Managing the STM’s Performance. Netgear STM600 - ProSecure Web And Email Threat Management Appliance, STM300 - ProSecure Web And Email Threat Management Appliance, STM150 - ProSecure Web And Email Threat Management Appliance

ProSecure Web/Email Security Threat Management (STM) Appliance

2.

Select the radio buttons, complete the field, and make your selections from the drop-down lists as explained in the following table:

Table 23. Quarantine Settings

Setting Description (or Subfield and Description)

Malware Quarantine Area Size Specify the maximum amount of memory in MB that is allocated to malware quarantine. This limit is cumulative for all users.

For the STM600, the default setting is 200 MB, and the maximum setting is

512 MB.

For the STM150 and STM300, the default setting is 100 MB, and the maximum setting is 512 MB.

Spam Quarantine Area Size

Quarantine Lifetime

Note:

After the limit has been exceeded, old items are automatically purged from the malware quarantine to make space for new items.

Specify the maximum amount of memory in MB that is allocated to spam quarantine. This limit is cumulative for all users.

For the STM600, the default setting is 1024 MB, and the maximum setting is 2048 MB.

For the STM150 and STM300, the default setting is 512 MB, and the maximum setting is 1024 MB.

Note:

After the limit has been exceeded, old items are automatically purged from the malware quarantine to make space for new items.

Specify how long items remain in quarantine before being automatically purged. The default setting is 15 days. The maximum setting is 30 days.

3.

Click Apply to save your settings.

Note:

For information about how to view and manage the quarantine files,

see

Viewing and Managing the Quarantine Files

on page 208.

Managing the STM’s Performance

Performance management consists of controlling the traffic through the STM so that the necessary traffic gets through when there is a bottleneck and either reducing unnecessary traffic or rescheduling some traffic to low-peak times to prevent bottlenecks from occurring in the first place.

If you want to reduce traffic by preventing unwanted emails from reaching their destinations or by preventing access to certain sites on the Internet, you can use the STM’s content filtering feature. By default, this feature is disabled; all requested traffic from any website is allowed with the exception of Web content categories that are mentioned in

Default Email and Web Scan Settings

on page 85.

82 | Chapter 3. Performing Network and System Management

ProSecure Web/Email Security Threat Management (STM) Appliance

You can adjust the following features of the STM in such a way that the traffic load on the

WAN side decreases.

•

Email content filtering. To reduce incoming email traffic, you can block emails with large

attachments, reject emails based on keywords, file extensions, or file names, and set spam protection rules. There are several ways you can reduce unwanted email traffic:

-

Setting the size of email files to be scanned. Scanning large email files requires

network resources and might slow down traffic. You can specify the maximum file or message size that is scanned, and whether files that exceed the maximum size are skipped (which might compromise security) or blocked. For more information, see

Exception Settings

on page 90.

-

Keyword, file extension, and file name blocking. You can reject emails based on

keywords in the subject line, file type of the attachment, and file name of the attachment. For more information, see

Email Content Filtering

on page 94.

-

Protecting against spam. Set up spam protection to prevent spam from using up

valuable bandwidth. For more information, see

Protecting Against Email Spam

on page 97.

•

Web content filtering. The STM provides extensive methods to filter Web content in

order to reduce traffic:

-

Web category blocking. You can block entire Web categories because their content

is unwanted, offensive, or not relevant, or simply to reduce traffic. For more

information, see

Configuring Web Content Filtering

on page 109.

-

File extension blocking. You can block files based on their extension. Such files can

include executable files, audio and video files, and compressed files. For more

information, see

Configuring Web Content Filtering

on page 109.

-

URL blocking. You can specify URLs that are blocked by the STM. For more

information, see

Configuring Web URL Filtering

on page 116.

-

Web services blocking. You can block Web applications such as instant messaging,

media, peer-to-peer, and tools. For more information, see

Configuring Application

Control

on page 127.

-

Web object blocking. You can block the following Web component types: embedded

objects (ActiveX, Java, Flash), proxies, and cookies; and you can disable Java scripts. For more information, see

Configuring Web Content Filtering

on page 109.

-

Setting the size of Web files to be scanned. Scanning large Web files requires

network resources and might slow down traffic. You can specify the maximum file size that is scanned, and whether files that exceed the maximum size are skipped (which

might compromise security) or blocked. For more information, see

Configuring Web

Malware Scans

on page 107.

For these features (with the exception of Web object blocking and setting the size of files to be scanned), you can set schedules to specify when Web content is filtered (see

Configuring Web Content Filtering

on page 109) and configure scanning exclusions and

access exceptions (see

Setting Scanning Exclusions and Web Access Exceptions

on page 130). You can use the STM’s monitoring functions to assist you with performance

management (see

Monitoring Real-Time Traffic, Security, Statistics, and Web Usage

on page 184).

Chapter 3. Performing Network and System Management | 83