Web Filtering and Content-Filtering Logs | NETGEAR STM150EW-100NAS

ProSecure Unified Threat Management (UTM) Appliance

•IPS Logs

•Anomaly Behavior Logs

•Application Logs

This section describes the log messages that are generated by the content-filtering and security mechanisms.

Web Filtering and Content-Filtering Logs

This section describes logs that are generated when the UTM filters web content.

Table 179. Content-filtering and security logs: web filtering and content filtering

Message	2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
	http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
	SizeLimit Block
Explanation	Logs that are generated when web content is blocked because the allowed size
	limit is exceeded. The message shows the date and time, protocol, domain, user,
	client IP address, server IP address, URL, reason for the action, and the action that
	is taken.

Recommended Action	None.

Message	2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
	http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
	URL Block

Explanation	Logs that are generated when web content is blocked because an access violation
	of a blocked web category occurs. The message shows the date and time, protocol,
	domain, user, client IP address, server IP address, URL, reason for the action, and
	the action that is taken.
Recommended Action	None.

Message	2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
	http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
	FileType Block

Explanation	Logs that are generated when web content is blocked because an access violation
	of a blocked web file extension occurs. The message shows the date and time,
	protocol, domain, user, client IP address, server IP address, URL, reason for the
	action, and the action that is taken.

Recommended Action	None.

Message	2009-08-01 00:00:01 HTTP ldap_domain ldap_user 192.168.1.3 192.168.35.165
	http://192.168.35.165/testcases/files/virus/normal/%b4%f3%d3%da2048.rar
	Proxy Block
Explanation	Logs that are generated when web content is blocked because of a proxy violation.
	The message shows the date and time, protocol, domain, user, client IP address,
	server IP address, URL, reason for the action, and the action that is taken.
Recommended Action	None.

System Logs and Error Messages

659

Image 659

NETGEAR STM150EW-100NAS, UTM5EW-100NAS manual Web Filtering and Content-Filtering Logs, 659

Contents

ProSecure Unified Threat Management UTM Appliance ProSecure Unified Threat Management UTM Appliance ProSecure Product Updates ProSecure Forum Revision HistorySupport Trademarks Configure Quarantine Settings, Query and Manage Settings and Technical SpecificationsUpdated Features That Reduce Traffic and Features That Application control see Configure Application Control Added the Requirements for Entering IP Addresses Appendix B, Wireless Network Module for the UTM9S UTM25SConfigure Distributed Spam Analysis section Contents Manually Configure Internet and WAN Settings Firewall Protection Content Filtering and Optimizing Scans Virtual Private Networking Using SSL Connections Network and System Management Troubleshoot and Use Online Support Appendix a xDSL Network Module for the UTM9S and UTM25S Appendix E ReadyNAS Integration Appendix H Default Settings and Technical Specifications Introduction Introduction Key Features and Capabilities Single or multiple exposed hosts Virtual private networks Advanced VPN Support for Both IPSec and SSL Wireless FeaturesDSL Features Stream Scanning for Content Filtering Powerful, True Firewall Autosensing Ethernet Connections with Auto Uplink Security Features Extensive Protocol Support Easy Installation and Management UTM model comparison Maintenance and SupportModel Comparison Network Modules and Broadband Adapters Service Registration Card with License Keys Hardware Features Package Contents Test LED Right WAN LED Right LAN LEDs Power LEDFront Panel UTM5 and UTM10 USB port Left LAN LEDs Test LED Right LAN LEDs Right WAN LEDs LEDs Front Panel UTM25Front Panel UTM50 USB port Left LAN LEDs Left WAN LEDs Active Active WAN LEDs Test LED Right LAN LEDs Right WAN LEDs Power LED Left LAN LEDs Left WAN LEDs USB portFront Panel UTM150 LEDs Right WAN LEDs Test LED Right LAN LEDs Test LED Right LAN LEDs Power LED Left WAN LEDs Slot Left LAN LEDs USB portFront Panel UTM9S and UTM25S and Network Modules Active WAN LEDs XDSL Network Modules Wireless Network Modules Activity Description LED Descriptions, UTM5, UTM10, UTM25, UTM50, and UTM150LED descriptions UTM5, UTM10, UTM25, UTM50, and UTM150 WAN ports Activity Description LAN portsDMZ LED USB LED LED Descriptions, UTM9S, UTM25S, and their Network ModulesLED descriptions UTM9S and UTM25S XDSL network modules Wireless network moduleRear Panel UTM5, UTM10, and UTM25 Receptacle Port Factory Defaults Security lockReset button Receptacle Rear Panel UTM50 and UTM150 Switch Security lock AC power Receptacle Factory DefaultsReset button Console switch Power Bottom Panels with Product Labels ProSecure Unified Threat Management UTM Appliance ProSecure Unified Threat Management UTM Appliance Choose a Location for the UTM Use the Rack-Mounting Kit Steps for Initial Connection Use the Setup Wizard to Provision UTM in Your Network Requirements for Entering IP Addresses Use the Setup Wizard to Provision the UTM in Your NetworkLog In to the UTM Qualified Web Browsers ProSecure Unified Threat Management UTM Appliance Web Management Interface Menu Layout ProSecure Unified Threat Management UTM Appliance ProSecure Unified Threat Management UTM Appliance  To start the Setup Wizard Use the Setup Wizard to Perform the Initial Configuration Setup Wizard of 10 LAN Settings Dhcp Setting Description LAN TCP/IP Setup DNS Proxy Setting Description Setting Description Inter Vlan Routing Setup Wizard of 10 WAN Settings ISP Type Setup Wizard WAN Settings screen settingsSetting Description ISP Login Dhcp See Configure Load Balancing Multiple WAN Port ModelsInternet IP Address ISP Get Automatically from ISP radio button Setup Wizard of 10 System Date and TimeDomain Name Server DNS Servers For Daylight Savings Time check box Setup Wizard of 10 ServicesSetup Wizard System Date and Time screen settings Setting Description Set Time, Date, and NTP Servers Web Setup Wizard Services screen settings Setting Description Action Setup Wizard of 10 Email SecuritySetup Wizard Email Security screen settings Scan Exceptions Setup Wizard of 10 Web Security Http Setup Wizard of 10 Web Categories to Be Blocked Blocked Categories Time of Day Setup Wizard Web Categories to be blocked screen settingsSetting Description Blocked Web Categories Blocked Categories Scheduled Days Setup Wizard Email Notification screen settings Setup Wizard of 10 Email Notification Setting Description Update Settings Setup Wizard of 10 Signatures & EngineSetup Wizard Signatures & Engine screen settings Https Proxy Settings Setup Wizard of 10 Saving the ConfigurationSetting Description Update Frequency Use the Web Management Interface to Activate Licenses Register the UTM with Netgear ProSecure Unified Threat Management UTM Appliance Click Retrieve Info Electronic Licensing To retrieve and display the registered information Test Http Scanning Verify Correct InstallationWhat to Do Next Test Connectivity ProSecure Unified Threat Management UTM Appliance Manually Configure Internet and WAN Settings  Complete these steps Internet and WAN Configuration TasksManually Configure Internet and WAN Settings ProSecure Unified Threat Management UTM Appliance ProSecure Unified Threat Management UTM Appliance Pptp Connection method Manual data input required If the automatic ISP configuration fails Manually Configure the Internet ConnectionIf the automatic ISP configuration is successful Pptp and PPPoE settings Balancing Multiple WAN Port Models on page 86 . To use load Identifier check box DNS server settings If the manual ISP configuration fails If the manual ISP configuration is successful Overview of the WAN Modes Configure the WAN Mode Configure Network Address Translation All Models Configure Classical Routing All Models  To configure auto-rollover mode Configure Auto-Rollover Mode Setting Description WAN Failure Detection Method Configure the Failure Detection Method To configure the failure detection method Failure detection method settings Ping  To configure load balancing Configure Load Balancing Multiple WAN Port Models Configure Protocol Binding Optional Change Group Names in the Network Database on Add Protocol Binding screen settingsScreen see Outbound Rules Service Blocking on  To edit a protocol binding Configure Secondary WAN Addresses  To add a secondary WAN address to a WAN interface  To delete one or more secondary addresses Configure Dynamic DNS  To configure Ddns DNS service settings Click Apply to save your configuration Set the UTM’s MAC Address and Configure Advanced WAN Options Setting Description MTU Size Advanced WAN settings Failure Detection Method Setting Speed DescriptionUpload/Download Settings 1000BaseT FullDuplex. Gigabit Ethernet Router’s MAC Address Additional WAN-Related Configuration Tasks Manage Virtual LANs and Dhcp Options LAN Configuration Port-Based VLANs LAN Configuration 100 Assign and Manage Vlan Profiles 101 Vlan Dhcp Options 102 Dhcp ServerDhcp Relay DNS Proxy 103 Configure a Vlan ProfileLdap Server  To add or edit a Vlan profile 104 Port Membership Edit Vlan Profile screen settingsSetting Description Vlan Profile 105 106 107  To edit a Vlan profile Configure Vlan MAC Addresses and Advanced LAN Settings To enable, disable, or delete one or more Vlan profiles  To configure a Vlan to have a unique MAC address 109 Configure Multihome LAN IP Addresses on the Default 110  To add a secondary LAN IP address 111 Manage Groups and Hosts LAN Groups To edit a secondary LAN IP address  To delete one or more secondary LAN IP addresses 112 Manage the Network Database 113 Modify Computers or Devices in the Network Database Known PCs and devices settingsSetting Description Name Add Computers or Devices to the Network Database 115 Change Group Names in the Network DatabaseDelete Computers or Devices from the Network Database  To edit the names of any of the eight available groups 116 Set Up Address Reservation 117 Configure and Enable the DMZ Port To enable and configure the DMZ port 118 DMZ Setup screen settingsSetting Description DMZ Port Setup 119 120 121 Configure Static RoutesManage Routing  To add a static route to the Static Route table 122 Add Static Route screen settings  To delete one or more routes Configure Routing Information Protocol To enable and configure RIP Select Network Config Routing  To edit a static route that is in the Static Routes table 124 RIP Configuration screen settings 125 Authentication for RIP-2B/2M 126 Static Route Example 127 About Firewall Protection 128 Administrator TipsFirewall Protection 129 Outbound Rules Service BlockingNumber of supported firewall rule configurations Block always Setting Description Outbound RulesOutbound rules overview 130 Groups and Hosts LAN Groups on 131 132 Service Profiles on NAT IP Inbound Rules Port Forwarding133 134 135 Setting Description Inbound Rules 136 137 Quality of Service Profiles on 138 Order of Precedence for Rules 139 Configure LAN WAN Rules To change the default outbound policy 140 Create LAN WAN Outbound Service Rules To change an existing outbound or inbound service rule  To enable, disable, or delete one or more rules 141 Create LAN WAN Inbound Service Rules To create an inbound LAN WAN service rule 142 Configure DMZ WAN Rules 143  To delete or disable one or more rules 144 Create DMZ WAN Outbound Service RulesCreate DMZ WAN Inbound Service Rules 145 Configure LAN DMZ Rules To create an inbound DMZ WAN service rule 146  To create an inbound LAN DMZ service rule Create LAN DMZ Outbound Service RulesCreate LAN DMZ Inbound Service Rules  To create an outbound LAN DMZ service rule 148 Examples of Firewall RulesInbound Rule Examples LAN WAN Inbound Rule Host a Local Public Web Server 149 150 Netgear UTM 151  To configure the UTM for additional IP addresses 152 LAN WAN or DMZ WAN Inbound Rule Specify an Exposed Host 153 Outbound Rule ExampleLAN WAN Outbound Rule Block Instant Messenger 154 Configure Other Firewall FeaturesVlan Rules  To create a Vlan rule 155 Add VLAN-VLAN Service screen settingsAdd Customized Services on 156  To delete or disable one or more Vlan rules To edit a Vlan rule 157 Attack Checks screen settingsSetting Description WAN Security Checks Attack Checks, VPN Pass-through, and Multicast Pass-through 158 Configure Multicast Pass-Through To configure multicast pass-through Setting Description LAN Security Checks 159  To delete one or more multicast source addresses  To enable and configure session limitsSession Limit screen settings Set Session Limits 161  To enable ALG for SIP and VPN scanningSession Timeout 162 163 Add Customized Services 164  To add a customized serviceServices screen settings  To create a service group Create Service Groups To edit a service  To delete one or more services 166  To edit a service group 167 Create IP Groups To create an IP group 168  To delete an IP group 169 Create Quality of Service Profiles To create a QoS profile 170 Add QoS Profile screen settings  To delete one ore more QoS profiles Default High Medium High LowCreate Bandwidth Profiles  To edit a QoS profile 172  To add and enable a bandwidth profile 173 Add Bandwidth Profile screen settings 174 Create Traffic Meter Profiles To edit a bandwidth profile  To delete one or more bandwidth profiles 175  To add a traffic meter profile 176 Add Traffic Meter Profile screen settings  To add a schedule Set a Schedule to Block or Allow Specific Traffic To edit a traffic meter profile  To delete one or more traffic meter profiles Scheduled Days Add Schedule screen settings178  To delete one or more schedules Enable Source MAC FilteringSetting Description Scheduled Time of Day  To edit a schedule 180  To remove one or more entries from the table 181 Set Up IP/MAC Bindings To set up IP/MAC bindings IP/MAC Bindings IP/MAC Binding screen settingsSetting Description Email IP/MAC Violations 182 183 Configure Port Triggering To edit an IP/MAC binding  To remove one or more IP/MAC bindings from the table 184 Port Triggering screen settings To add a port-triggering rule 185  To edit a port-triggering rule To display the status of the port-triggering rules 186 Configure Universal Plug and Play IPS screen settings Enable and Configure the Intrusion Prevention System To enable intrusion prevention  To configure intrusion prevention 188 Security Category Settings 189 IPS, screen 1 Firewall Protection Attack Name Description Web IPS uncommon attack names190 Misc 191Attack Name Description 192 About Content Filtering and Scans 193 Default Email and Web Scan SettingsDefault email and web scan settings Content Filtering and Optimizing Scans Scan type Default scan setting Default action if applicable Configure Email ProtectionCustomize Email Protocol Scan Settings  To configure the email protocols and ports to scan 195 Protocol Scan Settings on 196 Customize Email Antivirus and Notification Settings To configure the antivirus settings for email traffic 197 Anti-Virus screen settings for email traffic 198 Setting Description Scan ExceptionsNotification Settings SUBJECT%, %FILENAME%, %ACTION%, %VIRUSNAME% Email Content FilteringSetting Description Email Alert Settings 199 200 201 Email Filters screen settingsSetting Description Email Filters Filter by Password-Protected Attachments ZIP, RAR, etc Filter by File Name Setting Description Filter by File TypeProtect Against Email Spam 202 203 Set Up the Whitelist and Blacklist 204  To configure the whitelist and blacklist 205 Whitelist/Blacklist screen settings 206 Configure the Real-Time Blacklist To enable the real-time blacklist  To add a blacklist provider to the real-time blacklist 207 Configure Distributed Spam Analysis 208 Distributed Spam Analysis screen settingsSetting Description Distributed Spam Analysis Low Medium-Low Anti-Spam Engine Settings209 210 Configure Web and Services ProtectionCustomize Web Protocol Scan Settings Setting Description Send Quarantine Spam Report 211  To configure the web protocols and ports to scan 212 Configure Https Smart Block 213 Add or Edit Https Smart Block Profile settings 214 215  To change a profile 216 Configure Web Malware or Antivirus Scans Html Scan Anti-Virus screen settings for HTTP/HTTPS traffic217 Scan Exception 218 Configure Web Content Filtering 219  To configure web content filtering 220 221 Content Filtering screen settingsSetting Description Content Filtering Block Web Objects 222Full-Text Search Performance Management on 223 URL Configure Web URL FilteringSetting Description Web Category Lookup 224 225  To configure web URL filtering Blacklist URL Filtering screen settingsSetting Description Whitelist 226 URL% 227 228 Configure Https Scanning and SSL CertificatesHow Https Scanning Works 229 230 Configure the Https Scan Settings To configure the Https scan settings Https Settings screen settings 231 Manage SSL Certificates for Https Scanning 232 Manage the Active Https Certificate 233 Manage Trusted Https Certificates Manage Untrusted Https Certificates 235 Specify Trusted Hosts for Https Scanning To delete an untrusted certificate  To specify trusted hosts 236 Trusted Hosts screen settings 237 Configure the SSL Settings for Https Scanning To configure the SSL settings for Https scanning SSL Settings screen settings Anti-Virus screen settings for FTP Configure FTP ScanningCustomize FTP Antivirus Settings  To configure the antivirus settings for FTP traffic 239 Configure FTP Content Filtering To configure the FTP filters Setting Description Scan Exception 240 Configure Application Control 241 242 243 244 To select one or more categories of applicationsTo select one or more individual applications To search for an application 245 Meter Profiles on Application Control Policy pop-up screen settingsSetting Description Policy for a category of applications 246 247  To change an existing application control profile 248 Set Exception Rules for Web and Application Access To delete one or more application control profiles 249  To set web access exception rules 250 Application 251 File ExtensionHttps Smart Block 252 Add or Edit Exceptions screen settingsURL Filtering Web Category 253 Ldap See Configure Radius VLANs on254 Delete Groups on To search for an application 255To select a category of applications To select a single application 256 For Exceptions for Web and Application Access on 257  To disable, enable, or delete one or more exception rules To change an existing exception rule 258  To create and manage custom categories 259 Custom categories applications To select one or more individual applications Custom Categories screen settings260 To select one or more categories of applications To add a URL 261To remove one or more categories or applications from Applications in this Category table  To delete one or more custom categories  To configure scanning exclusion rulesSet Scanning Exclusions for IP Addresses and Ports  To change an existing custom category 263 Scanning Exclusion screen settings 264 Virtual Private Networking 265 IP addressing for VPNs in dual WAN port systems 266 Create Gateway-to-Gateway VPN Tunnels with the Wizard 267 SHA-1 Setting Default Value IKE policy268 3DES 269 IPSec VPN Wizard settings for a gateway-to-gateway tunnel 270 Setting Description Secure Connection Remote Accessibility 271 Create a Client-to-Gateway VPN Tunnel 272 Fqdn IPSec VPN Wizard settings for a client-to-gateway tunnelSelect the VPN Client radio button. The default remote Fqdn 273 274 Component Example Information to be collected Information required to configure the VPN client275 276 277 278 NAT-T VPN client advanced authentication settingsSetting Description Advanced features 279 280 281  To create new authentication settingsType vpnclient IKE VPN client authentication settings282 10.34.116.22 283 284  To create an IPSec configurationSetting Description Local and Remote ID Type netgearplatform ESP VPN client IPSec configuration settings285 286  To specify the global parameters 287 Test the Netgear VPN Client Connection 288 Click Gateway-Tunnel, and press Ctrl+O 289 Netgear VPN Client Status and Log InformationView the UTM IPSec VPN Connection Status 290 View the UTM IPSec VPN Log To query the IPSec VPN log IPSec VPN Connection Status screen information 291 Manage IPSec VPN and IKE Policies 292  To access the IKE Policies screenManage IKE Policies IKE Policies Screen 293 List of IKE Policies table information 294 Manually Add or Edit an IKE Policy To delete one or more IKE polices  To add an IKE policy manually 295 General Add IKE Policy screen settingsSetting Description Mode Config Record 296 IKE SA Parameters 297Remote 298 299 Setting Description Extended Authentication To edit an IKE policy 300 Manage VPN PoliciesVPN Policies Screen 301 List of VPN Policies table information  To add a VPN policy manually  To enable or disable one or more VPN policiesManually Add or Edit a VPN Policy  To delete one or more VPN polices 303 304 Add New VPN Policy screen settingsSetting Description General Manual Policy Parameters Configure Keep-Alives305 Traffic Selection 306 307 Setting Description Auto Policy Parameters 308 Configure Extended Authentication Xauth To edit a VPN policy 309 Configure Xauth for VPN Clients To enable and configure Xauth Extended authentication settings 310 User Database ConfigurationRadius Client and Server Configuration  To configure primary and backup Radius servers Connection Configuration Radius Client screen settingsSetting Description Primary Radius Server Backup Radius Server 312 Assign IP Addresses to Remote Users Mode ConfigMode Config Operation Configure Mode Config Operation on the UTM 313  To configure Mode Config on the UTM 314 Add Mode Config Record screen settingsSetting Description Client Pool Traffic Tunnel Security Level 315 316 317 Select Group 2 1024 bit Setting Description IKE SA Parameters318 319 Configure the ProSafe VPN Client for Mode Config OperationUser Database Configuration on 320 321 Type GWModeConfig 322 VPN client authentication settings Mode Config 323 Type TunnelModeConfigVPN client advanced authentication settings Mode Config Enter VPN client IPSec configuration settings Mode Config324 325 Configure the Mode Config Global Parameters 326 Test the Mode Config Connection 327 Modify or Delete a Mode Config Record To edit a Mode Config record  To delete one or more Mode Config records 328 Configure Keep-Alives and Dead Peer DetectionConfigure Keep-Alives 329 Configure Dead Peer Detection To configure DPD on a configured IKE policy Keep-alive settings 330 Configure NetBIOS Bridging with IPSec VPN To enable NetBIOS bridging on a configured VPN tunnel Dead Peer Detection settings 331 Configure the Pptp Server 332 Pptp Server screen settingsSetting Description Pptp Server 333 Setting Description AuthenticationView the Active Pptp Users  To view the active Pptp tunnel users Pptp IP Configure the L2TP ServerPptp Active Users screen information 334 335 L2TP Server screen settingsSetting Description L2TP Server L2TP Active Users screen information For More IPSec VPN InformationView the Active L2TP Users  To view the active L2TP tunnel users 337 SSL VPN Portal Options 338 Build a Portal Using the SSL VPN WizardVirtual Private Networking Using SSL Connections  To start the SSL VPN Wizard 339 SSL VPN Wizard of 6 Portal Settings 340 SSL VPN Wizard of 6 screen settings portal settingsSetting Description Portal Layout and Theme Name 6 Port Forwarding on 341SSL VPN Portal Pages to Display Wizard of 6 Client IP Addresses and Routes on 342 SSL VPN Wizard of 6 Domain Settings Radius Client SSL VPN Wizard of 6 screen settings domain settingsServer Configuration 343 344 Display name in the dn format. For example Windows login account name in email format. For345 346 347 SSL VPN Wizard of 6 User SettingsSSL VPN Wizard of 6 screen settings user settings 348 SSL VPN Wizard of 6 Client IP Addresses and Routes Add Routes for VPN Tunnel Clients Setting Description Client IP Address Range349 350 Setting Description Add New Application for Port ForwardingSSL VPN Wizard of 6 Port Forwarding Add New Host Name for Port Forwarding SSL VPN Wizard of 6 Verify and Save Your Settings351 SSH 352 353 Access the New SSL VPN Portal 354 355 356 View the UTM SSL VPN Connection Status 357 Manually Configure and Modify SSL PortalsView the UTM SSL VPN Log  To query the SSL VPN log 358 359 Manually Create or Modify the Portal Layout To create an SSL VPN portal layout 360 361 Add Portal Layout screen settings  To delete one or more portal layouts Configure Domains, Groups, and UsersSetting Description SSL VPN Portal Pages to Display  To edit a portal layout 363 Configure Applications for Port ForwardingAdd Servers and Port Numbers  To add a server and a port number TCP application Port number  To add servers and host names for client name resolutionAdd a Host Name 364 365 Configure the SSL VPN ClientFully Qualified Domain Name. The full server name 366 Configure the Client IP Address RangeSSL VPN Client screen settings  To define the client IP address range 367 Add Routes for VPN Tunnel Clients To add an SSL VPN tunnel client route 368 Configure the Advanced SSL VPN Client Settings To change the LCP time-out 369 Use Network Resource Objects to Simplify PoliciesAdd New Network Resources  To define a network resource  To edit network resources Resources screen settings to edit a resourceEdit Network Resources to Specify Addresses  To delete one or more network resources 371 Configure User, Group, and Global Policies 372 Global Default Policy  To add an SSL VPN policy View PoliciesAdd a Policy  To view the existing policies Add SSL VPN Policies Add SSL VPN Policy screen settingsSetting Description Policy For 374 Resource Objects to Simplify Policies on 375 376  To edit an SSL VPN policy 377 For More SSL VPN Information To delete one or more SSL VPN policies 378 Authentication Process and Options 379 External authentication protocols and methodsManage Users, Authentication, and VPN Certificates Authentication Description Protocol or method 380 Configure Authentication Domains, Groups, and UsersLogin Portals Administrative Users and Users with Guest Privileges 381 Users with Special Access Privileges 382 383 384 Active Directories and Ldap ConfigurationsUnauthenticated or Anonymous Users How an Active Directory Works 385 How to Bind a DN in an Active Directory Configuration 386 387 Select Users Domains 388 Configure DomainsCreate and Delete Domains  To create a domain 389 390 Add Domain screen settings 391 392 393  To edit a domain Configure GroupsEdit Domains  To delete one or more domains 395 Create and Delete Groups To create a VPN group  To edit a VPN group Groups screen settingsEdit Groups  To delete one or more groups 397 Configure Custom Groups To create and manage custom groups 398 399 Add Custom Group screen settings 400  To change an existing custom group To delete one or more custom groups 401 Configure User Accounts To create an individual user account 402 403 Add User screen settingsSee Configure Extended Authentication Xauth on  To delete one or more user accounts 404 Set User Login PoliciesConfigure Login Policies  To configure user login policies 405 Configure Login Restrictions Based on IP Address To restrict logging in based on IP address  To restrict logging in based on the user’s browser Configure Login Restrictions Based on Web BrowserBy Source IP Address screen settings  To delete one or more addresses 407 Internet Explorer Opera Netscape Navigator To delete one or more browsers 408 Change Passwords and Other User Settings To modify user settings, including passwords 409 Edit User screen settingsConfigure Extended Authentication Xauth on DC Agent 410 411  To download ProSecure DC Agent software and add a DC agent 412  To configure AD SSO with a DC agentDC Agent screen settings  To edit a DC agent 413 414 415 Configure Radius VLANs To do so, follow this procedure  To configure a Radius Vlan 416 Configure Global User Settings 417 View and Log Out Active Users To log out all active users 418 Active Users screen settings To view all or selected users 419 Manage Digital Certificates for VPN Connections 420 VPN Certificates Screen 421 Manage CA Certificates To view and upload trusted certificates 422 Manage Self-Signed Certificates To delete one or more digital certificates 423 512 1024 2048 Generate self-signed certificate request settings424 425  To delete one or more self-signed certificates Manage the Certificate Revocation ListView and Manage Self-Signed Certificates  To delete one or more SCRs 427  To delete one or more CRLs 428 Performance ManagementBandwidth Capacity 429 Features That Reduce TrafficNetwork and System Management 430 431 Content Filtering 432 Features That Increase TrafficSource MAC Filtering 433 434 Configure the DMZ PortPort Triggering Assign QoS Profiles Configure Exposed HostsConfigure VPN Tunnels Use QoS and Bandwidth Assignments to Shift the Traffic Mix 436 Change Passwords and Administrator and Guest SettingsSystem Management Monitoring Tools for Traffic Management 437 438 Configure Remote Management Access To configure the UTM for remote management 439 Https//IPaddress or https//FullyQualifiedDomainName 440 Use a Simple Network Management Protocol Manager 441 442 Global Snmp settings and SNMPv1/v2c settingsSetting Description Snmp Global Settings SNMPv1/v2c Settings 443  To configure the SNMPv3 settingsSNMPv3 settings Setting Description SNMPv3 Settings 444  To delete one or more SNMPv3 user profiles Manage the Configuration FileRestore Settings  To edit an SNMPv3 user profile 446 Back Up Settings To back up settings 447 Restore SettingsRevert to Factory Default Settings 448 Update the FirmwareView the Available Firmware Versions 449 Firmware screen, available versions 450 Click Install Downloaded Firmware 451  To download the latest firmware for your UTM 452 453 454 Update the Scan Signatures and Scan Engine FirmwareReboot without Changing the Firmware  To reboot the UTM without changing the firmware 455 456 Configure Date and Time ServiceConfigure Automatic Update and Frequency Settings Signatures & Engine screen settings 457 System Date & Time screen settingsAdjust for Daylight Savings Time check box  To set time, date, and NTP servers 458 Connect to a ReadyNAS and Configure Quarantine Settings 459 Log StorageConnect to a ReadyNAS  To connect to the ReadyNAS on the UTM 460 Configure the Quarantine Settings To configure the quarantine settings ReadyNAS Integration screen settings 461 Quarantine settingsUnauthenticated or Anonymous Users on 462 Enable the WAN Traffic Meter 463 Monitor System Access and Performance Event Notifications on Setting Description Enable Traffic Meter464 Traffic Counter 465 Setting Description When Limit is reached 466 Configure Logging, Alerts, and Event NotificationsConfigure the Email Notification Server  To configure the email notification server 467 Configure and Activate System, Email, and Syslog LogsEmail Notification screen settings 468  To configure and activate logs 469 Email and Syslog screen settingsSetting Description System Logs Option Email Logs to Administrator Send Logs via Syslog Logs screen see Configure and Activate Firewall Logs on470 471 How to Send Syslogs over a VPN Tunnel between SitesConfigure Gateway 1 at Site Setting Description Clear the Following Logs Information 472 Configure Gateway 2 at Site To change the remote IP address in the VPN policy  To change the local IP address in the VPN policy 473 Configure and Activate Update Failure and Attack Alerts To configure and activate the email alerts  To specify the syslog server that is connected to Gateway 474 Alerts screen settings FILENAME%, %ACTION%, %VIRUSNAME% 475TIME%, %PROTOCOL%, %FROM%, %TO%, %SUBJECT% 476 Configure and Activate Firewall Logs To configure and activate firewall logs 477 Setting Description Routing LogsMonitor Real-Time Traffic, Security, and Statistics 478 Dashboard, screen 1 Total Threats  To set the poll intervalDashboard screen threats and traffic information 479 Total Traffic Bytes 480Threats Counts 481 Enable and Configure the Intrusion 482 Dashboard screen service statistics information RBL Spam blacklist see Set Up the Whitelist and Blacklist onMonitor Application Use in Real Time 483 484 485  To set the monitoring period To filter the information that is displayed onscreen Application Dashboard screen 486 View Status ScreensView the System Status Status Description View the System Status ScreenSystem Status screen fields 487 System Information Scan Settings onView the Network Status Screen 488 LAN Vlan Information Available Access Points TableNetwork Status screen fields 489 Ssid View the Router Statistics Screen To view the Router Statistics screen 490 491 View the Wireless Statistics Screen UTM9S and UTM25S Only To view the Wireless Statistics screen Router Statistics screen fields AP Statistics Wireless Statistics screen fields492 Radio Statistics Details 493 View the Detailed Status Screen 494 495 LAN Port ConfigurationConfigure and Enable the DMZ Port on Detailed Status screen fields 496 SettingsMAC Address and Configure Manually Configure the Internet 497 Wireless information in SLOT-1 Info or SLOT-2 InfoAccess Points Information Vlan Status screen fields See Configure a Vlan Profile onConfigure a Vlan Profile on View the Vlan Status Screen 499 View the Active VPN UsersView the xDSL Statistics Screen UTM9S and UTM25S Only 500 View the VPN Tunnel Connection Status 501 View the Active Pptp and L2TP Users 502  To view the status of the port-triggering featureView the Port Triggering Status 503 Port Triggering Status pop-up screen information 504 View the WAN, xDSL, or USB Port Status To view the status of a WAN, xDSL, or USB port Connection Status pop-up screen information 505 View Attached Devices and the Dhcp LeasesView Attached Devices  To view the attached devices in the LAN Groups screen 506 507 Query and Manage the LogsView the Dhcp Leases  To view the Dhcp leases 508 Overview of the Logs 509 Query and Download Logs To query and download logs 510 Logs Query screen settings 511 512 513 EMERG, ALERT, CRITICAL, ERROR, WARNING, NoticeExample Use the Logs to Identify Infected Clients  To identify infected clients 514 Query and Manage the Quarantine LogsLog Management 515 Query the Quarantined Logs To query the quarantine logs 516 Quarantine screen settings 517 View and Manage the Quarantined Spam Table 518 View and Manage the Quarantined Infected Files Table 519 Spam Reports for End Users For an end user to send a spam report 520 View, Schedule, and Generate ReportsClick Send Report 521 Enable Application Session Monitoring 522  To configure filtering optionsReport Filtering Options Pie Report screen filtering options settings523 Horizontal Bar 524 Use Report Templates and View Reports Onscreen To display the report templates and view reports onscreen 525 Report screen report template information 526 IPS & Application 527 Email Activity 528 System Schedule, Email, and Manage Reports To schedule automatic generation and emailing of reports 529 530 Report screen schedule report settingsSetting Description Schedule Reports Managing Saved Reports 531 Use Diagnostics Utilities 532 Use the Network Diagnostic ToolsSend a Ping Packet  To send a ping Look Up a DNS Address Use the Real-Time Traffic Diagnostics ToolTrace a Route Display the Routing Table 534  To use the real-time traffic diagnostics tool 535 Gather Important Log InformationGenerate Network Statistics  To gather log information about your UTM 536 Perform Maintenance on the USB DeviceReboot and Shut Down the UTM 537 538 Troubleshoot and Use Online Support Test LED Never Turns Off Power LED Not OnBasic Functioning Verify the Correct Sequence of Events at Startup 540 Troubleshoot the Web Management InterfaceLAN or WAN Port LEDs Not On 541 When You Enter a URL or IP Address, a Time-Out Error OccursTroubleshoot the ISP Connection 542  To check the WAN IP address 543 Troubleshoot a TCP/IP Network Using a Ping UtilityTest the LAN Path to Your UTM Ping 544 Test the Path from Your Computer to a Remote DevicePing -n 10 IP address 545 Restore the Default Configuration and Password  To initiate the support tunnel Problems with Date and TimeEnable Remote Troubleshooting Use Online Support 547 Send Suspicious Files to Netgear for Analysis To submit a file to Netgear for analysis 548 Access the Knowledge Base and DocumentationMalware Analysis screen settings 549 XDSL Network Module for the UTM9S UTM25S 550 XDSL Network Module Configuration TasksConfigure the xDSL Settings XDSL Network Module for the UTM9S and UTM25S 551  To configure the xDSL settings 552 XDSL settingsSetting Description XDSL Settings VCI 553VPI 554 555 561, and Troubleshoot the ISP Connection on 556 Manually Configure the xDSL Internet Connection 557 558 PPPoE and PPPoA settings ATM Ipoa 559 560 561 562 Configure Network Address Translation 563 Configure Classical Routing 564 565 566 Configure Load Balancing and Optional Protocol Binding 567 Configure Load Balancing 568 569 570 571  To add a secondary WAN address to the DSL interface 572 573 574 Setting Description SLOT-x Dynamic DNS Status 575 576 Advanced DSL settingsDefault Address radio button 577 578 Wireless Network Module for UTM9S and UTM25S Wireless Network Module for the UTM9S and UTM25S Overview of the Wireless Network ModuleConfiguration Order Wireless Equipment Placement and Range Guidelines 580 Configure the Basic Radio Settings To configure the basic radio settings Field Descriptions Radio Settings screen settings581 582 583 Operating Frequency Channel Guidelines 584 Wireless Data Security Options 585 Wireless Security Profiles 586 Network authenticationData encryption 587 Before You Change the SSID, WEP, and WPA SettingsWPA Radius settings WPA2 Radius settings 588 Configure and Enable Wireless Profiles To add a wireless profile Wireless Profiles screen settings 589 Add Wireless Profiles screen settingsField Description Profile Configuration Security Options on 590 WEP Index and Keys 591Tkip TKIP+AES 592  To enable or disable one or more wireless profiles Restrict Wireless Access by MAC Address To edit a wireless profile  To delete one or more wireless profiles 594 595 Connected Clients Configure a Wireless Distribution SystemAccess Point Status screen fields 596 597  To enable and configure WDS 598 Configure Advanced Radio Settings To configure WDS on a peer  To configure advanced radio settings 599 Advanced Wireless screen settings 600 Configure WMM QoS Priority Settings 601 602 Test Basic Wireless ConnectivityFor More Information About Wireless Configurations  To test for wireless connectivity 603 3G/4G Dongle Configuration Tasks 604 Manually Configure the USB Internet Connection3G/4G Dongles for the UTM9S and UTM25S 605  To configure the WAN ISP settings for the USB interface 606 USB ISP settingsSetting Description 3G Dongle Details Connection Settings 607 XDSL, or USB Port Status on 608 Configure the 3G/4G Settings To configure the 3G/4G settings 609 4G settingsSetting Description 3GStatus Connection Setting APN 610 611 612 613 614 615 616 617 618 619 620 Setting Description USB Dynamic DNS Status 621 622 What to Consider Before You Begin 623 WAN port Physical facilityInternet Cabling and Computer Hardware Requirements Computer Network Configuration RequirementsInternet Configuration Requirements Where Do I Get the Internet Configuration Information? 625 Internet Connection Information 626 Overview of the Planning Process 627 Inbound Traffic Inbound Traffic Dual WAN Ports for Load Balancing Inbound Traffic to a Single WAN Port SystemInbound Traffic to a Dual WAN Port System Inbound Traffic Dual WAN Ports for Improved Reliability 629 Virtual Private Networks 630 VPN Road Warrior Client-to-Gateway 631 VPN Road Warrior Single-Gateway WAN Port Reference Case 632 VPN Road Warrior Dual-Gateway WAN Ports for Load Balancing 633 VPN Gateway-to-Gateway 634 635 VPN Telecommuter Client-to-Gateway through a NAT RouterVPN Telecommuter Single-Gateway WAN Port Reference Case 636 637 VPN Telecommuter Dual-Gateway WAN Ports for Load Balancing 638 Supported ReadyNAS Models ReadyNAS Integration Install the UTM Add-On on the ReadyNAS To install the UTM add-on on the ReadyNAS Select Add-ons Add New 640 Select Add-ons Installed 641 Connect to the ReadyNAS on the UTM 642 643 644 Why Do I Need Two-Factor Authentication?What Are the Benefits of Two-Factor Authentication?  To use WiKID for end users Netgear Two-Factor Authentication SolutionsWhat Is Two-Factor Authentication? Two-Factor Authentication 646 647 Term Description Log message terms648 649 RebootSystem Log Messages System Startup 650 Login/LogoutSystem logs login/logout System logs NTP WAN Status Auto-Rollover ModeFirewall Restart IPSec Restart ACTIVEWAN2 Load Balancing ModeSystem logs WAN status, auto rollover 652 653 System logs WAN status, PPPoE idle timeoutPPP Logs System logs WAN status, load balancing 654 System logs WAN status, Pptp idle timeout 655 Traffic Metering LogsUnicast, Multicast, and Broadcast Logs 656 Invalid Packet LoggingIcmp Redirect Logs Multicast/Broadcast Logs 657 658 Service LogsContent-Filtering and Security Logs Service logs 659 Web Filtering and Content-Filtering Logs 660 Content-filtering and security logs spamSpam Logs 661 Traffic LogsMalware Logs Email Filter Logs Anomaly Behavior Logs Content-filtering and security logs IPSContent-filtering and security logs anomaly behavior IPS Logs 663 Routing LogsApplication Logs LAN-to-WAN Logs 664 LAN-to-DMZ LogsDMZ-to-WAN Logs WAN-to-LAN Logs 665 DMZ-to-LAN LogsWAN-to-DMZ Logs Routing logs WAN to DMZ 666 Default SettingsUTM default configuration settings Feature Login settings Default behavior 667 Default Settings and Technical SpecificationsFeature Default behavior WAN connections Administrative and monitoring settings IPS Feature Default behavior Firewall and network security668 SIP ALG 669 Feature Application security Default behavior 670 Feature Default behavior 671 Radius settingsSSL VPN settings User, group, and domain settings 672 673 Physical and Technical SpecificationsUTM physical and technical specifications Setting Specification UTM IPSec VPN specificationsFeature Specification Major regulatory compliance Interface specifications Http//prosecure.netgear.com UTM SSL VPN specificationsFeature Description 802.11b/bg/ng wireless specifications 675 AES Feature Description 802.11a/na wireless specifications676 677 Regulatory Compliance InformationFCC Requirements for Operation in the United States 678 Notification of Compliance WiredEuropean Union Terms Additional Copyrights679 MD5 680 Language Statement Europe EU Declaration of ConformityEdoc in Languages of the European Community 681 682 Notification of Compliance Wireless 683 FCC Caution 684 Industry CanadaImportant Note Radiation Exposure Statement Avertissement 685 Interference Reduction Table 686 Index 687 See also 688 DMZ 689 690 691 Blocking 202, 218, 222 setting access exceptions Logs 469, 508-510traffic statistics 692 LAN 693 694 695 696 697 698 SSL VPN 699 TCP/IP 700 701 Logs 290, 470 702 703 Dhcp 50, 106, 119 ModeConfig 704