HistoryChapter Introduction About Stream Scanning Key Features and CapabilitiesWhat Can You Do with an STM150? Front Panel Features Service Registration Card with License KeysRear Panel Features Choosing a Location for the STM150 Default IP Address, Login Name, and Password LocationUsing the Rack Mounting Kit V1.1, March Choosing a Deployment Scenario Provisioning Threat Management ServicesGateway Deployment Server Group Segmented LAN Deployment Use the Installation Guide to Perform Initial ConfigurationLogging In to the STM150 V1.1, March Click Register Registering the STM150Web Security Use the Setup Wizard to Complete the ConfigurationSetup Wizard Options Email SecurityWeb Categories Verifying the STM150 InstallationUpdate Settings Email Notification ServerWhat to Do Next Testing ConnectivityTesting Http Scanning Performing System Management Tasks Modifying System SettingsConfiguring Network Settings V1.1, March Enabling Session Limits and Timeouts To enter a scanning exclusion rule On the menu, click Global Settings Scanning ExclusionsScanning Exclusions To set the system time Setting the System TimeOn the menu, click Administration Time Zone To specify a notification server Specifying the Notification ServerCustomizing Email Alerts Click Save ChangesTo enable system administrator email alerts On the menu, click Administration Snmp Configuring Snmp SettingsTo configure the Snmp settings To define Snmp Traps Supported MIB BrowsersDefining Trusted Snmp Hosts Backing Up the STM150 Configuration Backing Up and Restoring ConfigurationsTo restore the STM150 settings To Back Up the STM150 SettingsRestoring a Configuration Restarting the STM150 Resetting to Factory DefaultsEnabling Remote Management Configuring Scheduled Updates Administering Software UpdatesOn the menu, go to Administration Software Update To configure scheduled updatesPerforming a Manual Update Applying a Software Update that Requires a Reboot Administering Admin Login Timeouts and Passwords V1.1, March V1.1, March Chapter Customizing Scans Default Scan SettingsCustomizing Email Scanning Settings Insert Warning into Email Subject Line Smtp End User Email Notification SettingsEmail Security Anti-Virus Notification Settings on the menu Replace Infected Attachment with Warning Message Send Warning Email When Malware Is FoundAppend Safe Stamp Smtp & POP3 Email Content Filtering Filter by File Type Filter by Password-protected AttachmentsFilter by Subject Keywords File ExtensionProtecting Against Email Spam Setting Up the Whitelist and BlacklistEmail Security Anti-Spam Whitelist and Blacklist To define the sender whitelist. On the menu, go toTo define the recipient whitelist. On the menu, go to Configuring the Real-time BlacklistTo add a new provider Configuring Distributed Spam AnalysisTo configure distributed spam analysis Customizing Web Scanning Settings Configuring Web Malware Scans Configuring Web Content Filtering V1.1, March V1.1, March White List Configuring Web URL FilteringBlacklist Https Third Party Website Certificate Handling Https Scan SettingsHttp Tunneling STM150 CA Certificate Show This Message When an SSL Connection Attempt FailsV1.1, March Web Security Https Scan Certificate Management Certificate ManagementUntrusted Certificates To import a new certificate used for Https scansTrusted Certificate Authorities Web Security Http and Https Trusted Hosts To add hosts to the Host Access Control ListTrusted Hosts Web Security FTP Configuring FTP ScanTo delete hosts from the Host Access Control List V1.1, March Chapter Monitoring System Performance Viewing the System Status Using Statistics and Web Usage Data V1.1, March Monitoring Security Monitoring Diagnostics Running DiagnosticsUsing the Network Diagnostic Tools To collect information about your STM150 Using the Realtime Traffic Diagnostic ToolsGathering Important Log Information Working with Logs Using Reports to Optimize Protection and PerformanceGenerate Network Statistics Report Sending Logs Querying LogsLog Management Using Logs to Identify Infected ClientsOn the menu, click Logs & Reports Scheduled Report Working with ReportsSend Reports by Email Support Online Support Using Online SupportEnabling Remote Troubleshooting Go to Support Hot Fixes To install a hot fixWorking with Hot Fixes On the menu, go to Support Malware Analysis Sending Suspicious Files to Netgear for AnalysisTable A-1. STM150 Default Configuration Settings Appendix a Default Settings and Technical SpecificationsSTM150 specifications are listed in the table below Document Link Appendix B Related DocumentsV1.1, March Index N