Summary of the content on the page No. 1
ProSecure Unified Threat
Management (UTM)
Appliance
Reference Manual
350 East Plumeria Drive
San Jose, CA 95134
USA
October 2012
202-10780-03
v1.0����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
Summary of the content on the page No. 2
ProSecure Unified Threat Management (UTM) Appliance Support Thank you for choosing NETGEAR. After installing your device, locate the serial number on the label of your product and use it to register your product at https://my.netgear.com. You must register your product before you can use NETGEAR telephone support. NETGEAR recommends registering your product through the UTM’s Registration screen (see Register the UTM with NETGEAR on page 65). You can also register your product through the NET
Summary of the content on the page No. 3
ProSecure Unified Threat Management (UTM) Appliance 202-10780-03 1.0 October 2012 (continued) (continued) (continued) (continued) • Added Appendix C, 3G/4G Dongles for the UTM9S and UTM25S. • Added many more default values to Appendix H, Default Settings and Technical Specifications. 202-10780-02 2.0 May 2012 • Updated the main navigation menus and configuration menus for many figures in the manual to show consistency in the presentation of the web management interface (GUI). • Updated the
Summary of the content on the page No. 4
ProSecure Unified Threat Management (UTM) Appliance 202-10780-01 1.0 September 2011 • Added the UTM9S with the following major new features: - xDSL module (see Chapter 1, Introduction and Chapter 3, Manually Configure Internet and WAN Settings) - Wireless module (see Chapter 1, Introduction and Appendix B, Wireless Network Module for the UTM9S and UTM25S) - ReadyNAS integration, quarantine options, and quarantine logs (see Connect to a ReadyNAS and Configure Quarantine Settings, Query and M
Summary of the content on the page No. 5
Contents Chapter 1 Introduction What Is the ProSecure Unified Threat Management (UTM) Appliance? . . 15 Key Features and Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Multiple WAN Port Models for Increased Reliability or Outbound Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Wireless Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 DSL Features . . . . . . . . . . . . .
Summary of the content on the page No. 6
ProSecure Unified Threat Management (UTM) Appliance Web Management Interface Menu Layout . . . . . . . . . . . . . . . . . . . . . . . . . 44 Use the Setup Wizard to Perform the Initial Configuration. . . . . . . . . . . . . 47 Setup Wizard Step 1 of 10: LAN Settings. . . . . . . . . . . . . . . . . . . . . . . . 48 Setup Wizard Step 2 of 10: WAN Settings . . . . . . . . . . . . . . . . . . . . . . . 51 Setup Wizard Step 3 of 10: System Date and Time. . . . . . . . . . . . . . . . 54 Setup Wizar
Summary of the content on the page No. 7
ProSecure Unified Threat Management (UTM) Appliance Manage the Network Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 Change Group Names in the Network Database . . . . . . . . . . . . . . . . .115 Set Up Address Reservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116 Configure and Enable the DMZ Port . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Manage Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Summary of the content on the page No. 8
ProSecure Unified Threat Management (UTM) Appliance Chapter 6 Content Filtering and Optimizing Scans About Content Filtering and Scans. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 Default Email and Web Scan Settings . . . . . . . . . . . . . . . . . . . . . . . . . 193 Configure Email Protection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 Customize Email Protocol Scan Settings . . . . . . . . . . . . . . . . . . . . . . . 194 Customize Email Antiv
Summary of the content on the page No. 9
ProSecure Unified Threat Management (UTM) Appliance RADIUS Client and Server Configuration. . . . . . . . . . . . . . . . . . . . . . .310 Assign IP Addresses to Remote Users (Mode Config). . . . . . . . . . . . . . .312 Mode Config Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312 Configure Mode Config Operation on the UTM . . . . . . . . . . . . . . . . . .312 Configure the ProSafe VPN Client for Mode Config Operation . . . . . .319 Test the Mode Config Conn
Summary of the content on the page No. 10
ProSecure Unified Threat Management (UTM) Appliance Configure User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 Set User Login Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 Change Passwords and Other User Settings. . . . . . . . . . . . . . . . . . . . 408 DC Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 Configure RADIUS VLANs . . . . . . . . . . . . . . . . . .
Summary of the content on the page No. 11
ProSecure Unified Threat Management (UTM) Appliance View the Active PPTP and L2TP Users . . . . . . . . . . . . . . . . . . . . . . . .501 View the Port Triggering Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502 View the WAN, xDSL, or USB Port Status . . . . . . . . . . . . . . . . . . . . . .504 View Attached Devices and the DHCP Leases . . . . . . . . . . . . . . . . . .505 Query and Manage the Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507 Ov
Summary of the content on the page No. 12
ProSecure Unified Threat Management (UTM) Appliance Appendix A xDSL Network Module for the UTM9S and UTM25S xDSL Network Module Configuration Tasks. . . . . . . . . . . . . . . . . . . . . . . 550 Configure the xDSL Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 Automatically Detecting and Connecting the xDSL Internet Connection . 553 Manually Configure the xDSL Internet Connection . . . . . . . . . . . . . . . . . 556 Configure the WAN Mode . . . . . . . . . .
Summary of the content on the page No. 13
ProSecure Unified Threat Management (UTM) Appliance Appendix D Network Planning for Dual WAN Ports (Multiple WAN Port Models Only) What to Consider Before You Begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . .622 Plan Your Network and Network Management and Set Up Accounts .622 Cabling and Computer Hardware Requirements . . . . . . . . . . . . . . . . .624 Computer Network Configuration Requirements . . . . . . . . . . . . . . . . .624 Internet Configuration Requirements . . . . . .
Summary of the content on the page No. 14
ProSecure Unified Threat Management (UTM) Appliance Email Filter Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661 IPS Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662 Anomaly Behavior Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662 Application Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 Routing Logs . . . . . . . . . .
Summary of the content on the page No. 15
1. Introduction 1 This chapter provides an overview of the features and capabilities of the NETGEAR ProSecure® Unified Threat Management (UTM) Appliance. This chapter contains the following sections: • What Is the ProSecure Unified Threat Management (UTM) Appliance? • Key Features and Capabilities • Service Registration Card with License Keys • Package Contents • Hardware Features • Choose a Location for the UTM Note: For more information about the topics covered in this manual, visit the Su
Summary of the content on the page No. 16
ProSecure Unified Threat Management (UTM) Appliance carry session traffic, or to maintain a backup connection in case of failure of your primary Internet connection. As a complete security solution, the UTM combines a powerful, flexible firewall with a content scan engine that uses NETGEAR Stream Scanning technology to protect your network from denial of service (DoS) attacks or distributed DoS (DDoS) attacks, unwanted traffic, traffic with objectionable content, spam, phishing, and web-bor
Summary of the content on the page No. 17
ProSecure Unified Threat Management (UTM) Appliance • Depending on the model, bundled with a one-user license of the NETGEAR ProSafe VPN Client software (VPN01L). • Advanced stateful packet inspection (SPI) firewall with multi-NAT support. • Patent-pending Stream Scanning technology that enables scanning of real-time protocols such as HTTP. • Comprehensive web and email security, covering six major network protocols: HTTP, HTTPS, FTP, SMTP, POP3, and IMAP. • Malware database containing hun
Summary of the content on the page No. 18
ProSecure Unified Threat Management (UTM) Appliance Wireless Features Wireless client connections are supported on the UTM9S and UTM25S with an NMWLSN wireless network module installed. The UTM9S and UTM25S support the following wireless features: • 2.4-GHz radio and 5-GHz radio. Either 2.4-GHz band support with 802.11b/g/n/ wireless modes or 5-GHz band support with 802.11a/n wireless modes. • Wireless security profiles. Support for up to four wireless security profiles, each with its own S
Summary of the content on the page No. 19
ProSecure Unified Threat Management (UTM) Appliance • SSL VPN provides remote access for mobile users to selected corporate resources without requiring a preinstalled VPN client on their computers. - Uses the familiar Secure Sockets Layer (SSL) protocol, commonly used for e-commerce transactions, to provide client-free access with customizable user portals and support for a wide variety of user repositories. - Allows browser-based, platform-independent remote access through a number of pop
Summary of the content on the page No. 20
ProSecure Unified Threat Management (UTM) Appliance analysis to stop both known and unknown threats. The malware database contains hundreds of thousands of signatures of spyware, viruses, and other malware. • Objectionable traffic protection. The UTM prevents objectionable content from reaching your computers. You can control access to the Internet content by screening for web services, web addresses, and keywords within web addresses. You can log and report attempts to access objectionable
