Using the Setup Wizard to Perform the Initial Configuration. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

ProSecure Web/Email Security Threat Management (STM) Appliance

•

Cancel. Cancel the operation.

•

Send Now. Send a file or report.

When a screen includes a table, table buttons are displayed to let you configure the table entries. The nature of the screen determines which table buttons are shown. The following figure shows an example:

Figure 19.

Any of the following table buttons might be displayed on screen:

•

Select All. Select all entries in the table.

•

Delete. Delete the selected entry or entries from the table.

•

Enable. Enable the selected entry or entries in the table.

•

Disable. Disable the selected entry or entries in the table.

•

Add. Add an entry to the table.

•

Edit. Edit the selected entry.

•

Up. Move the selected entry up in the table.

•

Down. Move the selected entry down in the table.

Almost all screens and sections of screens have an accompanying help screen. To open the help screen, click the question mark icon. ( ).

Using the Setup Wizard to Perform the Initial

Configuration

The Setup Wizard facilitates the initial configuration of the STM by taking you through

11 screens, the last of which allows you to save the configuration.

To start the Setup Wizard:

1.

Select Global Settings > Network Settings from the menu. The Network Settings submenu tabs display with the Network Settings screen in view.

2.

From the Network Settings configuration menu, select Setup Wizard.

The following sections explain the 11 configuration screens of the Setup Wizard. On the 10th screen, you can save your configuration. The 11th screen is just an informational screen.

The tables in the following sections explain the buttons and fields of the Setup Wizard screens. Additional information about the settings in the Setup Wizard screens is provided in other chapters that explain manual configuration; each following section provides a specific link to a section in another chapter.

32 | Chapter 2. Using the Setup Wizard to Provision the STM in Your Network


Setup Wizard Step 1 of 10: Introduction

Figure 20.

The first Setup Wizard screen is just an introductory screen. Click Next to go to the following screen.

Setup Wizard Step 2 of 11: Networking Settings

Figure 21.

Enter the settings as explained in the following table, and then click Next to go the following screen.

Note:

After you have completed the steps in the Setup Wizard, you can make changes to the network settings by selecting Global Settings

> Network Settings. For more information about these network

settings, see

Configuring Network Settings

on page 52.

Chapter 2. Using the Setup Wizard to Provision the STM in Your Network | 33


Table 5. Setup Wizard Step 2: Network Settings

Setting Description (or Subfield and Description)

Management Interface Settings

System Name

IP Address

The name for the STM for purposes of identification and management. The default name is the name of your model (STM150, STM300, or STM600).

Enter the IP address of the STM through which you will access the Web

Management Interface. The factory default IP address is 192.168.1.201.

Subnet Mask

Note:

If you change the IP address of the STM while being connected through the browser, you will be disconnected. You then need to open a new connection to the new IP address and log in again. For example, if you change the default IP address from 192.168.1.201 to 10.0.0.1, you need to enter https://10.0.0.1 in your browser to reconnect to the Web Management Interface.

Enter the IP subnet mask. The subnet mask specifies the network number portion of an IP address. Unless you are implementing subnetting, use 255.255.255.0 as the subnet mask.

Gateway Address

Primary DNS

Secondary DNS

MTU Settings

Enter the IP address of the gateway through which the STM is accessed.

Specify the IP address for the primary DNS server.

As an option, specify the IP address for the secondary DNS server.

Maximum Transmission

Unit

The maximum transmission unit (MTU) is the largest physical packet size that a network can transmit. Packets that are larger than the MTU value are divided into smaller packets before they are sent, an action that prolongs the transmission process. For most Ethernet networks the MTU value is 1500 bytes, which is the default setting.

Note:

NETGEAR recommends synchronizing the STM’s MTU setting with that of your network to prevent delays in transmission.



Setup Wizard Step 3 of 11: Time Zone

Figure 22.


Note:

After you have completed the steps in the Setup Wizard, you can make changes to the date and time by selecting Administration >

System Date & Time. For more information about these settings,

see

Configuring Date and Time Service

on page 74.

Table 6. Setup Wizard Step 3: System Date and Time Settings


System Date and Time

From the drop-down list, select an NTP server, or select to enter the time manually.

Use Default NTP Servers The STM regularly updates its real-time clock (RTC), which it uses for scheduling, by contacting a default NETGEAR NTP server on the Internet. This is the default setting.



Table 6. Setup Wizard Step 3: System Date and Time Settings (Continued)


Use Custom NTP Servers The STM regularly updates its RTC by contacting one of the two NTP servers

(primary and backup), both of which you need to specify in the fields that become available when you select this option.

Note:

If you select this option but leave either the Server 1 or Server 2 field blank, both fields are automatically set to the default NETGEAR NTP servers.

Note:

A list of public NTP servers is available at

http://support.ntp.org/bin/view/Servers/WebHome

.

Server 1 Name /

IP Address

Enter the IP address or host name of the primary NTP server.

Server 2 Name /

IP Address

Enter the IP address or host name of the secondary NTP server.

Manually Enter the Date and Time

Date

Time

Enter the date in the yyyy-mm-dd (year-month-date) format.

Enter the time in the hh-mm-ss (hour-minutes-seconds) format.

Time Zone

From the drop-down list, select the local time zone in which the STM operates. The correct time zone is required in order for scheduling to work correctly. You do not need to configure daylight savings time, which is applied automatically when applicable. Greenwich Mean Time (GMT) is the default setting.

Note:

When you select a time zone that is not associated with a location, such as (GMT -08:00) GMT-8, daylight savings time is automatically disabled. When you select a time zone that is associated with a location, such as

(GMT -08:00) Pacific Time ( US & Canada), daylight savings time is automatically enabled.



Setup Wizard Step 4 of 11: Email Security

Figure 23.


Note:

After you have completed the steps in the Setup Wizard, you can make changes to the email security settings by selecting Email

Security > Policy or Email Security > Anti-Virus. The Email

Anti-Virus screen also lets you specify notification settings and email alert settings. For more information about these settings, see

Configuring Email Protection

on page 87.

Tip:

To enhance performance, you can disable scanning of any protocols that are seldom or never used. Be mindful of the difference between user- and server-generated traffic. For example, your mail server might not use

IMAP, but some users might configure IMAP clients.



Table 7. Setup Wizard Step 4: Email Security Settings


Services to Scan

SMTP

POP3

SMTP scanning is enabled by default on standard service port 25.

POP3 scanning is enabled by default on standard service port 110.

To disable any of these services, clear the corresponding check box. You can change the standard service port or add another port in the corresponding Ports to Scan field.

IMAP

Scan Action

SMTP From the SMTP drop-down list, specify one of the following actions to be taken when an infected email is detected:

• Quarantine attachment. The email is not blocked, but the attachment is removed and placed in the malware quarantine for further research. In addition, a malware quarantine log entry is created, and depending on the nature of the malware threat, also a virus log entry or a spyware log entry.

• Delete attachment. The email is not blocked, but the attachment is deleted, and a virus log entry or a spyware log entry is created.

• Block infected email. This is the default setting. The email is blocked, and a virus log entry or a spyware log entry is created.

• Quarantine infected email. The email is placed in the malware quarantine for further research.

In addition, a malware quarantine log entry is created, and depending on the nature of the malware threat, also a virus log entry or a spyware log entry.

• Log only. Only a virus log entry or a spyware log entry is created. The email is not blocked and the attachment is not deleted.

POP3

IMAP scanning is enabled by default on standard service port 143.

IMAP

From the POP3 drop-down list, specify one of the following actions to be taken when an infected email is detected:


• Delete attachment. This is the default setting. The email is not blocked, but the attachment is deleted, and a virus log entry or a spyware log entry is created.


From the IMAP drop-down list, specify one of the following actions to be taken when an infected email is detected:


• Delete attachment. This is the default setting. The email is not blocked, but the attachment is deleted, and a virus log entry or a spyware log entry is created.




Table 7. Setup Wizard Step 4: Email Security Settings (Continued)


Scan Exceptions

From the drop-down list, specify one of the following actions to be taken when an email attachment exceeds the size that you specify in the file size field:

• Skip. The file is not scanned but skipped, leaving the end user vulnerable. This is the default setting.

• Block. The file is blocked and does not reach the end user.

The default and maximum file sizes are as follows:

• For the STM600, the default setting is to block any attachment larger than 10240 KB. The maximum file size that you can specify is 51200 KB.



Note:

Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats.

Setup Wizard Step 5 of 11: Web Security

Figure 24.




Note:

After you have completed the steps in the Setup Wizard, you can make changes to the Web security settings by selecting Web

Security > Policy or Web Security > HTTP/HTTPS > Malware

Scan. The Malware Scan screen also lets you specify HTML

scanning and notification settings. For more information about these settings, see

Configuring Web and Services Protection

on page 105.

Table 8. Setup Wizard Step 5: Web Security Settings


Services to Scan

HTTP

HTTPS

HTTP scanning is enabled by default on standard service port 80.

To disable Hypertext Transfer Protocol (HTTP) scanning, clear the corresponding check box. You can change the standard service port or add another port in the corresponding Ports to Scan field.

HTTPS scanning is disabled by default.

To enable Hypertext Transfer Protocol over Secure Socket

Layer (HTTPS) scanning, select the corresponding check box. You can change the standard service port (number 443) or add another port in the corresponding Ports to Scan field.

FTP FTP scanning is enabled by default on standard service port 21.

To disable File Transfer Protocol (FTP) scanning, clear the corresponding check box. You can change the standard service port or add another port in the corresponding Ports to

Scan field.

Scan Action

HTTP From the HTTP drop-down list, specify one of the following actions to be taken when an infected

Web file or object is detected:

• Quarantine file. The Web file or object is removed and placed in the malware quarantine for further research. In addition, a malware quarantine log entry is created, and depending on the nature of the malware threat, also a virus log entry or spyware log entry.

• Delete file. This is the default setting. The Web file or object is deleted, and a virus log entry or spyware log entry is created.

• Log only. Only a virus log entry or spyware log entry is created. The Web file or object is not deleted.

Select the Streaming check box to enable streaming of partially downloaded and scanned HTTP file parts to the end user. This method allows the user to experience more transparent Web downloading. Streaming is enabled by default.



Table 8. Setup Wizard Step 5: Web Security Settings (Continued)

Setting

HTTPS

Description (or Subfield and Description)

From the HTTPS drop-down list, specify one of the following actions to be taken when an infected

Web file or object is detected:




Select the Streaming check box to enable streaming of partially downloaded and scanned HTTPS file parts to the end user. This method allows the user to experience more transparent Web downloading. Streaming is enabled by default.

FTP From the FTP drop-down list, specify one of the following actions to be taken when an infected Web file or object is detected:




Scan Exceptions

From the drop-down list, specify one of the following actions to be taken when a Web file or object exceeds the size that you specify in the file size field:

• Skip. The file is not scanned but skipped, leaving the end user vulnerable. This is the default setting.

• Block. The file is blocked and does not reach the end user.

The default and maximum file sizes are as follows:

• For the STM600 and STM300, the default setting is to block any attachment larger than 10240 KB. The maximum file size that you can specify is 51200 KB.


Note:

Setting the maximum file size to a high value might affect the STM’s performance. NETGEAR recommends the default value, which is sufficient to detect the vast majority of threats.



Setup Wizard Step 6 of 11: Email Notification Server Settings

Figure 25.


Note:

After you have completed the steps in the Setup Wizard, you can make changes to the administrator email notification settings by selecting Global Settings > Email Notification Server. For more

information about these settings, see

Configuring the Email

Notification Server

on page 176.

Table 9. Setup Wizard Step 6: Email Notification Server Settings


Email Notification Server Settings

Show as Mail Sender

Send Notifications to

A descriptive name of the sender for email identification purposes. For example, enter [email protected].

The email address to which the notifications should be sent. Typically, this is the email address of a user with administrative privileges.

SMTP Server The IP address and port number or Internet name and port number of your ISP’s outgoing email SMTP server. The default port number is 25.

Mail Server Requires

Authentication

Note:

If you leave this field blank, the STM cannot send email notifications.

If the SMTP server requires authentication, select the Mail Server Requires

Authentication check box and enter the following settings:

User Name

Password

The user name for SMTP server authentication.

The password for SMTP server authentication.



Setup Wizard Step 7 of 11: Update Settings

Figure 26.


Note:

After you have completed the steps in the Setup Wizard, you can make changes to the security subscription update settings by selecting Administration > Software Update. For more information about these settings, see

Updating the Software

on page 71.



Table 10. Setup Wizard Step 7: Update Settings

Setting

System Information


You cannot configure this section; it is shown for information only. For the software, scan engine, (signature) pattern file, and operating system (OS), the current version and the date of the last update are displayed.

Click + More to display the versions and most recent downloads for the antispam engine, applications engine, applications pattern file, stream engine, stream pattern file, mini engine, mini pattern file, policyd, scand, urld, update client, and rescue software.

Update Settings

Update From

Update Component

Select one of the following radio buttons:

• Default Update Server. The scan engine and signatures are updated from the

NETGEAR default update server.

• Another Update Server. The scan engine and signatures are updated from a server that you specify by entering the server IP address or host name in the Server Address field.

Server Address The update server IP address or host name.

Make one of the following selections from the drop-down list:

• Update Signature Patterns only. Only the (signature) pattern file is updated. The software, scan engine, and OS are not updated.

• Update all Software and Signature Patterns. The software, scan engine,

(signature) pattern file, and OS are updated. This is the default setting.

Update Frequency

Make one of the following selections:

• Weekly. From the drop-down lists, specify the day, hour, and minutes that the update should occur.

• Daily. From the drop-down lists, specify the hour and minutes that the update should occur.

• Every. From the drop-down list, specify the frequency with which the update should occur.



Setup Wizard Step 8 of 11: HTTP Proxy Settings

Figure 27.


Note:

After you have completed the steps in the Setup Wizard, you can make changes to the security subscription update settings by selecting Global Settings> HTTP Proxy. For more information about these settings, see

Configuring the HTTP Proxy Settings

on page 60.

Table 11. Setup Wizard Step 8: HTTP Proxy Settings

Setting

HTTPS Proxy Settings

Use a Proxy Server to

Connect to the Internet


If computers on the network connect to the Internet via a proxy server, select the

Use a Proxy Server to Connect to the Internet check box to specify and enable a proxy server. Enter the following settings:

Proxy Server The IP address and port number of the proxy server.

User Name The user name for proxy server authentication.

Password The password for proxy server authentication.



Setup Wizard Step 9 of 11: Web Categories

Figure 28.




Note:

After you have completed the steps in the Setup Wizard, you can make changes to the content filtering settings by selecting Web

Security > HTTP/HTTPS > Content Filtering. The Content Filtering

screen lets you specify additional filtering tasks and notification settings. For more information about these settings, see

Configuring

Web Content Filtering

on page 109.

Table 12. Setup Wizard Step 9: Web Categories Settings


Select the Web Categories You Wish to Block

Select the Enable Blocking check box to enable blocking of Web categories, which is the default setting.

Select the check boxes of any Web categories that you want to block. Use the action buttons in the following way:

• Allow All. All Web categories are allowed.

• Block All. All Web categories are blocked.

• Set to Defaults. Blocking and allowing of Web categories are returned to their default settings. See

Table 24

on page 85 for information about the Web categories that are blocked by default. Categories that are

preceded by a green rectangle are allowed by default; categories that are preceded by a pink rectangle are blocked by default.



Setup Wizard Step 10 of 11: Configuration Summary

Figure 29.

Click Apply to save your settings and automatically restart the system, or click Back to make changes to the configuration.


Using the Setup Wizard to Perform the Initial Configuration. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

Cancel. Cancel the operation.

Send Now. Send a file or report.

Select All. Select all entries in the table.

Delete. Delete the selected entry or entries from the table.

Enable. Enable the selected entry or entries in the table.

Disable. Disable the selected entry or entries in the table.

Add. Add an entry to the table.

Edit. Edit the selected entry.

Up. Move the selected entry up in the table.

Down. Move the selected entry down in the table.