ProSecure Unified Threat Management UTM Appliance
Support
ProSecure Product Updates ProSecure Forum Revision History
Trademarks
ProSecure Unified Threat Management UTM Appliance
Updated Features That Reduce Traffic and Features That
Settings and Technical Specifications
Application control see Configure Application Control
Configure Quarantine Settings, Query and Manage
Appendix B, Wireless Network Module for the UTM9S UTM25S
Configure Distributed Spam Analysis section
Added the Requirements for Entering IP Addresses
Contents
Manually Configure Internet and WAN Settings
Firewall Protection
Content Filtering and Optimizing Scans
Virtual Private Networking Using SSL Connections
Network and System Management
Troubleshoot and Use Online Support
Appendix a xDSL Network Module for the UTM9S and UTM25S
Appendix E ReadyNAS Integration
Appendix H Default Settings and Technical Specifications
Introduction
Introduction
Key Features and Capabilities
Single or multiple exposed hosts Virtual private networks
Wireless Features
DSL Features
Advanced VPN Support for Both IPSec and SSL
Stream Scanning for Content Filtering
Powerful, True Firewall
Autosensing Ethernet Connections with Auto Uplink
Security Features
Extensive Protocol Support
Easy Installation and Management
Maintenance and Support
Model Comparison
UTM model comparison
Network Modules and Broadband Adapters
Service Registration Card with License Keys
Hardware Features
Package Contents
Front Panel UTM5 and UTM10
Power LED
USB port Left LAN LEDs
Test LED Right WAN LED Right LAN LEDs
Front Panel UTM50
Front Panel UTM25
USB port Left LAN LEDs Left WAN LEDs Active
Test LED Right LAN LEDs Right WAN LEDs LEDs
Front Panel UTM150
Power LED Left LAN LEDs Left WAN LEDs USB port
LEDs Right WAN LEDs Test LED Right LAN LEDs
Active WAN LEDs Test LED Right LAN LEDs Right WAN LEDs
Front Panel UTM9S and UTM25S and Network Modules
Power LED Left WAN LEDs Slot Left LAN LEDs USB port
Active WAN LEDs
Test LED Right LAN LEDs
XDSL Network Modules
Wireless Network Modules
LED Descriptions, UTM5, UTM10, UTM25, UTM50, and UTM150
LED descriptions UTM5, UTM10, UTM25, UTM50, and UTM150
Activity Description
Activity Description LAN ports
DMZ LED
WAN ports
LED Descriptions, UTM9S, UTM25S, and their Network Modules
LED descriptions UTM9S and UTM25S
USB LED
Rear Panel UTM5, UTM10, and UTM25
Wireless network module
Receptacle
XDSL network modules
Reset button Receptacle
Factory Defaults Security lock
Rear Panel UTM50 and UTM150
Port
Reset button Console switch
Security lock AC power Receptacle Factory Defaults
Power
Switch
Bottom Panels with Product Labels
ProSecure Unified Threat Management UTM Appliance
ProSecure Unified Threat Management UTM Appliance
Choose a Location for the UTM
Use the Rack-Mounting Kit
Steps for Initial Connection
Use the Setup Wizard to Provision UTM in Your Network
Log In to the UTM
Use the Setup Wizard to Provision the UTM in Your Network
Qualified Web Browsers
Requirements for Entering IP Addresses
ProSecure Unified Threat Management UTM Appliance
Web Management Interface Menu Layout
ProSecure Unified Threat Management UTM Appliance
ProSecure Unified Threat Management UTM Appliance
To start the Setup Wizard
Use the Setup Wizard to Perform the Initial Configuration
Setup Wizard of 10 LAN Settings
Dhcp
Setting Description LAN TCP/IP Setup
DNS Proxy
Setting Description
Setting Description Inter Vlan Routing
Setup Wizard of 10 WAN Settings
Setup Wizard WAN Settings screen settings
Setting Description ISP Login
ISP Type
Internet IP Address
See Configure Load Balancing Multiple WAN Port Models
ISP
Dhcp
Setup Wizard of 10 System Date and Time
Domain Name Server DNS Servers
Get Automatically from ISP radio button
Setup Wizard System Date and Time screen settings
Setup Wizard of 10 Services
Setting Description Set Time, Date, and NTP Servers
For Daylight Savings Time check box
Web
Setup Wizard Services screen settings
Setup Wizard of 10 Email Security
Setup Wizard Email Security screen settings
Setting Description Action
Scan Exceptions
Setup Wizard of 10 Web Security
Http
Setup Wizard of 10 Web Categories to Be Blocked
Setting Description Blocked Web Categories
Setup Wizard Web Categories to be blocked screen settings
Blocked Categories Scheduled Days
Blocked Categories Time of Day
Setup Wizard Email Notification screen settings
Setup Wizard of 10 Email Notification
Setup Wizard of 10 Signatures & Engine
Setup Wizard Signatures & Engine screen settings
Setting Description Update Settings
Setup Wizard of 10 Saving the Configuration
Setting Description Update Frequency
Https Proxy Settings
Use the Web Management Interface to Activate Licenses
Register the UTM with Netgear
ProSecure Unified Threat Management UTM Appliance
Electronic Licensing
To retrieve and display the registered information
Click Retrieve Info
What to Do Next
Verify Correct Installation
Test Connectivity
Test Http Scanning
ProSecure Unified Threat Management UTM Appliance
Manually Configure Internet and WAN Settings
Internet and WAN Configuration Tasks
Manually Configure Internet and WAN Settings
Complete these steps
ProSecure Unified Threat Management UTM Appliance
ProSecure Unified Threat Management UTM Appliance
Pptp
Connection method Manual data input required
Manually Configure the Internet Connection
If the automatic ISP configuration is successful
If the automatic ISP configuration fails
Pptp and PPPoE settings
Balancing Multiple WAN Port Models on page 86 . To use load
Identifier check box
DNS server settings
If the manual ISP configuration fails
If the manual ISP configuration is successful
Overview of the WAN Modes
Configure the WAN Mode
Configure Network Address Translation All Models
Configure Classical Routing All Models
To configure auto-rollover mode
Configure Auto-Rollover Mode
To configure the failure detection method
Configure the Failure Detection Method
Failure detection method settings
Setting Description WAN Failure Detection Method
Ping
To configure load balancing
Configure Load Balancing Multiple WAN Port Models
Configure Protocol Binding Optional
Add Protocol Binding screen settings
Screen see Outbound Rules Service Blocking on
Change Group Names in the Network Database on
To edit a protocol binding
Configure Secondary WAN Addresses
To add a secondary WAN address to a WAN interface
To delete one or more secondary addresses
Configure Dynamic DNS
To configure Ddns
DNS service settings
Click Apply to save your configuration
Set the UTM’s MAC Address and Configure Advanced WAN Options
Setting Description MTU Size
Advanced WAN settings
Upload/Download Settings
Setting Speed Description
1000BaseT FullDuplex. Gigabit Ethernet Router’s MAC Address
Failure Detection Method
Additional WAN-Related Configuration Tasks
Manage Virtual LANs and Dhcp Options
LAN Configuration
Port-Based VLANs
LAN Configuration
100
Assign and Manage Vlan Profiles
101
Vlan Dhcp Options
Dhcp Relay
Dhcp Server
DNS Proxy
102
Ldap Server
Configure a Vlan Profile
To add or edit a Vlan profile
103
104
Setting Description Vlan Profile
Edit Vlan Profile screen settings
105
Port Membership
106
107
To enable, disable, or delete one or more Vlan profiles
Configure Vlan MAC Addresses and Advanced LAN Settings
To configure a Vlan to have a unique MAC address
To edit a Vlan profile
109
Configure Multihome LAN IP Addresses on the Default
110
To add a secondary LAN IP address
To edit a secondary LAN IP address
Manage Groups and Hosts LAN Groups
To delete one or more secondary LAN IP addresses
111
112
Manage the Network Database
113
Setting Description Name
Known PCs and devices settings
Add Computers or Devices to the Network Database
Modify Computers or Devices in the Network Database
Delete Computers or Devices from the Network Database
Change Group Names in the Network Database
To edit the names of any of the eight available groups
115
116
Set Up Address Reservation
Configure and Enable the DMZ Port
To enable and configure the DMZ port
117
DMZ Setup screen settings
Setting Description DMZ Port Setup
118
119
120
Manage Routing
Configure Static Routes
To add a static route to the Static Route table
121
122
Add Static Route screen settings
To enable and configure RIP Select Network Config Routing
Configure Routing Information Protocol
To edit a static route that is in the Static Routes table
To delete one or more routes
124
RIP Configuration screen settings
125
Authentication for RIP-2B/2M
126
Static Route Example
127
About Firewall Protection
Administrator Tips
Firewall Protection
128
Outbound Rules Service Blocking
Number of supported firewall rule configurations
129
Outbound rules overview
Setting Description Outbound Rules
130
Block always
Groups and Hosts LAN Groups on
131
132
Service Profiles on
Inbound Rules Port Forwarding
133
NAT IP
134
135
Setting Description Inbound Rules
136
137
Quality of Service Profiles on
138
Order of Precedence for Rules
Configure LAN WAN Rules
To change the default outbound policy
139
To change an existing outbound or inbound service rule
Create LAN WAN Outbound Service Rules
To enable, disable, or delete one or more rules
140
Create LAN WAN Inbound Service Rules
To create an inbound LAN WAN service rule
141
142
Configure DMZ WAN Rules
143
To delete or disable one or more rules
Create DMZ WAN Outbound Service Rules
Create DMZ WAN Inbound Service Rules
144
Configure LAN DMZ Rules
To create an inbound DMZ WAN service rule
145
146
Create LAN DMZ Inbound Service Rules
Create LAN DMZ Outbound Service Rules
To create an outbound LAN DMZ service rule
To create an inbound LAN DMZ service rule
Inbound Rule Examples
Examples of Firewall Rules
LAN WAN Inbound Rule Host a Local Public Web Server
148
149
150
Netgear UTM
151
To configure the UTM for additional IP addresses
152
LAN WAN or DMZ WAN Inbound Rule Specify an Exposed Host
Outbound Rule Example
LAN WAN Outbound Rule Block Instant Messenger
153
Vlan Rules
Configure Other Firewall Features
To create a Vlan rule
154
Add VLAN-VLAN Service screen settings
Add Customized Services on
155
To delete or disable one or more Vlan rules
To edit a Vlan rule
156
Setting Description WAN Security Checks
Attack Checks screen settings
Attack Checks, VPN Pass-through, and Multicast Pass-through
157
To configure multicast pass-through
Configure Multicast Pass-Through
Setting Description LAN Security Checks
158
159
Session Limit screen settings
To enable and configure session limits
Set Session Limits
To delete one or more multicast source addresses
To enable ALG for SIP and VPN scanning
Session Timeout
161
162
163
Add Customized Services
To add a customized service
Services screen settings
164
To edit a service
Create Service Groups
To delete one or more services
To create a service group
166
To edit a service group
Create IP Groups
To create an IP group
167
168
To delete an IP group
Create Quality of Service Profiles
To create a QoS profile
169
170
Add QoS Profile screen settings
Create Bandwidth Profiles
Default High Medium High Low
To edit a QoS profile
To delete one ore more QoS profiles
172
To add and enable a bandwidth profile
173
Add Bandwidth Profile screen settings
To edit a bandwidth profile
Create Traffic Meter Profiles
To delete one or more bandwidth profiles
174
175
To add a traffic meter profile
176
Add Traffic Meter Profile screen settings
To edit a traffic meter profile
Set a Schedule to Block or Allow Specific Traffic
To delete one or more traffic meter profiles
To add a schedule
Add Schedule screen settings
178
Scheduled Days
Setting Description Scheduled Time of Day
Enable Source MAC Filtering
To edit a schedule
To delete one or more schedules
180
To remove one or more entries from the table
Set Up IP/MAC Bindings
To set up IP/MAC bindings
181
Setting Description Email IP/MAC Violations
IP/MAC Binding screen settings
182
IP/MAC Bindings
To edit an IP/MAC binding
Configure Port Triggering
To remove one or more IP/MAC bindings from the table
183
Port Triggering screen settings
To add a port-triggering rule
184
To edit a port-triggering rule
To display the status of the port-triggering rules
185
186
Configure Universal Plug and Play
To enable intrusion prevention
Enable and Configure the Intrusion Prevention System
To configure intrusion prevention
IPS screen settings
188
Security Category Settings
189
IPS, screen 1 Firewall Protection
IPS uncommon attack names
190
Attack Name Description Web
191
Attack Name Description
Misc
192
About Content Filtering and Scans
Default email and web scan settings
Default Email and Web Scan Settings
Content Filtering and Optimizing Scans
193
Customize Email Protocol Scan Settings
Configure Email Protection
To configure the email protocols and ports to scan
Scan type Default scan setting Default action if applicable
195
Protocol Scan Settings on
Customize Email Antivirus and Notification Settings
To configure the antivirus settings for email traffic
196
197
Anti-Virus screen settings for email traffic
Setting Description Scan Exceptions
Notification Settings
198
Setting Description Email Alert Settings
Email Content Filtering
199
SUBJECT%, %FILENAME%, %ACTION%, %VIRUSNAME%
200
Setting Description Email Filters
Email Filters screen settings
Filter by Password-Protected Attachments ZIP, RAR, etc
201
Protect Against Email Spam
Setting Description Filter by File Type
202
Filter by File Name
203
Set Up the Whitelist and Blacklist
204
To configure the whitelist and blacklist
205
Whitelist/Blacklist screen settings
To enable the real-time blacklist
Configure the Real-Time Blacklist
To add a blacklist provider to the real-time blacklist
206
207
Configure Distributed Spam Analysis
Distributed Spam Analysis screen settings
Setting Description Distributed Spam Analysis
208
Anti-Spam Engine Settings
209
Low Medium-Low
Customize Web Protocol Scan Settings
Configure Web and Services Protection
Setting Description Send Quarantine Spam Report
210
211
To configure the web protocols and ports to scan
212
Configure Https Smart Block
213
Add or Edit Https Smart Block Profile settings
214
215
To change a profile
216
Configure Web Malware or Antivirus Scans
217
Anti-Virus screen settings for HTTP/HTTPS traffic
Scan Exception
Html Scan
218
Configure Web Content Filtering
219
To configure web content filtering
220
Content Filtering screen settings
Setting Description Content Filtering
221
Full-Text Search
222
Performance Management on
Block Web Objects
223
Setting Description Web Category Lookup
Configure Web URL Filtering
224
URL
225
To configure web URL filtering
Setting Description Whitelist
URL Filtering screen settings
226
Blacklist
URL%
227
Configure Https Scanning and SSL Certificates
How Https Scanning Works
228
229
To configure the Https scan settings
Configure the Https Scan Settings
Https Settings screen settings
230
231
Manage SSL Certificates for Https Scanning
232
Manage the Active Https Certificate
233
Manage Trusted Https Certificates
Manage Untrusted Https Certificates
To delete an untrusted certificate
Specify Trusted Hosts for Https Scanning
To specify trusted hosts
235
236
Trusted Hosts screen settings
To configure the SSL settings for Https scanning
Configure the SSL Settings for Https Scanning
SSL Settings screen settings
237
Customize FTP Antivirus Settings
Configure FTP Scanning
To configure the antivirus settings for FTP traffic
Anti-Virus screen settings for FTP
To configure the FTP filters
Configure FTP Content Filtering
Setting Description Scan Exception
239
240
Configure Application Control
241
242
243
To select one or more individual applications
To select one or more categories of applications
To search for an application
244
245
Setting Description Policy for a category of applications
Application Control Policy pop-up screen settings
246
Meter Profiles on
247
To change an existing application control profile
Set Exception Rules for Web and Application Access
To delete one or more application control profiles
248
249
To set web access exception rules
250
Application
File Extension
Https Smart Block
251
URL Filtering
Add or Edit Exceptions screen settings
Web Category
252
253
254
See Configure Radius VLANs on
Delete Groups on
Ldap
To select a category of applications
255
To select a single application
To search for an application
256
For Exceptions for Web and Application Access on
To disable, enable, or delete one or more exception rules
To change an existing exception rule
257
258
To create and manage custom categories
259
Custom categories applications
260
Custom Categories screen settings
To select one or more categories of applications
To select one or more individual applications
To remove one or more categories or applications from
261
Applications in this Category table
To add a URL
Set Scanning Exclusions for IP Addresses and Ports
To configure scanning exclusion rules
To change an existing custom category
To delete one or more custom categories
263
Scanning Exclusion screen settings
264
Virtual Private Networking
265
IP addressing for VPNs in dual WAN port systems
266
Create Gateway-to-Gateway VPN Tunnels with the Wizard
267
268
Setting Default Value IKE policy
3DES
SHA-1
269
IPSec VPN Wizard settings for a gateway-to-gateway tunnel
270
Setting Description Secure Connection Remote Accessibility
271
Create a Client-to-Gateway VPN Tunnel
272
Select the VPN Client radio button. The default remote Fqdn
IPSec VPN Wizard settings for a client-to-gateway tunnel
273
Fqdn
274
Information required to configure the VPN client
275
Component Example Information to be collected
276
277
278
Setting Description Advanced features
VPN client advanced authentication settings
279
NAT-T
280
To create new authentication settings
Type vpnclient
281
282
VPN client authentication settings
10.34.116.22
IKE
283
Setting Description Local and Remote ID
To create an IPSec configuration
Type netgearplatform
284
VPN client IPSec configuration settings
285
ESP
286
To specify the global parameters
287
Test the Netgear VPN Client Connection
288
Click Gateway-Tunnel, and press Ctrl+O
Netgear VPN Client Status and Log Information
View the UTM IPSec VPN Connection Status
289
To query the IPSec VPN log
View the UTM IPSec VPN Log
IPSec VPN Connection Status screen information
290
291
Manage IPSec VPN and IKE Policies
Manage IKE Policies
To access the IKE Policies screen
IKE Policies Screen
292
293
List of IKE Policies table information
To delete one or more IKE polices
Manually Add or Edit an IKE Policy
To add an IKE policy manually
294
295
Setting Description Mode Config Record
Add IKE Policy screen settings
296
General
297
Remote
IKE SA Parameters
298
Setting Description Extended Authentication
To edit an IKE policy
299
Manage VPN Policies
VPN Policies Screen
300
301
List of VPN Policies table information
Manually Add or Edit a VPN Policy
To enable or disable one or more VPN policies
To delete one or more VPN polices
To add a VPN policy manually
303
Add New VPN Policy screen settings
Setting Description General
304
305
Configure Keep-Alives
Traffic Selection
Manual Policy Parameters
306
307
Setting Description Auto Policy Parameters
Configure Extended Authentication Xauth
To edit a VPN policy
308
To enable and configure Xauth
Configure Xauth for VPN Clients
Extended authentication settings
309
Radius Client and Server Configuration
User Database Configuration
To configure primary and backup Radius servers
310
Setting Description Primary Radius Server
Radius Client screen settings
Backup Radius Server
Connection Configuration
Mode Config Operation
Assign IP Addresses to Remote Users Mode Config
Configure Mode Config Operation on the UTM
312
313
To configure Mode Config on the UTM
Add Mode Config Record screen settings
Setting Description Client Pool
314
Traffic Tunnel Security Level
315
316
317
Setting Description IKE SA Parameters
318
Select Group 2 1024 bit
Configure the ProSafe VPN Client for Mode Config Operation
User Database Configuration on
319
320
321
Type GWModeConfig
322
VPN client authentication settings Mode Config
Type TunnelModeConfig
VPN client advanced authentication settings Mode Config
323
VPN client IPSec configuration settings Mode Config
324
Enter
325
Configure the Mode Config Global Parameters
326
Test the Mode Config Connection
To edit a Mode Config record
Modify or Delete a Mode Config Record
To delete one or more Mode Config records
327
Configure Keep-Alives and Dead Peer Detection
Configure Keep-Alives
328
To configure DPD on a configured IKE policy
Configure Dead Peer Detection
Keep-alive settings
329
To enable NetBIOS bridging on a configured VPN tunnel
Configure NetBIOS Bridging with IPSec VPN
Dead Peer Detection settings
330
331
Configure the Pptp Server
Pptp Server screen settings
Setting Description Pptp Server
332
View the Active Pptp Users
Setting Description Authentication
To view the active Pptp tunnel users
333
Pptp Active Users screen information
Configure the L2TP Server
334
Pptp IP
L2TP Server screen settings
Setting Description L2TP Server
335
View the Active L2TP Users
For More IPSec VPN Information
To view the active L2TP tunnel users
L2TP Active Users screen information
337
SSL VPN Portal Options
Virtual Private Networking Using SSL Connections
Build a Portal Using the SSL VPN Wizard
To start the SSL VPN Wizard
338
339
SSL VPN Wizard of 6 Portal Settings
SSL VPN Wizard of 6 screen settings portal settings
Setting Description Portal Layout and Theme Name
340
SSL VPN Portal Pages to Display
341
Wizard of 6 Client IP Addresses and Routes on
6 Port Forwarding on
342
SSL VPN Wizard of 6 Domain Settings
Server Configuration
SSL VPN Wizard of 6 screen settings domain settings
343
Radius Client
344
Windows login account name in email format. For
345
Display name in the dn format. For example
346
SSL VPN Wizard of 6 User Settings
SSL VPN Wizard of 6 screen settings user settings
347
348
SSL VPN Wizard of 6 Client IP Addresses and Routes
Setting Description Client IP Address Range
349
Add Routes for VPN Tunnel Clients
Setting Description Add New Application for Port Forwarding
SSL VPN Wizard of 6 Port Forwarding
350
351
SSL VPN Wizard of 6 Verify and Save Your Settings
SSH
Add New Host Name for Port Forwarding
352
353
Access the New SSL VPN Portal
354
355
356
View the UTM SSL VPN Connection Status
View the UTM SSL VPN Log
Manually Configure and Modify SSL Portals
To query the SSL VPN log
357
358
Manually Create or Modify the Portal Layout
To create an SSL VPN portal layout
359
360
361
Add Portal Layout screen settings
Setting Description SSL VPN Portal Pages to Display
Configure Domains, Groups, and Users
To edit a portal layout
To delete one or more portal layouts
Add Servers and Port Numbers
Configure Applications for Port Forwarding
To add a server and a port number
363
Add a Host Name
To add servers and host names for client name resolution
364
TCP application Port number
Configure the SSL VPN Client
Fully Qualified Domain Name. The full server name
365
SSL VPN Client screen settings
Configure the Client IP Address Range
To define the client IP address range
366
Add Routes for VPN Tunnel Clients
To add an SSL VPN tunnel client route
367
Configure the Advanced SSL VPN Client Settings
To change the LCP time-out
368
Add New Network Resources
Use Network Resource Objects to Simplify Policies
To define a network resource
369
Edit Network Resources to Specify Addresses
Resources screen settings to edit a resource
To delete one or more network resources
To edit network resources
371
Configure User, Group, and Global Policies
372
Global Default Policy
Add a Policy
View Policies
To view the existing policies
To add an SSL VPN policy
Setting Description Policy For
Add SSL VPN Policy screen settings
374
Add SSL VPN Policies
Resource Objects to Simplify Policies on
375
376
To edit an SSL VPN policy
For More SSL VPN Information
To delete one or more SSL VPN policies
377
378
Authentication Process and Options
Manage Users, Authentication, and VPN Certificates
External authentication protocols and methods
Authentication Description Protocol or method
379
Login Portals
Configure Authentication Domains, Groups, and Users
Administrative Users and Users with Guest Privileges
380
381
Users with Special Access Privileges
382
383
Unauthenticated or Anonymous Users
Active Directories and Ldap Configurations
How an Active Directory Works
384
385
How to Bind a DN in an Active Directory Configuration
386
387
Select Users Domains
Create and Delete Domains
Configure Domains
To create a domain
388
389
390
Add Domain screen settings
391
392
393
Edit Domains
Configure Groups
To delete one or more domains
To edit a domain
Create and Delete Groups
To create a VPN group
395
Edit Groups
Groups screen settings
To delete one or more groups
To edit a VPN group
Configure Custom Groups
To create and manage custom groups
397
398
399
Add Custom Group screen settings
To change an existing custom group
To delete one or more custom groups
400
Configure User Accounts
To create an individual user account
401
402
See Configure Extended Authentication Xauth on
Add User screen settings
To delete one or more user accounts
403
Configure Login Policies
Set User Login Policies
To configure user login policies
404
Configure Login Restrictions Based on IP Address
To restrict logging in based on IP address
405
By Source IP Address screen settings
Configure Login Restrictions Based on Web Browser
To delete one or more addresses
To restrict logging in based on the user’s browser
Internet Explorer Opera Netscape Navigator
To delete one or more browsers
407
Change Passwords and Other User Settings
To modify user settings, including passwords
408
Configure Extended Authentication Xauth on
Edit User screen settings
DC Agent
409
410
411
To download ProSecure DC Agent software and add a DC agent
DC Agent screen settings
To configure AD SSO with a DC agent
To edit a DC agent
412
413
414
To do so, follow this procedure
Configure Radius VLANs
To configure a Radius Vlan
415
416
Configure Global User Settings
View and Log Out Active Users
To log out all active users
417
Active Users screen settings
To view all or selected users
418
419
Manage Digital Certificates for VPN Connections
420
VPN Certificates Screen
Manage CA Certificates
To view and upload trusted certificates
421
Manage Self-Signed Certificates
To delete one or more digital certificates
422
423
Generate self-signed certificate request settings
424
512 1024 2048
425
View and Manage Self-Signed Certificates
Manage the Certificate Revocation List
To delete one or more SCRs
To delete one or more self-signed certificates
427
To delete one or more CRLs
Performance Management
Bandwidth Capacity
428
Features That Reduce Traffic
Network and System Management
429
430
431
Content Filtering
Features That Increase Traffic
Source MAC Filtering
432
433
Configure the DMZ Port
Port Triggering
434
Configure VPN Tunnels
Configure Exposed Hosts
Use QoS and Bandwidth Assignments to Shift the Traffic Mix
Assign QoS Profiles
System Management
Change Passwords and Administrator and Guest Settings
Monitoring Tools for Traffic Management
436
437
Configure Remote Management Access
To configure the UTM for remote management
438
439
Https//IPaddress or https//FullyQualifiedDomainName
440
Use a Simple Network Management Protocol Manager
441
Setting Description Snmp Global Settings
Global Snmp settings and SNMPv1/v2c settings
SNMPv1/v2c Settings
442
SNMPv3 settings
To configure the SNMPv3 settings
Setting Description SNMPv3 Settings
443
444
Restore Settings
Manage the Configuration File
To edit an SNMPv3 user profile
To delete one or more SNMPv3 user profiles
Back Up Settings
To back up settings
446
Restore Settings
Revert to Factory Default Settings
447
Update the Firmware
View the Available Firmware Versions
448
449
Firmware screen, available versions
450
Click Install Downloaded Firmware
451
To download the latest firmware for your UTM
452
453
Reboot without Changing the Firmware
Update the Scan Signatures and Scan Engine Firmware
To reboot the UTM without changing the firmware
454
455
Configure Automatic Update and Frequency Settings
Configure Date and Time Service
Signatures & Engine screen settings
456
Adjust for Daylight Savings Time check box
System Date & Time screen settings
To set time, date, and NTP servers
457
458
Connect to a ReadyNAS and Configure Quarantine Settings
Connect to a ReadyNAS
Log Storage
To connect to the ReadyNAS on the UTM
459
To configure the quarantine settings
Configure the Quarantine Settings
ReadyNAS Integration screen settings
460
Quarantine settings
Unauthenticated or Anonymous Users on
461
462
Enable the WAN Traffic Meter
463
Monitor System Access and Performance
464
Setting Description Enable Traffic Meter
Traffic Counter
Event Notifications on
465
Setting Description When Limit is reached
Configure the Email Notification Server
Configure Logging, Alerts, and Event Notifications
To configure the email notification server
466
Configure and Activate System, Email, and Syslog Logs
Email Notification screen settings
467
468
To configure and activate logs
Setting Description System Logs Option
Email and Syslog screen settings
Email Logs to Administrator
469
Logs screen see Configure and Activate Firewall Logs on
470
Send Logs via Syslog
Configure Gateway 1 at Site
How to Send Syslogs over a VPN Tunnel between Sites
Setting Description Clear the Following Logs Information
471
To change the remote IP address in the VPN policy
Configure Gateway 2 at Site
To change the local IP address in the VPN policy
472
To configure and activate the email alerts
Configure and Activate Update Failure and Attack Alerts
To specify the syslog server that is connected to Gateway
473
474
Alerts screen settings
475
TIME%, %PROTOCOL%, %FROM%, %TO%, %SUBJECT%
FILENAME%, %ACTION%, %VIRUSNAME%
Configure and Activate Firewall Logs
To configure and activate firewall logs
476
Setting Description Routing Logs
Monitor Real-Time Traffic, Security, and Statistics
477
478
Dashboard, screen 1
Dashboard screen threats and traffic information
To set the poll interval
479
Total Threats
480
Threats Counts
Total Traffic Bytes
481
Enable and Configure the Intrusion
482
Dashboard screen service statistics information
Monitor Application Use in Real Time
Spam blacklist see Set Up the Whitelist and Blacklist on
483
RBL
484
To filter the information that is displayed onscreen
To set the monitoring period
Application Dashboard screen
485
View Status Screens
View the System Status
486
System Status screen fields
View the System Status Screen
487
Status Description
View the Network Status Screen
Scan Settings on
488
System Information
Network Status screen fields
Available Access Points Table
489
LAN Vlan Information
To view the Router Statistics screen
View the Router Statistics Screen
490
Ssid
To view the Wireless Statistics screen
View the Wireless Statistics Screen UTM9S and UTM25S Only
Router Statistics screen fields
491
492
Wireless Statistics screen fields
Radio Statistics Details
AP Statistics
493
View the Detailed Status Screen
494
Configure and Enable the DMZ Port on
LAN Port Configuration
Detailed Status screen fields
495
MAC Address and Configure
Settings
Manually Configure the Internet
496
Wireless information in SLOT-1 Info or SLOT-2 Info
Access Points Information
497
Configure a Vlan Profile on
See Configure a Vlan Profile on
View the Vlan Status Screen
Vlan Status screen fields
View the Active VPN Users
View the xDSL Statistics Screen UTM9S and UTM25S Only
499
500
View the VPN Tunnel Connection Status
501
View the Active Pptp and L2TP Users
To view the status of the port-triggering feature
View the Port Triggering Status
502
503
Port Triggering Status pop-up screen information
To view the status of a WAN, xDSL, or USB port
View the WAN, xDSL, or USB Port Status
Connection Status pop-up screen information
504
View Attached Devices
View Attached Devices and the Dhcp Leases
To view the attached devices in the LAN Groups screen
505
506
View the Dhcp Leases
Query and Manage the Logs
To view the Dhcp leases
507
508
Overview of the Logs
Query and Download Logs
To query and download logs
509
510
Logs Query screen settings
511
512
Example Use the Logs to Identify Infected Clients
EMERG, ALERT, CRITICAL, ERROR, WARNING, Notice
To identify infected clients
513
Query and Manage the Quarantine Logs
Log Management
514
Query the Quarantined Logs
To query the quarantine logs
515
516
Quarantine screen settings
517
View and Manage the Quarantined Spam Table
518
View and Manage the Quarantined Infected Files Table
Spam Reports for End Users
For an end user to send a spam report
519
View, Schedule, and Generate Reports
Click Send Report
520
521
Enable Application Session Monitoring
To configure filtering options
Report Filtering Options
522
523
Report screen filtering options settings
Horizontal Bar
Pie
Use Report Templates and View Reports Onscreen
To display the report templates and view reports onscreen
524
525
Report screen report template information
526
IPS & Application
527
Email Activity
528
To schedule automatic generation and emailing of reports
Schedule, Email, and Manage Reports
529
System
Setting Description Schedule Reports
Report screen schedule report settings
Managing Saved Reports
530
531
Use Diagnostics Utilities
Send a Ping Packet
Use the Network Diagnostic Tools
To send a ping
532
Trace a Route
Use the Real-Time Traffic Diagnostics Tool
Display the Routing Table
Look Up a DNS Address
534
To use the real-time traffic diagnostics tool
Generate Network Statistics
Gather Important Log Information
To gather log information about your UTM
535
Perform Maintenance on the USB Device
Reboot and Shut Down the UTM
536
537
538
Troubleshoot and Use Online Support
Basic Functioning
Power LED Not On
Verify the Correct Sequence of Events at Startup
Test LED Never Turns Off
Troubleshoot the Web Management Interface
LAN or WAN Port LEDs Not On
540
When You Enter a URL or IP Address, a Time-Out Error Occurs
Troubleshoot the ISP Connection
541
542
To check the WAN IP address
Test the LAN Path to Your UTM
Troubleshoot a TCP/IP Network Using a Ping Utility
Ping
543
Test the Path from Your Computer to a Remote Device
Ping -n 10 IP address
544
545
Restore the Default Configuration and Password
Enable Remote Troubleshooting
Problems with Date and Time
Use Online Support
To initiate the support tunnel
Send Suspicious Files to Netgear for Analysis
To submit a file to Netgear for analysis
547
Access the Knowledge Base and Documentation
Malware Analysis screen settings
548
549
XDSL Network Module for the UTM9S UTM25S
Configure the xDSL Settings
XDSL Network Module Configuration Tasks
XDSL Network Module for the UTM9S and UTM25S
550
551
To configure the xDSL settings
XDSL settings
Setting Description XDSL Settings
552
553
VPI
VCI
554
555
561, and Troubleshoot the ISP Connection on
556
Manually Configure the xDSL Internet Connection
557
558
PPPoE and PPPoA settings
ATM Ipoa
559
560
561
562
Configure Network Address Translation
563
Configure Classical Routing
564
565
566
Configure Load Balancing and Optional Protocol Binding
567
Configure Load Balancing
568
569
570
571
To add a secondary WAN address to the DSL interface
572
573
574
Setting Description SLOT-x Dynamic DNS Status
575
Advanced DSL settings
Default Address radio button
576
577
578
Wireless Network Module for UTM9S and UTM25S
Configuration Order
Overview of the Wireless Network Module
Wireless Equipment Placement and Range Guidelines
Wireless Network Module for the UTM9S and UTM25S
Configure the Basic Radio Settings
To configure the basic radio settings
580
Radio Settings screen settings
581
Field Descriptions
582
583
Operating Frequency Channel Guidelines
584
Wireless Data Security Options
585
Wireless Security Profiles
Network authentication
Data encryption
586
WPA Radius settings
Before You Change the SSID, WEP, and WPA Settings
WPA2 Radius settings
587
To add a wireless profile
Configure and Enable Wireless Profiles
Wireless Profiles screen settings
588
Add Wireless Profiles screen settings
Field Description Profile Configuration
589
Security Options on
590
591
Tkip TKIP+AES
WEP Index and Keys
592
To edit a wireless profile
Restrict Wireless Access by MAC Address
To delete one or more wireless profiles
To enable or disable one or more wireless profiles
594
595
Access Point Status screen fields
Configure a Wireless Distribution System
596
Connected Clients
597
To enable and configure WDS
To configure WDS on a peer
Configure Advanced Radio Settings
To configure advanced radio settings
598
599
Advanced Wireless screen settings
600
Configure WMM QoS Priority Settings
601
For More Information About Wireless Configurations
Test Basic Wireless Connectivity
To test for wireless connectivity
602
603
3G/4G Dongle Configuration Tasks
Manually Configure the USB Internet Connection
3G/4G Dongles for the UTM9S and UTM25S
604
605
To configure the WAN ISP settings for the USB interface
Setting Description 3G Dongle Details
USB ISP settings
Connection Settings
606
607
XDSL, or USB Port Status on
Configure the 3G/4G Settings
To configure the 3G/4G settings
608
Setting Description 3GStatus
4G settings
Connection Setting
609
APN
610
611
612
613
614
615
616
617
618
619
620
Setting Description USB Dynamic DNS Status
621
622
What to Consider Before You Begin
WAN port Physical facility
Internet
623
Internet Configuration Requirements
Computer Network Configuration Requirements
Where Do I Get the Internet Configuration Information?
Cabling and Computer Hardware Requirements
625
Internet Connection Information
626
Overview of the Planning Process
627
Inbound Traffic
Inbound Traffic to a Dual WAN Port System
Inbound Traffic to a Single WAN Port System
Inbound Traffic Dual WAN Ports for Improved Reliability
Inbound Traffic Dual WAN Ports for Load Balancing
629
Virtual Private Networks
630
VPN Road Warrior Client-to-Gateway
631
VPN Road Warrior Single-Gateway WAN Port Reference Case
632
VPN Road Warrior Dual-Gateway WAN Ports for Load Balancing
633
VPN Gateway-to-Gateway
634
VPN Telecommuter Client-to-Gateway through a NAT Router
VPN Telecommuter Single-Gateway WAN Port Reference Case
635
636
637
VPN Telecommuter Dual-Gateway WAN Ports for Load Balancing
638
Supported ReadyNAS Models
To install the UTM add-on on the ReadyNAS
Install the UTM Add-On on the ReadyNAS
Select Add-ons Add New
ReadyNAS Integration
640
Select Add-ons Installed
641
Connect to the ReadyNAS on the UTM
642
643
Why Do I Need Two-Factor Authentication?
What Are the Benefits of Two-Factor Authentication?
644
What Is Two-Factor Authentication?
Netgear Two-Factor Authentication Solutions
Two-Factor Authentication
To use WiKID for end users
646
647
Log message terms
648
Term Description
System Log Messages
Reboot
System Startup
649
System logs login/logout
Login/Logout
System logs NTP
650
Firewall Restart
Auto-Rollover Mode
IPSec Restart
WAN Status
System logs WAN status, auto rollover
Load Balancing Mode
652
ACTIVEWAN2
PPP Logs
System logs WAN status, PPPoE idle timeout
System logs WAN status, load balancing
653
654
System logs WAN status, Pptp idle timeout
Traffic Metering Logs
Unicast, Multicast, and Broadcast Logs
655
Icmp Redirect Logs
Invalid Packet Logging
Multicast/Broadcast Logs
656
657
Content-Filtering and Security Logs
Service Logs
Service logs
658
659
Web Filtering and Content-Filtering Logs
Content-filtering and security logs spam
Spam Logs
660
Malware Logs
Traffic Logs
Email Filter Logs
661
Content-filtering and security logs anomaly behavior
Content-filtering and security logs IPS
IPS Logs
Anomaly Behavior Logs
Application Logs
Routing Logs
LAN-to-WAN Logs
663
DMZ-to-WAN Logs
LAN-to-DMZ Logs
WAN-to-LAN Logs
664
WAN-to-DMZ Logs
DMZ-to-LAN Logs
Routing logs WAN to DMZ
665
UTM default configuration settings
Default Settings
Feature Login settings Default behavior
666
Feature Default behavior WAN connections
Default Settings and Technical Specifications
Administrative and monitoring settings
667
668
Feature Default behavior Firewall and network security
SIP ALG
IPS
669
Feature Application security Default behavior
670
Feature Default behavior
SSL VPN settings
Radius settings
User, group, and domain settings
671
672
Physical and Technical Specifications
UTM physical and technical specifications
673
Feature Specification Major regulatory compliance
UTM IPSec VPN specifications
Interface specifications
Setting Specification
Feature Description 802.11b/bg/ng wireless specifications
UTM SSL VPN specifications
675
Http//prosecure.netgear.com
Feature Description 802.11a/na wireless specifications
676
AES
Regulatory Compliance Information
FCC Requirements for Operation in the United States
677
Notification of Compliance Wired
European Union
678
Additional Copyrights
679
Terms
MD5
680
Edoc in Languages of the European Community
Europe EU Declaration of Conformity
681
Language Statement
682
Notification of Compliance Wireless
683
FCC Caution
Important Note Radiation Exposure Statement
Industry Canada
Avertissement
684
685
Interference Reduction Table
686
Index
687
See also
688
DMZ
689
690
691
Blocking 202, 218, 222 setting access exceptions
Logs 469, 508-510traffic statistics
692
LAN
693
694
695
696
697
698
SSL VPN
699
TCP/IP
700
701
Logs 290, 470
702
703
Dhcp 50, 106, 119 ModeConfig
704
